Now, of course they should get paid for the work they do, but these sort of "we were FOSS and surprise we're not anymore" are becoming commonplace and are always done hoping no one notices.
Most of us prefer not to bring on a dependency in our project that is primarily designed to extract commercial value from users and is less friendly to contributors than similar open source projects.
It's like me starting the cheese initiative and trying to control what others call cheese, a job that's typically reserved for governments.
I also don't care if somebody in 1975 said "I like to be open, and I'll let anyone look at the source." Old McDonald had a farm before McDonald's was a restaurant, but that doesn't mean that if you open a restaurant called McDonald's that is decorated like a McDonald's, you're not a scammer. I know your plastic fruit is carbon-based, but if you label it as "organic" you're a thief.
If you're not trying to scam people, be creative and make up your own catchphrase for letting people look at your source code - or don't even, because the whole idea of having a branding for allowing people access (and rights to) the source is imitation of the FSF and OSI.
Like I said above, they're as official as the cheese initiative I just made up.
No government has endorsed them, and open source is not a protected name in any country I am aware of.
They're just some arrogant American organisation that expects the entire world to bend to their whim, as usual.
They have successfully convinced a generation of developers that “Open Source” is pure and holy, but a licensee that includes a term that says something like no company making more than $100 million per year can use this software for free is unclean and maybe even evil.
They don’t want alternative licenses to exist because it hurts their bottom line.
Open Source isn't a brand, it isn't a trademark, it was hijacked by OSI to enforce their specific interpretation of a phrase that was already in use. OSI wasn't founded until 1998, over a decade after the term open source software became popular and was used throughout the unix and linux communities and in businesses such as Caldera. Before OSI came up with the OSD many creators of open source software had non-compete clauses in the licence.
Although, on the other hand, "Two years after release, the license for each applicable version of Liquibase Community code reverts to Apache 2.0". So, it's like... eventually open source. Which is still misleading, as it doesn't apply to the current versions.
Liquibase and Flyway are the only major frameworks on the JVM which could be embedded into a JVM application to get rid of a sidecar or a startup process which has to run before the actual application could start.
Either just reading the "base" part and plugging some unrelated service, or claiming source available is the same as open source
"Is FSL an open source license?
No."
https://www.liquibase.com/blog/liquibase-community-for-the-f...
Liquibase has only itself to blame.
Or "open source when obsolete" because that's what it is, fundamentally. Of course, it sells less and makes it way more obvious what these delayed open source licenses are at their core: "we'd like to make people believe we respect their freedom, but are not actually convinced with giving them that".
There is this blind trust in open source model taken to a unhealthy or misguided extreme in a lot of online discussion.
A two year delay is pretty reasonable and liberal. It allow costumers that dont want to accept the new licence able to continue as-is by simply following an older version.
In my case, it's not about any open source model, it's about software freedom.
What's unhealthy is non-free software, and there's nothing extreme in having this opinion.
If you base your opinions on pure black and white tests without considering the actual tradeoffs of the license then that's blindness.
What do we do now?
> It's free for humans and 99.999% of businesses
Nope. "Free" has specific meaning in this context, this qualifier doesn't apply here. It's the whole point. If you believe it applies, you've fundamentally misunderstood the free software definition and what's at stake for the free software movement.
More specifically, the qualifier is not relative to a specific entity and what freedom it actually needs / uses at some given point in time.
I'm certainly for fundamental freedoms like the freedom of the press, even if I'm not myself a journalist.
To go further with the comparison, there's nothing in being against compromising on the freedom of the press that's blindness or being black and white (or maybe it's being black and white, but I can't see how it would be wrong).
> I'm certainly for fundamental freedoms like the freedom of the press, even if I'm not myself a journalist.
Freedom of the press has more restrictions. In particular violating an NDA in your press activities is somewhat similar in how it affects few people and is time-limited.
GPL and MIT fully fulfill the exigences of the free software definition, there's no compromise here.
Choosing between GPL and MIT may involve compromises, but we are talking about something else, you are moving the goalposts here.
(note: I kept updating my previous comment, probably while you were writing this, sorry for this)
(edit: ah, you noticed)
> Freedom of the press has more restrictions. In particular violating an NDA in your press activities is somewhat similar in how it affects few people and is time-limited.
Violating an NDA is a matter of law and contracts that can equally apply to software, it's not at the level of the fundamental right or at the level of the license.
If you are speaking about protecting one's source, then it's orthogonal (and probably also an important mechanism for) freedom of the press.
> it's not at the level of the fundamental right or at the level of the license.
I would say the ability to run a competing business within two years is less fundamental than the ability to talk about what you saw at your former job.
Also what are you saying about "not at the level"? It overrides the fundamental right, but people accept that.
Isn't two years of security patch lag a big deal?
Also I feel like "obsolete" is the wrong word for that.
Company personhood and its implications and restrictions differ from jurisdiction to jurisdiction, and in countries like the USA the exact definition is still a matter up for debate.
I wonder if a project which uses Liquibase can be included in Debian, Fedora, etc.? Since these projects also have requirements on OSS licenses for the software they distribute.
Cannot be included in the main repositories, but nothing stops them from being part of other repositories (custom, or if something like rpm fusion non-free exists for Debian based distros as well).
1. They co-opted the free software movement and made it more business friendly.
2. They convinced people that Open Source is pure and software that isn’t Open Source is unclean.
3. They convinced a bunch of developers that their definition of Open Source that was specifically crafted to protect business interests is canon.
4. They convinced a well meaning subset of those developers to police the other devs and pressure them to release their software under big tech approved licenses.
‘The word "free" in our name does not refer to price; it refers to freedom. First, the freedom to copy a program and redistribute it to your neighbors, so that they can use it as well as you. Second, the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.’
Giant trillion dollar conglomerates repackaging and selling a product backed by free labor without contributing back wasn’t something they were contemplating back then.
Somehow the service+infra is the same cost or cheaper then buying the infra alone and trying to deploy the open source version to it.
I think it's very intentional that a restriction on what you can do with software -- including reselling it -- is a violation of the "four freedoms" -- freedoms for what someone can do with software, including redistribute it or use it for any purpose they want (including reselling it).
These licenses meant to prohibit users from using the software in ways that harm the business interests of the programmers -- I am confident the original creators of free software four freedoms would agree they are not free software. It is very intentional that they were saying the freedom of users to do what they want with software should not be limited for the convenience of the business interests of those who wrote the software.
This license isn’t about users. If you are repackaging and reselling software you are no longer the end user, you are a vendor. Your customers are the end user.
This license in particular isn’t my favorite, but I’m totally fine in theory with licenses that attempt to patch loopholes exploited by bad actors.
In the Free Software community, this line was always blurry, almost non-existent even.
Even if the receiver of the Free Software package is not a programmer by any definition, at worst case, they can ask for a friend to patch something up, and if a friend wanted his patched version, the modified source code has to move with the software package.
Open Source software can block even this simple pathway by not giving back the modified source from friend to the user, creating a dependency. It'd be heartless to do this between two friends, but companies will happily do that.
My most vivid example of this is SDKs for hardware. Half of the API is open, but the patched version of the (open source) libraries cost $2K+, several NDAs and allegiance to company for the rest of your life or you can be sent to a concentration camp operated by an alliance of companies doing the same thing.
...and this is just for a small biometric scanner you happen to find on a piece of 10 year old discarded tech.
> Actually, we encourage people who redistribute free software to charge as much as they wish or can. If a license does not permit users to make copies and sell them, it is a nonfree license.
- Open Source software is about developer freedom.
- Free Software is about user freedom.
this is absolutely right, and the OSI has been successfully captured by these companies
would RedHat be able survive to IPO these days? I very much doubt it (see: Oracle Linux)
a new term is needed, "Open Source" is no longer fit for purpose in a world where the hyperscalers exist
"Fair Source"?
The GNU Project and Richard Stallman, who made this statement, would agree that it's not free under even this earliest definition. They in-fact made it even clearer when they defined freedom of "use" as the distinct 0th freedom eventually to make it even clearer that being able to use the software freely is fundamental to their idea of freedom. Again, freedom isn't about price, it's about usage, availability, redistribution and lack of restrictions on this. I cannot freely redistribute FSL licensed code under the original definition of free software.
"Giant trillion dollar conglomerates repackaging and selling a product backed by free labor without contributing back wasn’t something they were contemplating back then."
Yes, the GNU project were acutely aware of this and designed the GPL licenses around such scenarios - they just didn't design it for SaaS businesses, where if you redistribute the built program externally after modifying it but only distributed its responses over a network, you technically weren't obligated to open source that modification. AGPL resolved this issue, and has more case law behind it than this 2 year old license, and has certainly less daunting implications than a not legally well defined 'competing purpose'.
Wrt to the legal concerns with AGPL, they're not actually that it wouldn't provide any protection, but rather that it might offer the originally distributing entity too much power: legal power to declare all software used in the stack to produce a network request MUST be made source available. I have not seen any lawyer concerned with whether or not Amazon would be able to bypass its protections, and the license was made by lawyers to clearly provide protection. Did you create this legal theory yourself? Because I've not seen any writing from a lawyer on the internet that suggests that Amazon could firewall themselves off in a friendly jurisdiction under any reading of the license, and I read a lot of AGPL lawyerblogging.
Sentry, the company who created FSL, even states that this license restricts user freedom explicitly - for the sake of the business interests of the original developer.
So summing up.. Richard Stallman, the FSF, the GNU Project, the OSI, the creators of the FSL, the company now currently using FSL, all agree that this source available license does not meet the definition of "free software". So, whose definition are we using out of thin air?
You’re free to distribute it to your neighbors for free for any purpose. You’re free to distribute it for a fee for almost any purpose save one. You just can’t commercialize it as a competing product.
“Source available” again calling this source available is disingenuous. You’re deliberating using the least free term that is technically accurate.
This isn’t my favorite license, but it provides a lot more freedoms than merely looking at the source code.
With respect to AGPL providing “too much control”. That is a valid and likely reason for courts to find it unenforceable.
So it does not meet the original free software's required freedoms, and is therefore not free software?
>“Source available” again calling this source available is disingenuous. You’re deliberating using the least free term that is technically accurate.
No, the source is available to read and the software is not free based on the historical definitions you're providing, unfortunately. Happy to understand from a different lens, but Stallman specifically meant freedom in the way even FSL writers agreed with.
Also, please refrain to using commonly used terms in the common way as 'disingenuous', it doesn't lead to interesting discussion and is how these threads end up needing to be patrolled by dang: https://news.ycombinator.com/newsguidelines.html
>With respect to AGPL providing “too much control”. That is a valid and likely reason for courts to find it unenforceable.
So, this is a personal non-legal theory that does not have a basis in jurisprudence, then? GPLv3 is proven as enforceable, and is what AGPL is based on. No court in any legal system would throw away a license based on giving "too much control". That's just not how copyright or licensing contracts work. You may want to disclaim conjectures like this with IANAL..
Then defend a source available license designed by a company that describes the license as intended for prioritizing business needs over user freedom and used, and is often brought out when businesses decide to switch a more available license to one that restricts commercial activity, co-opting public contributions that would otherwise never happened
INSTEAD of promoting copyleft licenses such as AGPL, seems a bit odd. We care about freedom, in every use case.
AGPL isn’t battle tested enough for me to be confident it will protect against big tech doing big tech things like spinning off a separate company in Ireland to firewall AGPL software.
What does it matter if they do? The point of the AGPL is that if you make a version available to users over the network, either you release the source to your version or you can't use it. That subsidiary could still be made to release the source or stop using it. Wouldn't that be "mission accomplished?"
I'm not sure what's bad about 2. What's quite bad however IMHO is the push to use permissive licenses and the anti (A)GPL FUD that these big tech companies spread. Of course it is very convenient to them that every library under the sun is under MIT or BSD, so they can built proprietary software more efficiently.
Note: the OSI recognizes the AGPL as an open source license so at least the set of "big tech approved licenses" is not the same set as the OSI approved licenses.
[1] https://www.gnu.org/philosophy/open-source-misses-the-point....
AGPL hasn’t been thoroughly tested in the courts, so it’s unclear how much protection it offers. It’s not beyond someone like Amazon to setup a new company just firewall off AGPL software.
If I'm not mistaken, Apple would rather avoid touching anything GPLv3 with a ten foot pole. They are among the biggest tech companies in my mind.
Anybody seems fine with GPLv2 though. But GPL is less convenient than permissive licenses.
Of course, you can still indeed build services with GPL software without redistributing the modifications, which is the point of the AGPL.
> It’s not beyond someone like Amazon to setup a new company just firewall off AGPL software.
I suppose so. However, this would work as intended: the Amazon firewall company would need to redistribute the improvements.
Also, do you have examples of this happening? (not arguing, actually genuinely curious)
I think this poster created the legal theory themselves because they were aware of other legal concerns with the AGPL affecting the above scenario. I've read a lot of legalblogging about AGPL, and none bring up this as even a remote possibility, because unless you think GPLv3 case law is somehow irrelevant then you don't think AGPL will be simply bypassed.
One last thing: I'm surprised the poster was concerned about AGPL being untested, despite it using GPLv3, and not that FSL has only existed for 2 years and has 0 case law surrounding.
If I understand correctly what you say, this is one of the main concerns with the SSPL because of the following [1]:
> The SSPL is based on the GNU Affero General Public License (AGPL), with a modified Section 13 that requires that those making SSPL-licensed software available to third-parties (modified or not) as part of a "service" must release the source code for the entirety of the service, including without limitation all "management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available", under the SSPL.
I'm not familiar with this concern for the AGPL itself.
So far this contagion concern hasn't actually played out, and big corporations/hyperscalers are often using AGPL software somewhere in their stack if they're using common Linux distros - and nothing thus far has been compelled to be open sourced that isn't AGPL software.
This might be insightful about the concerns as well as why lawyers still think it's straightforward: https://www.opencoreventures.com/blog/agpl-license-is-a-non-...
https://discuss.logseq.com/t/on-the-agpl-license-and-the-ide...
https://writing.kemitchell.com/2021/01/24/Reading-AGPL
(not a lawyer): https://drewdevault.com/2020/07/27/Anti-AGPL-propaganda.html
Oh yeah, I have encountered this argument before, indeed. Thanks for the pointers btw. I do agree with Drew (your last link) here. I think it's part of the FUD from Google & Co I mentioned in my first comment in this thread.
> big corporations/hyperscalers are often using AGPL software somewhere in their stack if they're using common Linux distros
Do you have specific software in mind? What's AGPL in a common Linux distro? I'm asking because this surprises me. AGPL isn't usually used for something that's not a internet service, I wouldn't expect to find it in Linux distros' basic blocks.
Oh I agree! And I think it's straightforward to comply with.
I was just explaining the common legal concerns that pop up with the license, and that too much 'contagion' has historically been a gripe about its lack of case law.
An AGPL enforcement would require the court to interpret its virality which is an open question before even deciding whether a violation occurred.
The potentially overreaching nature of AGPL is one reason it maybe unenforceable. On the other hand if courts lean towards the less viral interpretation Google could get around these issues by modding an AGPL project to run on their proprietary hardware that no one has access to and then simply releasing the modified source code.
Well I guess they could today, I don't see the AGPL preventing them to. As long as the modified source is available under the AGPL I suppose they'd be good to go.
A license that forces someone to release software for specific hardware would be non-free I suppose.
I don't see this being practical though. Running proprietary hardware just for this reason would likely be costly, and not really efficient: someone could restore support for general hardware from upstream / only keep the interesting changes.
In US courts, the case law shows that the "virality" is not really an open question because of GPLv3 case law, and has never been interpreted that way. I'm not sure why you're commenting about this scenario when you're unaware that this has been actually tried in courts.
In fact, we saw that in infamous Neo4j AGPL case, actually. Which went on to protect non-GPL compliant additions that Neo4j made as being considered contagious, even.
So, just recapping, you've gone from stating that Amazon could firewall off AGPL because it has no case law, and after learning it does has its case law includes GPLv3 that it simply may not be 'viral' enough because that hasn't been tested in court, to now learning it has been tested in court and successfully enforced. Excited to hear the next legal conjecture!
They adopted the existing Debian Free Software Guidelines as the Open Source Definition. The DFSG are good, actually, and represent an important community consensus outside the FSF.
Also if you read the original DFSG the clause about field of endeavor has been interpreted by OSI differently from the intent.
It was about saying your license can’t prevent an end user of your software from using it for a specific purpose. It really says nothing about restrictions on how you can sell the software.
The problem is OSI is now the sole interpreter of the definition.
Debian (and most other distributions, btw), for the most part (or entirely, I suppose), agrees with the FSF / the GNU project when deciding which license is free or non free. The OSI has a more permissive interpretation.
RMS speaks about that in a recent interview in French [1], English translation below:
> La FSF a financé Debian à son commencement. Mais rapidement, le projet, qui comptait plus de contributeurs, a voulu formuler une définition de la liberté différente, avec l’intention d’être équivalente.
> À l’époque, j’ai commis une erreur : j’aurais dû vérifier plus attentivement s’il pouvait y avoir des divergences d’interprétation entre le projet GNU et Debian. La définition me paraissait équivalente, même si elle était formulée autrement. J’ai dit : “C’est bon.” Mais en réalité, il y avait des problèmes potentiels.
> Plus tard, quand l’open source a émergé, ils ont repris la définition de Debian, je ne sais plus s'il ont changé quelques mots mais ils ont surtout changé l’interprétation. Dès lors, elle n’était plus équivalente à celle du logiciel libre. Il existe aujourd’hui des programmes considérés comme “open source” mais pas comme logiciels libres, et inversement.
> J’ai d’ailleurs expliqué ces différences dans mon essai Open Source Misses the Point.
English translation (not a native English speaker, I hope the translation is ok, especially considering that RMS is close to his words and it's probably easy to misrepresent him without noticing):
> The FSF funded Debian at its beginnings. But rapidly, the project, gaining more contributors, wanted a different phrasing for the definition of freedom, which the intent of being equivalent.
> Back then, I made a mistake: I should have checked more carefully if there could be different ways to interpret it between the GNU and the Debian projects. The definition seemed equivalent to me, even if it was phrased differently. I said: "OK". But in reality, there were potential issues.
> Later, when Open Source surfaced, they took Debian's definition, I don't know if they changed a few words but they above all changed the interpretation. Since then, it was not equivalent to the free software definition anymore. There exist open source software that's not free software, and conversely.
> By the way, I explain all this in my Open Source Misses the Point essay.
[1] https://linuxfr.org/news/40-ans-pour-l-informatique-libre-en...
https://web.archive.org/web/20120620103603/http://zedshaw.co...
> Why I (A/L)GPL
> Open source to open source, corporation to corporation.
> If you do open source, you’re my hero and I support you.
> If you’re a corporation, let’s talk business.
> I want people to appreciate the work I’ve done and the value of what I’ve made.
> Not pass on by waving “sucker” as they drive their fancy cars.
https://zedshaw.com/blog/2022-02-05-the-beggar-barons/
> To the Beggar Baron, open source's value is its free donation.
> You would never stand on the street and offer to buy the wallets off people who are about to donate a few dollars to you. That'd be stupid.
> They're giving you their money for free. Take it and run.
Always slap AGPLv3 onto everything you make. Always choose the most copyleft license imaginable. Permissive licenses yield zero leverage. It's either AGPLv3 or all rights reserved. Nothing else makes sense.
The solution isn't always swinging super-far in the other direction.
That being said, commercially supported OS software has essentially become shareware - just enough to get you hooked, and then the price jump is enormous.
The rest of your comment mainly seems to be a mixed bag of rhetoric. It obscures the reality that Liquibase is, to modify your words, "co-opting the" open source movement to make it "more business friendly."
The freedoms were about freedom for the user not a non user developer.
1. They certainly came from the free software movement, but they don't call it "free software", they call it "open source". It is a detail but the name acknowledge the distinction, "open source" is a more practical term while "free software" is more idealistic. And I think it is a good thing we have both a business friendly OSI for getting stuff done and a more militant FSF to keep businesses in check.
2. I never needed this convincing so I may be biased, but open source is I believe superior to proprietary. Think of the source code as documentation, the best kind because it tells the truth. Think of the ability to change and rebuild the software as unlimited extra settings you get for free.
3. Their definition of open source is as much canon as the definition of free software by the FSF is canon.
4. Most developers aren't lawyers, we can't really trust them to pick licenses, or worse, write licences that will do what they think will do. So having an approved list of well tested license is a good thing.
That big tech and big money is behind it is not a bad thing. Developers want to get paid after all. Big tech have the best lawyers too, so by picking a licence they acknowledge, you know what you are up to.
And note that some of the OSI approved licenses, like AGPL are particularly hated by big tech.
All you have to do is look at the name of the company on the building ...it still says Microsoft folks
"Since 2017, Microsoft is one of the biggest open source contributors in the world, measured by the number of employees actively contributing to open source projects on GitHub, the largest host of source code in the world." [1]
I have nothing against someone trying to monetise useful software. However, switching from an open-source software (OSS) licence is essentially a bait-and-switch tactic. This immediately destroys trust. It also destroys the part of the user base that is difficult to monetise but still has the potential to be monetised. I was hoping that the Elastic and TerraForm debacles had taught people a lesson.
Flyway is also questionable at this point. If Liquibase is switching, what's to stop Flyway?
Unless a fork is happening, I'm considering creating my own migration library tailored to our actual needs and usage. It should not be so hard. Liquibase was more of a convenience.
sam_lowry_•3h ago
Paying a license and playing by the rules of a myriad licenses is a chore even for those who can afford it.
iLoveOncall•3h ago
Arkan•3h ago
sam_lowry_•3h ago