I understand that it's not open source. I just see it as like, a spot where a company that would normally make a closed source product wanted to make it more open and hackable and did actually put the code up and take contributions, which should be a kind of good thing, but it's automatically assumed to be the worst, a rugpull, etc. What if I operated in an ethical gray area right around this pretty reasonably worded term?

▲

jchw 12 hours ago | parent [-]

I was trying to make the point that "unfree" software is not really useful at all to the "open source" community, and not because of terminology nitpicking but because of the consequences that has.

But anyway, my problem with a license like this is indeed the existence of gray areas. Open source licenses are in some ways clever attempts to make a social contract into a legal obligation. It isn't perfect, but the side effect is that you don't have to take it on faith that people will follow it: people can be sued for violating it, and depending on how that Vizio case goes, it's not just the copyright holders who are eligible.

But that's a two way street. In return, I shouldn't have to take in on faith that my use case is legal according to the copyright license: it should be clear as day with no room for interpretation. If it's not, then my best hope is to simply never get sued. That is not good. Hope is not a strategy here, not for individuals and not for corporate users.

Business/"fair" licenses seem to offer a good compromise, but it's a mirage: the software still has to be treated a bit like toxic waste in Linux packaging, won't be compatible with strong copyleft licenses, and ultimately, presents an uneven playing field for contributors.

There isn't much to be excited about from a hacking PoV.

With projects like these, you're probably already going to be submitting your code under an unconditional CLA, which essentially forfeits your rights as a contributor, then if it's this license, you also are giving the original copyright owner more rights to use your contribution than you even have.

I don't think this is a good or healthy status quo at all.

The only upside of this is that it protects someone's business model from competition. Well good for them.

But making the license look like MIT is just a bit of cosplay, yet another attempt to try to push something as being open source when it's not. This cognitive dissonance can't go unnoticed; it really does trick people if they don't fully think through the consequences. You're better off going with a license that makes no attempt to pass itself off as open source.

▲

jrowen 5 hours ago | parent [-]

Before this O'Saasy situation, I hadn't fully understood how much ideological purity was baked into the the term "open source," which to be fair is not really implied by such a general term.

I still feel like it would be a happier world if open source was more of an umbrella advocacy organization containing free software and source available, but now I understand that that's not going to happen.

▲

pseudalopex 3 hours ago | parent | next [-]

Some day you may understand you dismissing a practical concern does not make it ideological.

▲

jrowen 2 hours ago | parent [-]

I'm not the one dismissing anything. I'm arguing for tolerance, goodwill, and cooperation. There are lots of practical concerns in life, there are tradeoffs, there is balance.

A few days ago you said "the impression the different groups have different ideals is correct." You've spoken mostly in mystical aphorisms so it's been hard to glean much.

	▲	pseudalopex 32 minutes ago \| parent [-]
		> I'm not the one dismissing anything. This statement was false. > I'm arguing for tolerance, goodwill, and cooperation. These qualities are not absent because people differentiate source available and open source. And you continued today to argue these qualities should be expressed by changing the meaning of open source. > A few days ago you said "the impression the different groups have different ideals is correct." Your point was what? You thought a group had ideals meant a group's only motivation was ideological purity? > You've spoken mostly in mystical aphorisms so it's been hard to glean much. No. And several other people communicated similar ideas.

▲

jchw an hour ago | parent | prev [-]

The only major ideological component of this matter is that both the free software movement and the open source movement are concerned with the rights of end users, not the sustainability of businesses. That's really it. Open source has always been much less focused on ideology and more on practicality; I reckon that's part of why it is the more prevalent movement in the first place.

But just because it's not about ideological purity, that doesn't mean it can just be a lawless free for all, because it would essentially destroy the utility of open source in the first place. Please read this sentence carefully and understand the implications, it is extremely important: The AGPL is a less permissive license than O'Saasy, yet it is an actual true open source license. This is not because of ideology. This is because open source doesn't practically work without the constraints in the definition.

I already listed some serious practical concerns, along with the problem that it disturbs the balance between contributors that makes open source work on a social level. However, I honestly feel like it's just scratching the surface. If you keep itching at the practical implications, it only gets worse from there.

For example, let's say there are two MIT licensed projects. One of them wants to adopt code from the other. No problem at all: just copy it in and make sure to have the correct copyright notices attached. Done.

Now, let's say you have two projects with the O'Saasy license. Uh oh: this doesn't "just work" anymore, because there are two "original Licensors" and this clause conflicts with itself in the two different invocations.

If you can't even share code between projects with the same damn license, I really feel like your argument for how this still totally counts as open source is just weak as all hell.

Now I get that some people take issue with the fact that there even is a socially-held definition of what "open source" means, but if there wasn't, and it was a total free-for-all, the communal nature of open source simply wouldn't work. And the irony of all of this is that part of the reason why so many SaaS companies want to release their projects as open source is because of how amazing it is for their PR and early adoption. And that has happened because of the careful coordination of the open source definition, to try to gatekeep the movement. Not for ideological reasons, but literally to ensure that the utility of the concept is able to be fully realized.

It isn't a huge deal if shared source, source available, "fair source" or whatever else people want to exist exists. In fact, it's much better if we don't dilute the meaning of open source with stuff that is so practically different anyways. And if the concept of shared source projects is really so enticing, it should be able to gain relevance the same way open source did.

Of course, in reality, if we stop pretending and playing devil's advocates for five whole minutes, we can all admit to ourselves that companies that would use these licenses usually have very good reason to worry about their business model and the odds are very good that the software will either be unavailable or significantly more closed off down the road.

Some will argue that this isn't a rug pull. After all, it's free and you're entitled to nothing. And I do actually agree with that "you're entitled to nothing" part, but the trouble is when you start trying to take the valuable brand of a movement like open source as a marketing tool only to pull the rug later. And yes, it is a rug pull. Whether it's legal or perhaps even fair, it's still a rug pull. Like if I pull a homeless guy off the street and offer him a bed to sleep in and food, then cut it off abruptly 6 months later, most people would definitely see how it is totally reasonable for me to not have to indefinitely bear the burden of trying to support this person. The trouble isn't that they deserve my financial support, it's that I offered it and then simply abruptly cut it off. That's a rug pull. That's what MinIO did: they gave us an option under the same pretenses we've enjoyed software like Linux or PostgreSQL under, then decided to just simply discontinue it. No warning, it was just gone. Either pay for AIstor or your production infrastructure is now running unsupported code that will not be patched. Hope you didn't use it anywhere important. ("If you used it somewhere important, why not pay?" Sure. Now tell that to e.g. non-profits with shoestring budgets that chose open source because they couldn't afford anything else.)

And, I honestly believe that these unfair CLAs that allow this behavior have done immense damage to the "brand" of open source. It isn't just a niche thing: almost every startup does it now. Very few organizations use more reasonable CLAs that answer practical concerns while still ensuring that contributors are not taken advantage of. Even fewer organizations stick to just DCOs that fulfill the minimal legal obligations. Most of them are doing the same thing, for the same reason. And I'm sure that the founders may genuinely believe that they have no intention of hitting the big red button unless they need to, but I think it's fair to say that ignorance is not a good excuse here. We've seen this game play out too many times.

The "open source but not" license is just another extension of this awful practice, and it only serves to muddy the waters. We should celebrate rather than mourn the fact that open source has gatekeepers trying to ensure that the term doesn't wind up fucking meaningless in a pursuit to burn as much VC money as fast as possible so already well-off dudes can get richer. Ideological purity is mostly not of interest to me, other than my belief that open source should be about the rights of users. Other than that, the problems here are purely practical, and the practical problems are quite severe.

So what should SaaS companies do, then?

- If they really want to be truly open source, they should release code under the AGPL. The major cloud providers are immune to even touching AGPL code anyways, but even if they decide to stop pushing dumb FUD, for all it's faults, AGPL would ensure that they can't just run with it; they have to contribute their changes upstream.

- If they actually just like the practical utility offered by developers having source code access, they can release the software not under an open source license. Since the code isn't of use to the open source community, it doesn't matter much if it's a "shared source" license or not; a traditional EULA is just as fine, and doesn't feel like it is masquerading as if it's part of the open source ecosystem.

- Or just simply don't even release the source. There is plenty of closed source software in the world and I really don't think most open source advocates are even bothered by this.

- If you use a CLA with your "truly" open source project, choose one that has a legally-binding guarantee that the code remains "open". That way, you use a CLA for all of its practical uses while being able to reassure contributors that they're not being manipulated.

(P.S.: I realize that the focus on contributors also is bothersome to some, considering how few external contributors many projects wind up with. However, contributions, IMO, are a major part of what makes open source tick, and the value of contributions is not weighed in the number of lines of code they diff. I really think creating an environment where contributors feel like they've been duped would do serious harm to the open source ecosystem. Or rather, already has.)

This is all very difficult for people to grasp because there are many who simply haven't managed to understand how serious the implications really are, or perhaps they have a vested interest in not seeing it. But I promise you, the "ideological purity" bit here is a red herring. I sincerely do not believe open source would work if there were such vastly different concepts under the same label. From a literal standpoint, it's easy to see "MIT with just one clause added" and not see how that's not "open source", but it's entirely about what the clause practically means that makes it such a huge problem for us.