Jeff Geerling

As belts tighten, corporate #opensource evolves—further and further from the ideals of Free Software.

Partly due to bad actions by "freeloaders," but also companies putting too much value in building code, and not enough on community and support. https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license

HashiCorp adopts Business Source License

HashiCorp adopts the Business Source License to ensure continued investment in its community and to continue providing open, freely available products.

HashiCorp
Aug 11, 2023 at 12:10amIvory for iOS
Show threadJeff GeerlingAug 11, 2023

I'm sure @bcantrill is could fill out a book now with examples of companies who are using parts of his "Corporate Open Source Anti-Patterns" presentation for a template...

Requiring copyright assignment, using anti-competitive licenses instead of open source...

Show threaddango🍡Aug 11, 2023
@geerlingguy @bcantrill fwiw: https://www.gnu.org/licenses/why-assign.en.html
Why the FSF Gets Copyright Assignments from Contributors - GNU Project - Free Software Foundation

Show threadJeff GeerlingAug 11, 2023
@dango_ I'd tend to trust the FSF more than some other entities, but still not like the idea regardless.
Show threadThe Retro Timer 💾Aug 11, 2023

@geerlingguy @dango_ One can trust the FSF not to use the copyright assignments to take a project closed source, but they can still use it to make unilateral licensing changes based on their own ideology.

They did it when the GPLv3 came out and, to me, it was a bad step.

The Linux kernel is the best example of why not being able to relicense the code is actually a good thing.

Show threadbluGillAug 11, 2023

@carlosefr

@bcantrill @geerlingguy @dango_

Why do you think you can trust the FSF? Sure today you can still trust them, but in 50 years they can be taken over by someone else with money who changes the license. GPLv4 might be just a little bad, then GPLv5 and GPLv6...

Show threadThe Retro Timer 💾Aug 11, 2023

@bluGill @bcantrill @geerlingguy @dango_ I trust them not to go closed source, but I don't trust them not to go too far with their licensing (as I said).

I'd prefer if GNU projects had no copyright assignment whatsoever. Will that happen? Not likely.

If the FSF ever goes evil, there'll probably be early warning signs. And GPL code can't be retroactively relicensed in practice — it can, but only when distributing to new (and willing) recipients, turning the new license mute.

Show threadcateAug 11, 2023
@geerlingguy @bcantrill Note: FSF recommend the first (developers get old and die, and old license may have unexpected problem). And also the controversial GNU Affero license (to combat the not-give-back), but it introduces the first limitation on “use”. Giving sources is not yet normalised (I also do not publish all sources of my sites: it will be embarrassing hacks)
Show threadBlake LeonardAug 11, 2023

@geerlingguy Seems less of "not placing value on the community" as much as the code (or their exclusive hosting of it) is what's making them money. Companies who only sell support don't make a lot of money, except for Red Hat, and evidently it wasn't enough for them either.

Related question: does the MPL still apply to older versions of the software and source code with which it was bundled, or does this somehow retroactively affect the old code?

Show threadDefectiveWings ✈️Aug 11, 2023
@blake
IANAL, but it seems to only affect code going forward
@geerlingguy
Show threadjsjAug 11, 2023
@blake @geerlingguy The FAQ explicitly states it only applies to new releases. Everything already out there remains MPL
Show threadViktor NagornyyAug 11, 2023
@blake @geerlingguy "That is why today we are announcing that HashiCorp is changing its source code license from Mozilla Public License v2.0 (MPL 2.0) to the Business Source License (BSL, also known as BUSL) v1.1 on all future releases of HashiCorp products. HashiCorp APIs, SDKs, and almost all other libraries will remain MPL 2.0."
Show threadBlake LeonardAug 11, 2023
@viktor @geerlingguy I read the rest of that and somehow skipped over the "all future releases" part... 🤦️
Show threadViktor NagornyyAug 11, 2023
@blake @geerlingguy I missed the last sentence of that paragraph the first time I read it 😂 When I went to copy it, I saw it.
Show threadNicolás AlvarezAug 11, 2023
@blake @geerlingguy I don't think any license can be changed retroactively. But to answer your specific question, they're keeping MPL on older versions *and* will continue to backport security fixes to them (under MPL) until at least Dec 2023.
Show threadclacke: exhausted pixie dream boy 🇸🇪🇭🇰💙💛Aug 11, 2023

@blake It's an approved open source and free software license. It's irrevocable.

Unlike the GPLv3, the MPLv2 doesn't explicitly say "irrevocable", but it doesn't state any other grounds for termination than you being in breach of the license terms.

You received the software, you received a license to redistribute it. No backsies.

@geerlingguy

Show threadThe Retro Timer 💾Aug 11, 2023

@geerlingguy Over the last decade or so, people's understanding of open source has drifted towards free software, where code is built and owned by a community.

However, the corporate expectation of open source has always centered around having a community contributing back.

Note the subtle difference.

This is true whenever a project is dominated by a single company. And even more so when it asks for copyright assignments from contributors.

This move is not surprising. Others will follow.

Show threadLudovic :Firefox: :FreeBSD:Aug 11, 2023
@geerlingguy is aws responsible here?
Show threadstafwagAug 11, 2023

@geerlingguy

This isn't new #mysql had similar licenses before they switched to a opensource license.

This just showed how old I'm :-)

It are difficult times for companies that develop #opensource But this isn't a good decision IMHO. In the long term opensource will win as it allows users / multiple companies to work on the same product, So it's sad that HashiCorp is changing its business model.

Show threadMosenAug 11, 2023
@geerlingguy companies want to gain a competitive edge by having a huge foss user base. They want contributions and bug fixes. They do not want forking, wrappers, interop that threatens the product line up. In other words they won’t tolerate any loss of control. Who is the freeloader really?
Show threadJoe 🏔️ King of NYNEX   Aug 11, 2023
@geerlingguy a lot of newspeak in this blogpost innit
Show threadclacke: exhausted pixie dream boy 🇸🇪🇭🇰💙💛Aug 11, 2023
> corporate opensource evolves


You mean devolves.

@geerlingguy

Show threadKevin Karhan Aug 11, 2023

@geerlingguy *nodds in agreement*

Were the #GPLv3 not ideological garbage but actually comitted to #FLOSS remaining #public, it would've chosen #PublicAccessibilit to code as priority over illegally demanding surrender of all #Patents and #IP.

In fact, #grsecurity #paywalling the code was the first warning shot, and when that went through, others like #Elastic and #MongoDB and now #RedHat saw that they could get away with #paywalls on #FLOSS...

It's sickening.

Show threadKevin Karhan Aug 11, 2023

@geerlingguy Not that I doubt that companies want to make #money and that they want to enshure that no #GAFAM - espechally #Amazon - just yoinks their code and make a better #SaaS out of it whilst contributing 0 $ or code back into the project.

Stuff like the #SSPL & #AGPLv3 won't fix the issues - in fact they'd rather worsen the situation, only empowering the rich that can pay lawyers.
https://en.wikipedia.org/wiki/Server_Side_Public_License

Server Side Public License - Wikipedia