Startups Are Going 'Fair Source' To Avoid Pitfalls of Open Source Licensing (techcrunch.com) 82
An anonymous reader quotes a report from TechCrunch: With the perennial tensions between proprietary and open source software (OSS) unlikely to end anytime soon, a $3 billion startup is throwing its weight behind a new licensing paradigm -- one that's designed to bridge the open and proprietary worlds, replete with new definition, terminology, and governance model. Developer software company Sentry recently introduced a new license category dubbed "fair source." Sentry is an initial adopter, as are some half dozen others, including GitButler, a developer tooling company from one of GitHub's founders. The fair source concept is designed to help companies align themselves with the "open" software development sphere, without encroaching into existing licensing landscapes, be that open source, open core, or source-available, and while avoiding any negative associations that exist with "proprietary." However, fair source is also a response to the growing sense that open source isn't working out commercially.
"Open source isn't a business model -- open source is a distribution model, it's a software development model, primarily," Chad Whitacre, Sentry's head of open source, told TechCrunch. "And in fact, it places severe limits on what business models are available, because of the licensing terms." Sure, there are hugely successful open source projects, but they are generally components of larger proprietary products. Businesses that have flown the open source flag have mostly retreated to protect their hard work, moving either from fully permissive to a more restrictive "copyleft" license, as the likes of Element did last year and Grafana before it, or ditched open source altogether as HashiCorp did with Terraform. "Most of the world's software is still closed source," Whitacre added. "Kubernetes is open source, but Google Search is closed. React is open source, but Facebook Newsfeed is closed. With fair source, we're carving a space for companies to safely share not just these lower-level infrastructure components, but share access to their core product." Further reading: As Companies Try 'Open Source Rug Pull', Open Source Foundations Considered Helpful
"Open source isn't a business model -- open source is a distribution model, it's a software development model, primarily," Chad Whitacre, Sentry's head of open source, told TechCrunch. "And in fact, it places severe limits on what business models are available, because of the licensing terms." Sure, there are hugely successful open source projects, but they are generally components of larger proprietary products. Businesses that have flown the open source flag have mostly retreated to protect their hard work, moving either from fully permissive to a more restrictive "copyleft" license, as the likes of Element did last year and Grafana before it, or ditched open source altogether as HashiCorp did with Terraform. "Most of the world's software is still closed source," Whitacre added. "Kubernetes is open source, but Google Search is closed. React is open source, but Facebook Newsfeed is closed. With fair source, we're carving a space for companies to safely share not just these lower-level infrastructure components, but share access to their core product." Further reading: As Companies Try 'Open Source Rug Pull', Open Source Foundations Considered Helpful
Actual copy of license: (Score:5, Informative)
I'm not a lawyer, but I wouldnt touch software with this license with a ten foot barge pole. Its horribly restrictive.
Don't fall for the marketing talk people.
Re: Actual copy of license: (Score:5, Insightful)
The Please Do Free Work For Us license
Re:Actual copy of license: (Score:5, Informative)
You can totally publicly display, publicly perform, and redistribute the software. As long as you don't compete with the software, or compete with the services that upstream builds on top of the software, or do the same things as the software.
WTAF?
Re: (Score:2)
May as well just pass a law that says OSS is not allowed to compete with proprietary software development. You can only compete against last generation. Ha ha!
Re: (Score:2)
Suppose the source for a company's big product just so happens to contain a new, nifty string-matching algorithm that's completely generic. If it were all closed source, you couldn't see any of it; under fair source, you could and likely be fine using only the new string-matching algorithm, no?
This is License is (Score:2)
Re: (Score:2)
That makes sense. They scrambled the spelling: this is no longer an OPEN source license, it is a PEON source license.
Re: (Score:2)
"...or offers the same or substantially similar functionality as the Software..."
So you can't compete with your own "Software" that does a similar thing? Yeah, no.
Seems very fuzzy... (Score:5, Interesting)
The "You are super forbidden from doing anything with this that competes with us, might compete with us, resembles one of our products to some degree" portion of the license seems broad and vague enough to both put practically any use(except for your own customers doing fixes in-house) at risk of litigation; and to not necessarily protect you from someone who isn't afraid to try to get away with an edge case and out-lawyer you if you object. In theory it's more business-model focused than something like the AGPL; and less restrictive than a 'noncommercial' or 'exclusively to facilitate internal modifications by licensed customers' license; but so much of that extra area contains enough legal uncertainty that you'd need to have steady nerves to actually use it.
Then you have the time-locked permissive release, which probably seems fine when you are doing something on the cutting edge; but seems likely to lead to regret or pointless churning of your product to break compatibility if you live long enough to reach the point where getting the you of 24 months ago for free seems like a better deal than paying for you today.(which certainly isn't the case across the board; but happens to a lot of software once the low hanging fruit is picked and improvements become increasingly marginal) It certainly provides more cover than releasing under a permissive license on day one; but quite possibly less than a stricter copyleft license on day one; since, instead of 'your code derivatives of which must be shared back' you have an explicit division between 'your basically-proprietary code that why would anyone give you fixes for' and 'your free stuff that's a couple of years old'.
Re: (Score:1)
"...and that pretty much always indicates someone with an abusive relationship to source and projects.*
Or at least an idiot might think that.
A person who asserts, rightly, that a BSD license is less restrictive than a GPL has an "abusive relationship to source and projects"? GTFO
Re: (Score:2)
The BSD license is less restrictive than the GPL to a developer who downloads the code.
The BSD license may very well be more restrictive to the end users who use the software that developer redistributes.
The writers of the GPL were concerned about end users, not the intermediate developers.
Re: (Score:2)
The end users receives more rights with the BSDL
100% false.
Most commercial software is full of BSD libraries. A lot of those have EULAs with arbitration agreements that make you sign away your rights to access a court of law. The end users are hobbled.
Re: (Score:1)
I already addressed you.
"it also could indicate a pedantic autist. To shut him up I have to note. Technically, the license has an additional restriction even if that restriction is that you can't add restrictions."
A BSD project and it's half dozen forks is 1 open license and 6 entirely closed and proprietary monsters. A GPL project and it's half dozen forks is 7 completely open and free projects. Technically, a free use forest with no restriction against arson and logging is more free than which is open use
Re: (Score:2)
The main problem with this argument is that you're pitting 1 open + 6 closed vs. 7 open (plus calling the closed projects "monsters").
In reality a BSD library would be used in thousands of very useful closed projects, while the GPL library would be used in a lot fewer, and often a lot less meaningful, open source projects. Many more users would be helped by the BSD library than by the GPL library.
Re: (Score:2)
It always astounds me that BSD advocates pushing the "BSD is more free than GPL because it has fewer restrictions" bullshit[1] are actually proud of the fact that BSD-licensed software enables abusive anti-consumer software.
For example, they commonly tout that it's a good thing that Microsoft used the BSD networking stack for Windows - without ever realising that means that BSD-licensed software is partially responsible for th
Re: (Score:2)
The ability to take away freedom from others is NOT freedom.
I have no objection to people choosing to license their code under BSD, GPL, or any other license. If it's your code, you can do whatever the fuck you want with it. I do, however, object to the cretinous assertion that being able to restrict the freedoms of other people is "more free" because it fucking is not.
BTW, everything is political you fucking moron. Including your hyperbolic straw-man bullshit about the W
Re: (Score:1)
The ability to take away freedom from others is NOT freedom.
So then ask yourself this question. Which license is more restrictive and takes away more options and more freedom from "others": the GPL or the BSD license? Clearly the GPL is more restrictive. More restrictive means less freedom and less options for users.
I have no objection to people choosing to license their code under BSD, GPL, or any other license.
If you truly didn't care you wouldn't be doing all the cursing, ad-hominem, and showing how spitting mad about it you clearly are. Sounds to me like you care a lot and it's fairly hypocritical since you don't sound like a programmer or open source softwa
Re: (Score:2)
The one that allows more restrictions to be added. Duh.
"cursing"? what are you, a child?
And I fucking told you what I was objecting to - the cretinous assertion that being able to restrict the freedom of others is somehow "more free".
Feel free to go fuck yourself, ya sealioning cunt.
nah, I'm just entertaining myself yelling at some dumb
Re: (Score:1)
"So then ask yourself this question. Which license is more restrictive and takes away more options and more freedom from "others": the GPL or the BSD license? Clearly the GPL is more restrictive. More restrictive means less freedom and less options for users."
Actually no. The BSD license requires attribution which removes an option that GPL users have so they offer the same amount of options and freedoms. Also the BSD software offers freedoms only for the next developer to utilize it whereas the next GPL de
Re: (Score:2)
Re: (Score:2)
The BSD license requires attribution which removes an option that GPL users have so they offer the same amount of options and freedoms.
Wow, right outta the chute here and you're already tossing a word salad as a warm up to something even worse, I'm sure. You are aware the the GPL, in every form, requires attribution be maintained, right?
Also the BSD software offers freedoms only for the next developer to utilize it
That's an easy falsehood to dismantle. It's easy to verify that any software placed under the BSD licenses stays so in perpetuity. What you are referring to are the potential changes made by someone like a commercial developer who opts not to publish source. Keep in mind the original author of the BSD softw
Re: (Score:1)
Only true in the most pedantic sense. Unlike BSD licenses, the GPL requires no attribution beyond leaving copyright notice intact. Adding such a requirement would violate the GPL.
"What you are referring to are the potential changes made by someone like a commercial developer who opts not to publish source."
No, an individual making such changes can close the original source alongside their changes. They have no obligation to pass on the original source. If the original author is deceased for instance their c
Re: (Score:1)
'This is typical broken pretzel logic. "We had to destroy the village to liberate it, sir."'
I'd argue if your statement was coherent enough to debate?
Bottom line. The more humans who are denied otherwise copyright restricted options [copying/distribution/modification] on the work and it's derivatives due to the licensing terms the more restrictive the license actually is. Literally billions of users have been denied freedoms which overlap between BSD and GPL licensing on derivatives due to the term you clai
Re: (Score:2)
No, an individual making such changes can close the original source alongside their changes.
Why do you keep lying? No, they cannot. The original source remains under the BSD license with the same availability it had before anyone made a derivative work. If you really think this, then you simply don't understand what you're talking about.
Adding such a requirement would violate the GPL.
What requirement? Attribution? Do you need me to quote each one to believe it? Each GPL requires copyright notices to be maintained. Here's the GPLv2: "If the modified program normally reads commands interactively when run, you must cause it, when started running f
Re: (Score:2)
I'd argue if your statement was coherent enough to debate?
The forgoing statement wasn't coherent either. That's the point.
The more humans who are denied otherwise copyright restricted options [copying/distribution/modification] on the work and it's derivatives due to the licensing terms the more restrictive the license actually is.
By this logic, the folks who want to make commercial deriviatives BSD-licensed code would also count as being denied the option of creating a commercial closed-source modification. Not that I buy this load of manure, but even by your own definition the GPL is more restrictive due to it's negative downstream effects on potential reuse.
They don't even need to change it to change the code at all, people can freely rip people off and just redistribute the unmodified work under a proprietary commercial license with click through EULA, failing to REALLY disclose the original exists, then cover their backsides with a buried attribute somewhere in the EULA.
*YAWN*. What a bunch of tap dancing. All that to express your non-programmer anger at someone who wrote somethin
Re: (Score:1)
"Why do you keep lying? No, they cannot. The original source remains under the BSD license with the same availability it had before anyone made a derivative work. If you really think this, then you simply don't understand what you're talking about."
No, it doesn't. The license permits distribution of copies/derivatives under more restrictive terms. It is up to the person who redistributes it what terms they attach.
You:
"Each GPL requires copyright notices to be maintained."
Me:
"Unlike BSD licenses, the GPL req
Re: (Score:1)
No, it doesn't. The license permits distribution of copies/derivatives under more restrictive terms. It is up to the person who redistributes it what terms they attach.
Whatever someone does with derivatives isn't germane to my point. The original source under the BSD license stays under it. No amount of lying and crawfishing your words is going to change that. It's a fact.
This is deliberately misleading in hopes someone won't actually read what you are replying to. You are going to quote the licenses saying copyright notice has to left intact... to prove what I'm saying is correct? Yeah, that'll show me.
The copyright IS the attribution, genius. As in "Copyright 2024 John Smith" There is nothing misleading about that, it's simply another fact.
I love how you've invented Joe the developer and are angrily asserting
I am a software developer I don't have to invent anyone and I didn't invent "Joe the Developer" you just did. Your a typical leftist. Whenever you get backed into
Re: (Score:1)
"Whatever someone does with derivatives isn't germane to my point. The original source under the BSD license stays under it."
This is a completely meaningless statement. Source code is bound with copyright not a license. Derivatives are also bound under the original copyright. Permission to distribute the source and/or derivatives comes via the license and you are not required to convey the license or that permission along with it. There is no magical license which stays attached to the original beyond the f
Re: (Score:1)
Re: (Score:1)
Dear Eugenicist moron, as a libertarian I absolutely support the GPL and think anyone who licenses their code under BSD or similar licenses deserves the royalty payouts they get from Microsoft and Apple for their hard work.
The GPL serves as a tool which helps to undermine efforts to centrally control technical power and creativity, instead reserving for the individual the access needed to maximize liberty. This same ability to reserve last ditch power in the hands of the individual is why I support some lev
Re: (Score:1)
"a BSD library would be used in thousands of very useful closed projects"
Closed projects aren't useful and don't contribute. They take support and resources away from open projects.
Re: (Score:1)
Also I see the strawman you've built here with mention of a library. This gives the false impression closed projects can't make use of a GPL library. There is a rather far fetched and ridiculous argument that linking could make something derivative due to blending in memory; made worse by the LGPL being created so people could be sure their libraries could be linked.
That was Steve Ballmer's GPL is cancer BS; if runtime linking worked that way all software would be GPL due to other GPL being loaded in ram al
Re: (Score:3)
Pay attention to their terminology in TFS. They describe copyleft as 'more restrictive' and that pretty much always indicates someone with an abusive relationship to source and projects.*
*Yes yes, it also could indicate a pedantic autist. To shut him up I have to note. Technically, the license has an additional restriction even if that restriction is that you can't add restrictions.
But that additional restriction is actually pretty darn restrictive in practice. Apple eventually created clang (open source license) precisely because the copyleft licensing of GCC (copyleft license) made it too hard to reuse the compiler front end for various purposes in Xcode, such as documentation generation, connecting IBOutlets to nib files, etc.
Let me say that again. Apple created and released a whole new open source compiler toolchain in large part because it was easier than working within the lim
Re: Seems very fuzzy... (Score:2)
Copyleft abuses corporate use? Poor, poor corporate users. Respect the license and you won't be abused. If copyleft doesn't fit your needs, stay away and you won't be abused.
Seems like it's always a one-sided attack. (Score:1)
Re: (Score:2)
No. They did this because they're corporate scumbags who hate the freedom that GPL gives to users, so they're willing to spend large amounts of time, money, and effort to undermine the GPL in any way they can.
And one of the ways they do this is by brainwashing people that allowing corporations the right to put chains on software and
Re: (Score:2)
Same reason why they froze bash at version 3.2 (and went with zsh) : they won't respect the end user's right to change the software on their machine. That is the only reason for zsh being the default on macos.
Re: (Score:2)
Same reason why they froze bash at version 3.2 (and went with zsh) : they won't respect the end user's right to change the software on their machine. That is the only reason for zsh being the default on macos.
Sorry, but that's revisionist history, trying to use Apple's more recent behavior to explain past decisions. Except for early internal builds for development purposes, as far as I'm aware, no shell has ever been part of iOS, making the anti-TiVo clauses moot for that platform. And macOS allows users to compile their own shell (possibly only after changing a setting in the UI to allow unsigned binaries), making the anti-TiVo clauses also moot for that platform. Thus, the anti-TiVo clauses would not have h
Re: (Score:2)
No. They did this because they're corporate scumbags who hate the freedom that GPL gives to users, so they're willing to spend large amounts of time, money, and effort to undermine the GPL in any way they can.
Nope. Apple was fine with the GPL until v3, and their problems with it weren't because they hated user freedom, but rather because they considered the patent-related changes in GPLv3 to be an unacceptable risk in terms of using their patents defensively against companies that sue them. Nearly every technology company with more than a few hundred employees agrees, BTW. The anti-TiVo nonsense forced into the license by the FSF just added fuel to the fire.
The way I see it, corporations that give back to the
Re: (Score:2)
The PR is using patents as defense. But the actual reasons may surprise you ...
As someone who was actually in multiple meetings where GPLv3 was being discussed with Apple lawyers, no, the "actual reasons" will definitely not surprise me.
They hate freedom and business both. (Score:1)
You're not against companies taking away your freedoms. You're against companies, period.
Well said. These are political weirdos trying to import their politics into programming spheres. They seem to hate corporations so badly they are willing to hurt or restrict anyone else's efforts or work just to harm or prevent help to a corporation.
Re: (Score:1)
allowing corporations the right to put chains on software
Not really. Once under the BSD license no corporation can take the code away from users. They can alter it and keep the changes closed, but they cannot close it down for other users. You're description is misleading. The "chains" can only put on downstream creations.
Re: (Score:2)
Microsoft's and Apple's etc customers don't get the original version.
They get the chained version. And that chained version probably has proprietary hooks into Apple's OS that can't be re-implemented in the open source code, even if they somehow get a copy of the original source themselves.
So, yes, you're absolutely right. The downstream versions of BSD-licensed software can be and often are used to fuck over the end users. That's why companies like Apple and Microsoft love the BSD license and hate the G
Re: (Score:1)
That's why companies like Apple and Microsoft love the BSD license and hate the GPL - BSD allows them to fuck over their users, GPL does not.
The only mechanism you've identified that does the "fucking over" is the fact that M$ or Apple isn't obligated to give you the original source code they used to make whatever they make (Windows or Apple MacOS networking stack in this example). This completely overlooks the fact that they themselves got it from somewhere in the first place.
Do you think that somehow M$ is obscuring the 4.3 BSD Tahoe source code because they simply used that as a starting point? They don't stop anyone else from doing what th
Re: (Score:3)
A company needs to invest money and can't just grab other people's code for free? I have tears in my eyes! GCC under the GPL is a gracious offer to get it for free, if you only abide certain rules about giving back to the community. If you do not want to abide conditions, hire someone to create a new tool for you. Apple did that and it's fine. But don't blame it on the GPL, that free software doesn't suit Apple's business model.
The GPL was the reason for Apple having to do it. It is absolutely the fault of GPLv3 that nobody uses gcc anymore. Clang was designed from the ground up to be reusable in multiple different environments precisely so that it could do all of the things Apple wanted to do with it, whereas GCC was designed to be a monolithic compiler. Apple would have turned GCC into something more like Clang, but if they had done that that, they would not have been able to directly link it against closed-source code, and p
Re: (Score:2)
"whether this actually achieves that objective better than just keeping it proprietary"
About the only benefit I see is education. It might be possible to learn something by reading the source
Re: (Score:2)
Then you have the time-locked permissive release, which probably seems fine when you are doing something on the cutting edge; but seems likely to lead to regret
The time-locked release is written in a cloudy way. There is a problem about how do YOU the person who downloaded the software notate and establish what the actual date is?
This may not be problematic for the author, but the user needs to have a way of knowing AND being able to prove what the actual date is.
I'd much rather something like
Grant of
I thought of the same thing: Escrow/Delayed Source (Score:2)
The code is escrowed for a period of time determined by the developer. If you want the latest greatest version then you pay for a license. Those with a license can see the latest code and contribute if they wish to do so and ultimately use the newest version of the application. It can be a yearly/multi year or one time fee depending on the developer. If you contribute significantly (to be determined by the main developer) then you can get comped for a free year. Other than paying for the first year many peo
Re: (Score:3)
This thing in TFA though is basically "source-available" that then becomes apache 2.0 after 2 years.
And i don't think allows for security fixes, which makes OSS version pretty bad:
If a vulnerability is discovered and fixed in the current version then the fix can't be backported to the 2 year old open version for 2 years? That would make any such software a no go for many uses. You can't really run unpatched things nowadays in a commercial env.
Or what you have a people who promise to clean-room fix vulne
Re: (Score:2)
If a vulnerability is discovered and fixed in the current version then the fix can't be backported to the 2 year old open version for 2 years?
That's exactly the point. They want to keep OSS from posing any form of threat to their business model. So they hamstring it anyway they can. Leaving the OSS groups with insecure versions of the code means that companies, governments, and other groups / individuals needing actual security have no choice but to pay up.
Meanwhile the Non Compete Agreement embedded in the license makes it so that even if the OSS project tries to keep things secure, the company can sue them out of existence and have the contr
What tensions? (Score:2)
"With the perennial tensions between proprietary and open source software (OSS) unlikely to end anytime soon..."
What tensions are those? Just stirring the pot to promote an agenda.
There ARE tensions caused by politics (Score:1)
Bibisco (Score:2)
Here's a piece of GPL software being sold. It complies with the GPL as well.
Bibisco [bibisco.com] has a limited version free for download, and sells a complete version. You get the source in both cases.
You know it is unfair when they called it "fair" (Score:5, Insightful)
Just like OpenAI and OpenXML aren't open at all.
Orwell must be spinning in his grave for decades now.
A lot about what this license is *not* (Score:2)
The article contrasts the "fair source" license with all kinds of other licensing models, but for the life of me I couldn't find a clear summary of what a "fair source" license *is*. If the meaning is that murky, I'd say we should look at it as basically "closed" source.
My opinion (Score:2)
The author is wrong. Non-copyleft open source licenses are targetted at being a business model. They may be failed at it but that is their purpose.
Copyleft, namely GPLv3, is the one that is a development model rather than a business model. It sets out to ensure that future development stays public.
Re: (Score:2)
I'll try to explain it:
Open source that's not copyleft pretty much gives anyone the license to do anything with the source, and therefore it's impossible to make money off the code once you provide source code with such a license.
GPL, on the other hand, severely restricts what people can do with the code, and therefore if someone wants to use the code without the restrictions, there's need to pay for another license.
That's why copyleft is a business model and more permissive open source licenses aren't.
Re: (Score:2)
No, non-copyleft licences allow the source code to be commercialised as relicensed code. The original authors just don't get any benefit is all. It works for commercial entities just fine.
What is the truth? (Score:2)
I am fortunately an amateur, untrained in so this legality except by personal experience.
So I keep coming back to the fundamental problem: how do we expect clever and energetic people to do excellent and profitable work without sharing in the profit?
Some projects have 'solved' this, vim for instance, maybe git. But nearly every useful database project has had to fork off to a commercial version. The foss -to-paid support model didn't seem to work well, CentOS seeming to be an example of the 'owner' taking t
Re: (Score:2)
Qt made it work, somehow...
Take a look at this arrangement: https://kde.org/community/what... [kde.org]
Fake Open Source. Won't work. (Score:2)
This is akin to Fake Open Source without the deception. Or only a little bit of it. Like those fake claims of Open Source claims by M$ 15 years or so back.
It's simple: if your software doesn't have an OSI approved FOSS license, it isn't FOSS.
This doesn't apply here. Hence it won't work.
FOSS will continue to grow.
By and large FOSS is true Marxism at work. The digital space is a realm where Marxism actually works, because the cost of reproducing a digital good is basically zero and the network effect of every
Richard Stallman (Score:2)
There is a mistake in the very beginning (Score:1)
> there are hugely successful open source projects, but they are generally components of larger proprietary products
Not "but", but "so": "... so they are generally components of larger proprietary products".
Re: (Score:2)
Sigh. (Score:2)
#34276 in the list of "poor ideas that will never achieve any kind of mainstream usage".
MS Shared Source clone (Score:2)
As we can clearly see, Shared Source didn't gain any traction, and classic FOSS licensing stayed, and is still thriving.
Competing Use Problem (Score:2)
So the no competing use concept has some issues. Consider the following scenario:
1) Company A releases Project A under this license and they compete in Market Segment A.
2) Company B builds Project B using some code from Project A and they compete in Market Segment B. They also release their project under this license.
3) Company C builds Project C using some code from Project B (and unknowingly, Project A), and they compete in Market Segment A.
It's like the herpes of software licensing!
Simple response (Score:2)
Regard it as closed-source license. Essentially, it is. Anybody that understands FOSS will not be fooled.
unmod (Score:2)
unmod
Wrong Mentality (Score:2)
"Open source isn't a business model"
Yes. Yes it is. It's just that it's not a business model that you follow. But, back in the day people used to share software freely. Their logic was that, "Since I've already written the software to do that task, why not just give it to them, and save them the time. In the future, maybe they'll share with me, too." These days, everyone wants to legally own the colors green, blue, red, and yellow, and charge others for using it. The world is broken. The business mo
Mongodb (Score:2)
So what would the Mongo DB License be, that is basically a stronger AGPL that OSI failed to accept.