| ▲ | tzahifadida 19 hours ago |
| I think that open source licenses for complete software (such as SaaS components) for commercial entities have a one major purpose:
A marketing tactic. If I am open, it is easy to discuss it everywhere without paying for it. I think that if you are short on cash, open source is the way to go to get adoption faster. If you have endless money, then there is really no reason to open source it (except edge cases, like shared protocols, libraries, etc...) Even though it may seem harsh to apache 2.0 the code, no one will steal it since you are maintaing it, essentially paying to keep it on your turf. Reasons for not stealing:
1) Security CVEs and patches. No serious company will use it without these.
2) Bugs, if I take it I will have to fix it.
3) Merging changes. If the source is branched, I will have to get people to move to my project. Otherwise, I will have to employ people just to merge the changes all day.
4) Authority. I would argue that if you do not control the narrative of the project it is essentially similar to abandonware of the project. What would a customer/client prefer more? to use the original product or some copy of it? If you are the Authority that inspire people, they will not go to the competition. I remember in the past the open source were thought of as communists. I think that we are far from that, and big capitalist companies knows how to profit from open source (even Apache 2.0 and MIT). |
|
| ▲ | tsimionescu 18 hours ago | parent | next [-] |
| To be fair, when people worry about "stealing" their FOSS work, they don't mean someone forking their project, they mean someone outcompeting them on offering commercial infrastructure for their own project, typically launching a competing SaaS service. Of course, this is explicitly permitted and even encouraged by FOSS licenses, so calling it "stealing" is quite absurd. But it is also a real problem for a company trying to make money by selling its FOSS software. Essentially, it's pretty clear that you can't make a successful company out of selling free software. You either create a consulting company and push yourself as the expert on some free software that people want to use (what RedHat did, and to a much lesser degree of success, MySQL) or the free software has to be some enabler for your real business (like Linux is to Amazon, Google, Microsoft, and all of these other cloud companies and most of the internet, or like Java was to Sun). |
| |
| ▲ | Imustaskforhelp 18 hours ago | parent [-] | | > Essentially, it's pretty clear that you can't make a successful company out of selling free software If that is so the case, what about source available licenses similar to O'saasy. Do they work? Because personally, although I love foss, its a compromise and I am willing to make it for some of my projects if it means that I can get enough funding to work on it full time basically. | | |
| ▲ | tsimionescu 18 hours ago | parent [-] | | I don't think we know yet if these work, at least for more than 5-10 years. Mongo and Elastic are still kicking, so perhaps they do. But it's very unclear if they would have gotten where they are had they started with the current licenses. |
|
|
|
| ▲ | Imustaskforhelp 18 hours ago | parent | prev | next [-] |
| Yes obviously big tech knows how to profit from open source they (AWS) profitted so hard from redis and elasticsearch that they had to literally change their licenses similar to O'sassy's and even then people forked redis to create valkey and AWS engineers started working on it Both redis and elasticsearch got so much backlash because "not open source" when in reality, they were trying to make ends meet but also since it allowed external contributions, people who contributed felt rug pulled In the end, both of these had to revert switching to AGPL licenses. Technically I am sure that people are still competing against these servers even with AGPL because it does have freedom 0 but I think that they kind of realized that backlash was very high My opinion on the matter personally is, I value source code because I can work around it, I can see the code and audit it/ have a peace of mind. But even now, open source is severely underfunded and I think we should do something about it. We cant really expect developers to write code in any license that you want, its their code and their wish (originally) and I think these are just means where someone wants to open source but he also wants to profit from his creation just enough so that he/she can maybe work full time on it/have more employees working on it and just have it grow better which for the end users does feel better. |
| |
| ▲ | disgruntledphd2 17 hours ago | parent | next [-] | | > In the end, both of these had to revert switching to AGPL licenses. AGPL seems like the most battle tested solution here, though. You'd need a CLA from day 1, but if you have that then you can sell commercial licenses to people who won't meet the criteria for the real license. So I think it's important to differentiate between open source and free software, here. | | |
| ▲ | tzahifadida 16 hours ago | parent [-] | | I believe AGPL3 with CLA is the worst in 2025. Code can be recreated fast in 2025 especially with genAI getting better and better. The problem you'll have is the ownership of the code from day one. Today, people have concerns signing a CLA, so I am not sure redis is repeatable in that regard (though we have n8n). With Apache 2.0, if you are redis, you could have closed source the code in a few months and bury the competition. Why? because you need upgrades, you need CVE fixes, features, documentation, HA, etc... If you don't have a CLA you cannot close source AGPL3.0. Of course I am taking the stance of the company not the users here :)
The table have turned, I believe in 2025 the users should insist on using AGPL3 without signing CLA. But again, with enough cash, the code can be recreated with genAI, it is just a matter of resources. | | |
| ▲ | disgruntledphd2 13 hours ago | parent [-] | | > the code can be recreated with genAI, it is just a matter of resources. Can it though? Most interesting things (for my values of interesting at least), cannot be re-created with generative AI. Every time I try to do anything a little bit out of distribution, they fall apart (and they're not great at in-distribution stuff either). > I believe AGPL3 with CLA is the worst in 2025 I think that you mean best, as with both of these one can sell commercial licenses while remaining open. Again, from the company's point of view you get both nerd-cred and a viable business (this is what MySQL did, I believe). You don't get that with BSD/MIT. |
|
| |
| ▲ | imtringued 16 hours ago | parent | prev [-] | | I personally find it questionable when people argue that the GPL/AGPL is less free because of the code sharing requirement. On the Rust subreddit you can see people make arguments that can essentially be paraphrased as "Get a real job". Somehow the people selling primary energy, food and raw materials are allowed to make money, the hardware manufacturers to run the code on are allowed to make money, cloud providers to run code on are allowed to make money, people using your software in their business are allowed to make money and even people who have been hired at a company to submit patches and pull requests to contribute to your project are allowed to make money but you, the original maintainer/developer who kick-started the project and paid the initial investment? Suddenly you're no longer allowed to make money. You're expected to work a "real job" (see list above). You're supposed to spend time not working on the project to earn enough money so you can donate your time and money to work on the project to people who most likely couldn't care less about you and your sacrifice and since it is just plain business sense to minimize costs, you should do the same and stop working on the project. The strangest part by far is that if you'd you made your code proprietary from the get go, there wouldn't be any complaints about your GPL code not being free enough. It's a surprisingly pro proprietary code stance. | | |
| ▲ | duskdozer 15 hours ago | parent [-] | | I don't think it's strange at all - the "pure freedom" licenses intentionally don't have safeguards against exploitation of the system, which attracts those who want to take but not give back, which lines up well with proprietary software. |
|
|
|
| ▲ | Sander_Marechal 18 hours ago | parent | prev [-] |
| > Even though it may seem harsh to apache 2.0 the code, no one will steal it since you are maintaing it But that's evidently not true. Amazon has co-opted plenty of open source projects and put the squeeze on the original maintainer's SaaS offering. |
| |
| ▲ | tzahifadida 16 hours ago | parent [-] | | Look at the caveat. If you cannot control the nerrative, you are done. Code is nothing in 2025, when a few 100$ can recreate a code base. AWS could have just recreated the code if they wanted, they just didn't have to. And, with their money, they could have bought redis labs if it was too difficult. I think people are looking at it the wrong way. The license wasn't the thing holding them back, they have the cash. |
|
