Please stop inventing new software licences (2020)

132 pointsposted 3 days ago
by edent
(shkspr.mobi)

177 Comments

bruce511

3 days ago

I'm not sure the title is the correct response. As in "stop making software licenses" is not the problem.

Clearly any business can license their software any way they like.

What caused the poster some confusion is that it was marketed as an "open source" product. Once he determined it was not an OSI approved license then that should be the end of it. It's not Open Source. period.

By all means call them out on that - lots of people and companies are not licensing experts, and need guidance. I've helped people with this in the past and encouraged them to change to actual Open Source licenses that are compatible with their goals, and the goals of their community.

If anything the real headline should be "stop calling your product open source when it doesn't have an open source license".

[To be clear - I produce commercial software under not-open-source licenses. I've got no objection to folk doing that. I even ship the source with the product, and accept contributions back. But I don't call it "open source" because it's not "Open Source". It's something, sure, but it's not Open Source.]

hnlmorg

3 days ago

I think your take is a much more levelheaded view of events than the authors.

I completely agree with you that we shouldn’t be restricting how people choose to license their code. And agree that the real issue is the marketing: ie people calling something “open source” when it’s actually “source available to read”.

I see quite a few organisations play this game, like Obsidian. I’ve seen highly skilled and intelligent engineers fall for the trap of calling Obsidian open source because they can inspect the code of the Electon app; forgetting that doesn’t actually grant them a license to do anything with the code.

Like yourself, I have no qualms if an organisation wants to build proprietary / for profit stuff. I understand that means they might not even want to share their code. But what I do object to is when those organisations then try to gain some open source “street cred” for something that is proprietary.

Sebb767

3 days ago

> I’ve seen highly skilled and intelligent engineers fall for the trap of calling Obsidian open source because they can inspect the code of the Electon app; forgetting that doesn’t actually grant them a license to do anything with the code.

That's because the terminology is pretty confusing, doubly so for ESL people. If you'd never had the whole open software vs. free software debate, it's easy to think that "open source" means "source code available", as this is pretty much in line with the direct reading of the phrase.

klez

3 days ago

The term "open source" has had a precise meaning in software since at least 1998. It's only recently that people have started bickering about it being confusing. Exactly when these "source available" clauses started popping up more frequently and people started noticing that some of the previous open source business models are not compatible with a SaaS world.

bruce511

3 days ago

Without wanting to be ageist here, I have an -impression- (which is hard to validate, or invalidate) that it's very much an "age" thing.

There's one cohort that grew up in the 80's and 90's, and so "were around" at the dawn of the FS / OSS movements. We saw the evolution of Linux, Windows, MacOS from the beginning, and understood the fundamentals.

A later cohort has grown up in a world where all these things are mature, and phrases like "Open Source" are less clearly understood. They may not understand what the term actually means, and may use it incorrectly (and more importantly the community around them uses it incorrectly) and so the incorrect version seems to "be the right meaning". It can be confusing when the term you think means one thing, ends up meaning something quite different.

In the way that a lot of people see "Free Software" and assume that's free as-in price, not Free as in restricting-people-from-users-accessing-source-code. Even those well versed in Free Software don't necessarily understand the "users" part of that sentence.

In the same way "Open" means different things to different people, and that may or may not match up with the -actual- meaning of the term Open Source.

sanderjd

2 days ago

Yep. I sort of straddle those two generations. I wasn't "around at the dawn", but it was contemporary history that was still very fresh. But a bit after me came the github generation with its huge boom of non-ideologically source-available-and-contributions-welcome code.

So with that context, my take is that while I'm very sympathetic to wanting a short and pithy description, I do think that the chosen terminology really does fail to intuitively encode the full intended definition, and that's on the definers.

bruce511

2 days ago

>> that's on the definers.

Is it though? What about farming? Does each farmer get to decide what "organic" means? Does every shoe manufacturer get to decide what "Ethically Sourced" stands for? I'm not so comfortable with the argument that "well, it means whatever the hearer wants it to mean, and if they get it wrong that's because it was defined badly?"

I don't think "Free Software" is a terribly intuitive term (and never has been.) If anything the intuition seems completely tangential to it's actual meaning. But if you choose a FSF License, then you are releasing code under that license.

"Open Source" is a somewhat better name - but again open to misinterpretation. "Open" to whom? Everyone?

But for a -company- (and make no mistake, we're talking about -companies- altering the "popular meaning") to change the meaning so that it dilutes the actual meaning, and makes companies more powerful, I feel is not ok. In that context Open Source means something. Whatever they "intuit".

jimmydddd

2 days ago

To answer one of your questions, yes, every shoe manufacturer *does* get to decide what "Ethically Sourced" means. "ethically sourced isn’t a coined label with a standard legal definition. There’s no official institution approving its use in consumer marketing. Because ethical sourcing isn’t a term from an institution with a specific set of standards, it can encompass a wide range of ethical considerations."

sanderjd

2 days ago

I mean, yes, I do think it's "on them", I do think it's reasonable to criticize the definers of jargon terms that confuse people due to mismatching with their plain reading of the terms...

I think your other examples are indeed examples of the same kind of issue. For instance, I would say that "organic" is a much worse offender due to it targeting a much larger audience than our computing jargon does. I don't know whether "ethically sourced" has a technical definition that is a good match for my intuition of what it means, but I wouldn't be shocked at all to discover that it does not.

But like I said, I'm sympathetic to the definers of these kinds of things. They want something that works as marketing, so they use plain words that people have positive associations with ("free", "open", "organic", "ethical"), but then those words are too vaguely defined for their purposes so they also attach further meaning to them. But then that results in this tension, where people naturally assume the words mean only what they mean, and some community of gatekeepers has to be vigilant to come in and set the record straight.

Notably, we don't do this sort of thing with medicines, for instance. There isn't a community of people who have to correct peoples' use of a descriptive plainly worded jargon term like "happy pills", they are instead referred to as SSRIs, which has no plain reading and thus no potential for confusion.

I agree that it isn't good for companies to take advantage of this plain reading / technical definition mismatch, but I also think it's inevitable when trying to have it both ways by using a plain-sounding term while attaching it to a technical definition.

lifthrasiir

3 days ago

To be clear, only claimed exactly so by open source (and not free software or general F/OSS) proponents. The term was also applied to non-software licenses with related but substantially different meanings.

ensignavenger

2 days ago

There was no significant use of the term "open source" applying to software prior to the OSI. Contrast that with Free Software, which was a term in common use before the FSF. The idea that "Free Software" is a more precisely defined concept that Open Source is simply not true.

lifthrasiir

2 days ago

> Contrast that with Free Software, which was a term in common use before the FSF.

I believe a term "freeware" was much better known even back then. Also, I do think "free software" is also a badly chosen term for a different reason. But we are only talking about the term "open source", so...

"Open source" is a badly chosen term because it gives too much weight to the adjective "open". There is no inherent notion of "openness" about source code, so people would instead imagine something that is related to source code but can be thought to be "open". That's why "open" source was heavily associated with "open" governance even though the definition speaks nothing about governance. This confusion is pretty much intentional by the way, as an earlier term "free software" was thought to alienate companies.

lloeki

3 days ago

We can bicker on semantics all day long, if people at large continue using "open source" to mean "the source is openly visible" ("public source"?) we can't do much about it, and by irately pointing the discrepancy out we only come out as pedantic† to the point of appearing as "well, ackshually..." adversarial, which ends up being entirely counterproductive.

Language evolves, semantics shift, context matters.

What matters in practice is:

a) whether we can disambiguate between "public source" and "one-true-scotsman FOSS".

b) whether they're doing it in earnest (it's still better to have visible source than no source access at all) or whether the usage is disingenuous (trying to intentionally mislead by piggybacking on "aura" benefits of FOSS without it being actually FSF/OSI/SPDX/whathaveyou FOSS).

At the end of the day, in practice one is still going to look at the actual license file/SPDX code anyway.

† "Technically correct, the best kind of correct."

bruce511

2 days ago

I hear what you are saying - language evolves, and we should evolve with it. I'm just not sure it's true in this case.

Open Source has a -legal- meaning - in the sense that Open Source Licenses are legal documents which specifically cover what can and can't be done.

Unfortunately the legal system does not just evolve terminology to suit whatever the current venicular is.

>> a) whether we can disambiguate between "public source"

The common phrase for this is "source available"

>> by irately pointing the discrepancy out we only come out as pedantic

When we allow words to change, when we allow misinterpretations of those words to proliferate, then we need to accept we are giving up the very freedoms those words set out to mean. If we just accept a new definition of Open Source today, then what's to stop the next generation of people/companies redefining it again in 10 years time? What happens when we start (colloquially) using the phrase to mean "the source is open inside the company, but not available outside it."

Unfortunately we see this language evolution around us all the time. "Free Speech" doesn't mean what most people think it means. Neither does "Constitutional Right". And evidently there's a group of technologists, or would-be-technologists (never mind joe public) who do not understand what Open Source means.

To you, defending the term becomes pedantry. But you live in a world where you have the access to code that you do, precisely because the older generation stood up for the specifics of the term - and fought for the very freedoms you now enjoy. You describe the corrections as "technically correct" without perhaps understanding the magnitude of effort that has gone into making it what it is.

So forgive us please if we hold tightly to what was so hard won.

Perhaps, and I mean this sincerely, rather than co-opting the past to suit your current needs, it's time for the current generation to fight for the ideals that -you- believe in. Just please, don't co-opt our hard-won terminology to do so.

amiga386

2 days ago

> Open Source has a -legal- meaning

I don't think it does, but "open source software as defined by the Open Source Initiative" does have legal meaning.

Equally, "free software" does not have a legal meaning either, but "free software as defined by the Free Software Foundation" does.

That said, Stallman is probably right, the term "open source" cooked up by Perens et al was language used to mollify business people who feared the term "free software" (and "copyleft"... and Stallman). The term got traction and the popularity of the software greatly increased. But, by using this ambiguous phrase to describe software that you not only have the right to see the source of, but also to modify and redistribute, it opens the door to shysters who would try to claim that "source available" is somehow "open source"... because the "source" is "open".

MyFedora

2 days ago

There is no legal meaning behind and no legal protection for the term open source. A proprietary software license can use the term open source in the license and define it as the source code is available. Legal systems don't care about what some random organization like the OSI thinks open source stands for.

bruce511

2 days ago

Which is why when a company releases a license that they claim is "Open Source" and it's not compatible with the OSI definition, then we need to stand up and say bullshit.

They are welcome to release it any way they like. If they think they can somehow fool developers by calling it Open Source when it isn't, well good for them. If you as a developer want to contribute to, and promote, their product then go for it.

But if it's not Open Source then I call bullshit, and don't be surprised when the -Open Source- community gets upset.

lloeki

2 days ago

> The common phrase for this is "source available"

I know! Unfortunately that one doesn't seem to quite catch on beyond open source advocates (see my other nearby comment)

> Open Source has a -legal- meaning - in the sense that Open Source Licenses are legal documents which specifically cover what can and can't be done.

Does it? As in, is there any law-binding document that universally states what it means? Or has it been ruled anywhere what is or isn't open source? (respecting license terms may have been challenged, that as much is true, but that's about the license contents, not what is or isn't "open source")

I may very well be unaware of such a thing existing, and I would be glad to learn there is, but the FSF or OSI or the collective mindhive of hackers (in the jargon file sense; and not saying that derogatorily) or whatever saying "this is what Open Source is", while a powerful community statement, is not particularly law-binding. AIUI even among the proponents they even kind of disagree on what "open source" is and is not.

> "Free Speech" doesn't mean what most people think it means. Neither does "Constitutional Right".

These, comparatively, are legally defined.

> To you, defending the term becomes pedantry.

I didn't mean to imply that I was personally thinking it was pedantry, only that it can (and often is) perceived as such.

I am very much in favour of using proper terms, but I also recognise that it may not be as useful as one might think to fight the semantic fight in order to properly fight the value fight.

> So forgive us please if we hold tightly to what was so hard won.

Please, continue to hold tightly! Although sometimes one realises they can't ever hope to convince others they're "wrong", so maybe there are other ways to win... "You can't win, but there are alternatives to fighting."

As a believer in and advocate of FOSS, I found it much more effective to battle on the value grounds instead of losing the audience right away, instead reaching out into their level of understanding. More often than not, they end up educating themselves down the road. Kind of a "use the opponent's weight against them" move.

bruce511

2 days ago

Open Source is a legal term in the sense that it becomes legal documents, licenses, and those licenses either conform to the OSI definition, or they do not. Sure, you can write anything you like in your license, you can call it Open Source, but if it's not compatible with the OSI definition then it's not compatible with the ideals and values of Open Source.

The problem with battling on value grounds, but abandoning the name, allows others to appropriate the name, and from that change the values.

I find it egregious that companies get to water down the values - they get to slowly shift perception of what "Open Source" is - and along the way the values get lost.

The values were written down. They got given a name. Now commercial interests want to appropriate the name, get the goodwill that comes with the name, but at the same time water down, remove, or alter, the underlying values.

I am no FOSS accolyte. My day job is commercial software. The (non-existent) financial model of OSS doesn't work for me. I am -very- happy that licenses of all kinds exist. I am free to choose what programs I use, and what licenses I choose to accept. I am largely a consumer of open source, and a very minor contributor.

It is as a -user- not a -developer- that I appreciate what Open Source (and Free) software mean, and I'm not ok with companies appropriating that term to mean "whatever they want".

doix

2 days ago

In general, I agree with you. I am annoyed that people use "open source" instead of "source available". But I disagree with:

> But you live in a world where you have the access to code that you do, precisely because the older generation stood up for the specifics of the term - and fought for the very freedoms you now enjoy.

No, we have access to code because people fought for the "idea", not the word. Words are used to communicate ideas. The important thing is that people understand each other. Right now, the communication is muddled because the term "open source" can be interpreted by someone unfamiliar with the origin of the term as "source available". Yes, it sucks to lose the original term, but language does evolve.

> it's time for the current generation to fight for the ideals that -you- believe in.

I just don't see the value of the phrase that high. The important thing are the ideals behind it. If a new term needs to be adopted, so be it.

bruce511

2 days ago

The company in the original post is watering down those ideals. But that's ok because "ideas"? By watering down the words they seek to water down the ideals.

Forgive me, but I don't think that's ok.

hnlmorg

2 days ago

The problem is that companies like Microsoft created licenses that are semi-open to attract kudos. If the FOSS community changed “open” with “public” then Microsoft et al will then just move onto calling things like Reference Source License a “public source” license as well.

The only way around this problem is to play these organisations at their own game and trade mark any such public source term. But that’s going to be expensive to enforce, and who’s going to want to pay for the lawyers?

klez

2 days ago

> The only way around this problem is to play these organisations at their own game and trade mark any such public source term. But that’s going to be expensive to enforce, and who’s going to want to pay for the lawyers?

Well, that's what the FSF and OSI are for.

hnlmorg

2 days ago

Their funds aren’t limitless. They don’t even have the resources to fight a GPL violations. Never mind any new hypothetical responsibilities.

lloeki

2 days ago

> The problem is that companies like Microsoft created licenses that are semi-open to attract kudos

That's the kind of move I squarely put under the "disingenuous" category.

> If the FOSS community changed “open” with “public”

That's not what I meant, what I meant is that the technically incorrect use of "open source" by MS&al would better be named "public source" / PSS. "source available" / SAS just doesn't have the same pattern/ring to it, which I presume is part of why it does not catch on.

The humble suggestion here kind of rides on the easily understood idea that making, say, a GitHub repo "public" doesn't make the code magically FOSS.

Then, by contrast with "public", "open source" gets a bit more of a specific meaning.

hnlmorg

2 days ago

But the entire reason companies misuse “open source” is so that people are confused into thinking those companies are supporting FOSS by giving back to the community when in fact it’s all just marketing trickery.

jasonlotito

2 days ago

> We can bicker on semantics all day long, if people at large continue using "open source" to mean "the source is openly visible" ("public source"?) we can't do much about it, and by irately pointing the discrepancy out we only come out as pedantic† to the point of appearing as "well, ackshually..." adversarial, which ends up being entirely counterproductive.

But...

> Language evolves

No, it doesn't. It's statically optimized.

> semantics shift

Again, wrong. There are no shifting in semantics.

> context matters.

Wrong. There is no such thing as context mattering. It's all about the textual matterment.

I love statically optimized language. It lets me assumptuate whatever I want, and you just have to affirm my matterment.

Especially when we harnest with licenses. No need to be semantical there.

hnlmorg

3 days ago

It’s only confusing because companies like Microsoft intentionally abuse the term “open”.

I don’t really know what can be done about either. Because if the FOSS movement rally around a new term, you’ll then just see businesses who aren’t $OPEN_SYNONYM abuse that new term too just as they have with “open”.

Blaming the confusion on the FOSS community isn’t fair when the blame lays squarely at those who do intentionally misuse it.

ben_w

2 days ago

> It’s only confusing because companies like Microsoft intentionally abuse the term “open”.

Not only, but perhaps indeed also.

"Open source" reads as two separate words rather than a multi-word expression. The "open" sounds like as in a book, a shop, a museum: there's no implication of being able to do more than merely look unless you pay.

There's also "open" in the sense of the open/closed principle in e.g. SOLID, but even as a developer that's not the first thing I think of.

This is the exact other half of what seems to annoy people here about LLMs being called "open source" when they can be freely modified into derivative works but the training set is unknown: "open" yes in this sense, "source" no.

yencabulator

2 days ago

The LLM weight dumps we see tend to fail the "open" part too, with fine print clauses saying things like non-commercial use only.

exe34

2 days ago

> If you'd never had the whole open software vs. free software debate,

how does one go through life as a software person and miss out on that formative experience? it's like saying you never heard of vegans.

williamcotton

2 days ago

Tangential to licensing, open source in the terms you’re describing is at the very least going to put into question any legal arguments about trade secrets.

CrimsonRain

2 days ago

who died and made OSI the sole authority?

Closed/Open, Free/Paid are orthogonal.

That's why a term called FOSS exists.

klez

2 days ago

The fact that they coined and defined the term in relation to software in the first place, I'd say.

lolinder

2 days ago

They had already lost control of the term by 1999 when they tried to trademark it:

https://opensource.org/pressreleases/certified-open-source.p...

klez

2 days ago

I'm not sure I understand the reasoning that "no trademark" == "no authority".

Taxonomists don't have a trademark on "Canis familiaris" but we tend to respect their opinion on what is or isn't a "Canis familiaris". If someone points to a dingo and tells me "that's a Canis familiaris", I say "it isn't, according to taxonomists" and they told me "who died and made taxonomists the sole authority" I would raise an eyebrow.

user

2 days ago

[deleted]

lproven

2 days ago

> who died and made OSI the sole authority?

I have often thought the same recently.

> That's why a term called FOSS exists.

And that is a key part of the problem: conflating FS (Free Software) with OS (Open Source) to give F(OS)S.

The thing is that Free software and Open Source _don't_ quite mean the same thing, but we treat them like they do. They are close but not identical.

Also see the recent kerfuffle about RHEL and CentOS.

Free software: do whatever you want with it, including sell it, but give your users the source code. The GPL is a FS license not an OS licence.

Not the world. Not open to all. The GPL 1/2/3 etc only says, clearly and distinctly, users. If you sell your free software, then it's only the customers that get the source, and that is 100% fine and OK.

OS is a different emphasis: it was designed to appeal to companies, businessmen and managers. You get the source, so we are giving you control, agency: you can't have it stolen from you.

But it was phrased in terms of sharing and openness.

That's what OS means, because the OSI says it is.

So BSL licenses say "you can have the source, and you can contribute back changes, but we still own it, and you can't use it in prod without paying or re-sell it."

That's a restriction of use. That's neither OS nor FS.

Whereas RH's use is 100% FS compliant but gets the OS folks annoyed.

But OS is not the same as FS. What RH is doing with RHEL is FS but not OS. It's not open to the world but the GPL never said it had to be.

I don't know what the best answer is here.

I wonder if it's time for a new term which leans on the English primary meaning of "free", as in at no cost, gratis.

"This software is free to get, free to use, and free to fork, but only so long as you do not charge for whatever purposes you employ it. If you obtain revenue from running it, supplying its output, modifying it, you sell products with it built in, or any other revenue-generating operation you must pay back X% of your revenues/profits/whatever to the creators. This also applies to downstream modified versions."

IANAL. A lawyer could do much better, I am completely sure. It might not be easy but I suspect that there is a way.

bruce511

2 days ago

>> The thing is that Free software and Open Source _don't_ quite mean the same thing, but we treat them like they do. They are close but not identical.

I agree. They're mostly differ on the effect they have on the -rest- of your code.

>> Not the world. Not open to all. The GPL 1/2/3 etc only says, clearly and distinctly, users. If you sell your free software, then it's only the customers that get the source, and that is 100% fine and OK.

I read this into OSS licenses as well? ie Users not everyone.

consteval

2 days ago

> who died and made OSI the sole authority?

The people who "died" are all the dumb, short-sighted companies who use terms like "open source" when their software isn't.

We wouldn't be having this discussion if people would just stop being disingenuous. But no, that's not an option.

You can't trust a company saying they're "open source". That could mean next to nothing. So we look to the OSI and see what they have to say.

atlaspooryorick

2 days ago

And completely non-legal devs stop trying to write software licenses. You talk to the average dev and they've no idea what a license grant is, the difference between copyright and licenses.

Which is fair enough, but any custom made license is extremely unlikely to be written in a way that it can be enforced when need....

leni536

3 days ago

I think the author would have been fine with a "source available" license that allowed them to contribute back the usual way (fork + PR).

dustingetz

2 days ago

why not call an OSI approved license “OSI approved license”?

FinnKuhn

2 days ago

Because 90% of people would have no idea what that means. Open source on the other hand is usually something many people have at least heard about or read somewhere.

alkonaut

3 days ago

Yeah The Reference Source License is a "source available" license. It's not "open source" in the OSI sense that it can be contributed to or used for any other purpose. For a security product, "source available" is MUCH better than nothing at all (closed, proprietary). Not sure why these people chose the Microsoft reference license for their product, but I guess if you are in a hurry and you need an example of a source available license then I'd also consider just grabbing one from a megacorp that probably had armies of lawyers go over it.

notfed

2 days ago

> Once he determined it was not an OSI approved license then that should be the end of it. It's not Open Source. period.

Where in OSI's "Open Source Definition" [1] does it say a license must be approved by OSI to be Open Source? If that was really part of the definition, they could have had a much shorter definition!

Another thing I find funny is that CC0 isn't "OSI approved" either, because of something about patents. But strangely, the "Definition" never mentions patents. But CC0 is not approved, so apparently CC0 is not open source.

[1] https://opensource.org/osd

buu700

2 days ago

Pretty much this. Using the term "open source" (rather than "shared source", "public source", or "source available") was a good faith mistake, and we fixed that once it was pointed out.

Beyond that, I'm not really sure what the purpose of this post is except to complain about the fact that commercial software exists.

christkv

3 days ago

I vaguely remember someone calling these kind of licenses open code or open access code instead of open source.

darby_nine

3 days ago

When did people start taking "open source" as a label seriously? The term means nearly nothing in material terms about what you can actually do with the source code. Certainly if you can build a business off it without distributing the source it's not very useful and certainly not much more "open source" than throwing proprietary code on github.

bruce511

2 days ago

>> When did people start taking "open source" as a label seriously?

In the late 90's.

>> The term means nearly nothing in material terms about what you can actually do with the source code.

correct. The term means nothing in and of itself. The license determines what you can do with the code. there are a bunch of licenses that conform to the OSI definition of Open Source. If a company claims to be "open source", but then does not fit the definition of Open Source then they should expect some push-back.

darby_nine

a day ago

Sure, but the OSI does not have meaningful values. Why do you giving them credence?

actionfromafar

a day ago

Be that as it may, it’s still something to be aware of.

actionfromafar

2 days ago

Enterprises typically care about the OSI definition of Open Source to the t, only allowing exceptions like Sqlite.

darby_nine

a day ago

Enterprises also do not share values with the rest of humanity, so it makes sense they would support the concept of "open source" over actually free software

umanwizard

2 days ago

sqlite is public domain, how is that not OSI approved?

0x_rs

2 days ago

Public domain is not OSI approved. They also don't approve of CC0. It's an example of why the general, common sense definition of the term "FOSS" doesn't (and shouldn't, I believe) align with OSI's, but it doesn't matter most of the time, not to the average user or developer.

https://opensource.org/blog/public-domain-is-not-open-source

umanwizard

2 days ago

That’s weird, but I guess it makes sense since public domain isn’t valid in all countries.

jusomg

3 days ago

I will only add that non-standard licenses also hurt adoption, specifically in medium/big businesses/enterprises.

Most organizations understand common open source licenses and there's usually a blank statement that allows teams to use GPL/MIT/whatever-licensed software.

Anything outside that subset of licenses (even if they're permissive, open source or whatnot) requires a legal review and a lot of people won't go through the pain of that process just to use a library/service/app. It's easier to just choose something else.

Doctor_Fegg

2 days ago

> specifically in medium/big businesses/enterprises.

This is a feature, not a bug.

umanwizard

2 days ago

If you don’t want big companies to use your code just make it GPL, which is usually banned.

umanwizard

2 days ago

> there's usually a blank statement that allows teams to use GPL/MIT/whatever-licensed software.

In my experience: MIT yes, GPL no.

dataflow

3 days ago

> The wording still precludes me forking this repo on GitHub.

AFAIK that's irrelevant per GitHub's TOS, which users agree to:

By setting your repositories to be viewed publicly, you agree to allow others to view and "fork" your repositories (this means that others may make their own copies of Content from your repositories in repositories they control).

If you set your pages and repositories to be viewed publicly, you grant each User of GitHub a nonexclusive, worldwide license to use, display, and perform Your Content through the GitHub Service and to reproduce Your Content solely on GitHub as permitted through GitHub's functionality (for example, through forking).

AIUI you therefore always have the right to fork something on GitHub.

https://docs.github.com/en/site-policy/github-terms/github-t...

actionfromafar

3 days ago

Cave-at. If someone shares something on github which they do not have the copyright to, nor license for, then that can impossibly be okay to fork on Github.

Digit-Al

3 days ago

You are correct. Github's license terms are a hedge against that sort of thing. They are basically saying "the person making this source available is granting the license to d these particular things" - therefore, the user making the source available takes on the responsibility for making sure they actually have the authority to make this source available. If they do not have this authority then they are the ones that will be sued - not Github nor any users who cloned the code.

spookie

3 days ago

I've seen people forking Unreal Engine on GitHub without any restrictions for public view. Makes one think about this kind of thing.

LegionMammal978

2 days ago

Though beware: you do have license to fork it on GitHub, but you don't necessarily have license to clone this fork locally.

(Then again, that makes me think: does that mean you could use a modified copy however you want, as long as you only do it over GitHub CI?)

free_bip

2 days ago

I would think the statement "this means that others may make their own copies of Content from your repositories" is referring to cloning the forked repos locally.

LegionMammal978

2 days ago

I wouldn't read it that way. The subsequent paragraph is very explicit in saying others can "use, display, and perform Your Content through the GitHub Service and to reproduce Your Content solely on GitHub as permitted through GitHub's functionality (for example, through forking)" (emphasis mine).

Instead, I'd read "copies of Content" as referring to copies produced and consumed entirely through GitHub's services, which can exist independently from the original. E.g., if you have a public repo, someone else forks it, and you delete the original, the other person can still view their fork on GitHub. They can also modify that fork through GitHub's services, e.g., by editing files via the website.

webprofusion

3 days ago

Agree it's complex, and when attempting to solve a particular problem you end up with yet another license every time.

What businesses in particular want is a "Yes, you can read the code and yes you help if you want to, but you can't use the code to make your own product" source-available license (because they have devs to pay, and being able to keep doing that is the first thing they need to protect).

I think such licenses do sort of exist but they're fragmented.

The root of this particular argument seems to the definition of Open Source meaning unconstrained use of source code, instead of source-available.

sph

3 days ago

I wish there were more standard open-but-not-open-source licenses available. Or open-but-only-for-personal-use or open-but-cannot-distribute.

Something standard and vetted enough that projects like these could adopt instead of having to write themselves.

hnlmorg

3 days ago

They didn’t really write this license themselves. It was Microsoft license that they slightly adapted after someone complained they couldn’t contribute.

The real issue here is that the product wasn’t open source despite being advertised as such. The licensed they used, Microsoft Reference Source License, isn’t an open source license. It’s more accurately described as “source available”. Ie you can view the source but you’re not really allowed to use it for anything.

orlandohill

2 days ago

The PolyForm Project has a set of standardized source-available licenses.

"The PolyForm Project is a group of experienced licensing lawyers and technologists developing simple, standardized, plain-language software source code licenses. PolyForm aims to fill gaps in the menu of standardized software licenses, like non-commercial, trial, and small-business-only terms."

https://polyformproject.org/

sph

2 days ago

This is exactly what I meant. Thanks and bookmarked.

jjmarr

2 days ago

Creative Commons has standardized non-commercial and no-derivatives licences.

https://creativecommons.org/share-your-work/cclicenses/

This covers some of the use cases you describe.

ksec

3 days ago

>I wish there were more standard open-but-not-open-source licenses available. Or open-but-only-for-personal-use or open-but-cannot-distribute.

Source Available. Something like Unreal or ONCE.

lifthrasiir

3 days ago

I think that label is also already taken, because "source availability" doesn't imply an ability to rebuild it from the source or even make a suggestion.

I guess there should be some compositional keywords for different aspects of non-F/OSS but not completely proprietary licenses. Source available, artifact buildable, artifact distributable under some conditions, etc.

ksec

2 days ago

Or Shared Source ?

lifthrasiir

3 days ago

(2020). Also the very existence of 100+ OSI approved licenses means that there are some reasons (or incentives) to invent new software licenses after all.

michaelt

3 days ago

Does it mean that?

Or does it mean corporate legal teams feel the same impulses that have lead programmers to produce 100+ javascript frameworks?

lifthrasiir

3 days ago

Making JS frameworks is much cheaper than doing necessary legal works to draft a new license. (Not all OSI-approved licenses are written by lawyers, but many if not most of them should have been eventually reviewed by lawyers at least once.)

Propelloni

3 days ago

> Making JS frameworks is much cheaper than doing necessary legal works to draft a new license.

Serious question: What makes you think that? In my world, a legal professional whips up a license in a few days, from there you iterate. It's pretty much like software development and neither more or less expensive. What I see is that legal work items often have more idle time, because we usually have less legal professionals than software developers and we often need to get feedback from people who are not readily available, thus potentially increasing cost of delay, but that's all I can think of. I'm certain I'm missing something. What is it?

lifthrasiir

3 days ago

Simple: most if not all JS frameworks are not profitable, so they are almost always driven by passion. (It will be much more expensive if you have to pay someone to write a JS framework for some weird reason.) That alone explains a proliferation of JS frameworks as the original comment questioned, while the number of different software licenses wouldn't be explained as such.

Propelloni

2 days ago

Ahhh, I see. Thank you. I didn't take this into account and was looking at the issue from a business perspective only. Thanks again.

usrusr

3 days ago

Much cheaper for the company footing the bill, and much less worthwhile for the expert convincing the company that it's a good idea to spend the money.

ordu

2 days ago

Mostly unrelated to the article, but the title stirred up memories.

~20 years ago I stumbled across the "Ё" license, that granted you all rights you can dream of with one condition, you must use the letter "ё" in its right place all the time. It is a Russian story, with some people loving "ё" and whining that outside of children books you can't find it, and other people trolling the first group by arguing that "ё" was a stupid addition from the very beginning, and even more stupid now.

Sadly I cannot google the text of the license now.

umanwizard

2 days ago

How often is ё really used by native speakers?

ordu

2 days ago

I cannot say numbers, because I don't watch for them... So I took a blog I read regularly, and counted top level comments to some post, I got 10 people used it, 4 didn't use, and 8 didn't use words with "ё", so I cannot say, do they use "ё" or not.

So, it seems people use it pretty often. But books "for adults" for some reason use "ё" only when replacing it with "е" leads to ambiguity.

LadyCailin

2 days ago

I’ve created a non-toy programming language, and at some point I intend on creating a package manager for it. The official repository for packages will require all code to be open source, and I’ve already decided to be opinionated about what that means. I’ll pick a handful of well known, and actual open source licenses (MIT, GPL, BSD, Apache Commons, etc) and require people that want to upload to this repo to select their license from the finite list. If they want to use another license, they are still free to do so, but they’ll have to stand up their own repository, and get users to add the repo to their sources list.

There’s just too many licenses, each with different (sometimes incompatible) requirements, so one advantage to being so opinionated is that you can add automatic checks to ensure you’re in compliance. For instance, if your library is MIT (only), you can’t use GPL dependencies. Most people probably don’t know this, so having tooling that helps enforce this ought to make things more compliant overall.

j16sdiz

2 days ago

TFA:

> What does "intended" mean here?

I don't understand what problem the author have. We have lots of law and case based on intention.

edent

2 days ago

Which ones specifically?

jasonlotito

2 days ago

Easier to ask which ones do not. Intent is all over the place in law. Seriously, I'm normally one for supporting providing citation, but just look up criminal intent, or intent in law, especially in the context of the US. The most well known intent based law is manslaughter. You killed someone but didn't intend to, as opposed to murder, where you did intend to.

But intent is all over law. It's similar to motive in that both are dependent on what the person is thinking. Intent being why they are buying the knife (to cut a steak), and motive being why they are using the knife (they are hungry).

mihaic

2 days ago

Almost all of the existing licenses were designed many years ago, before LLMs and enterprise cloud abused the open source model.

Only half jokingly, I wanted a couple months ago to change the license of a Javascript project I made to allow anyone to do anything with it, except train LLMs on it [1]. I couldn't find anything, so I cobbled together something which I'm sure is not in proper legalize. What were my options otherwise?

[1] https://github.com/mciucu/stemjs/blob/master/LICENSE

majewsky

2 days ago

Not a lawyer, so take what I say with a grain of salt, but I expect this license to be unenforceable because the statement in paragraph 1 contradicts the very broad grant in paragraph 2.

anilakar

3 days ago

In other words, please stop pretending you're open source.

buu700

2 days ago

Cyph cofounder here. To be clear, the primary purpose of the license change was to allow users to validate reproducible builds of our code against the production version of Cyph without fear of technically violating the Ms-RSL license. OP's feedback was appreciated, but mostly unrelated to the license change except insofar as it reminded me to touch base with our counsel on the topic.

If there's an alternative license to the Cyph-RSL that meets our needs, I'd be happy to consider it, but I don't see any particular problem with the fact that we authored our own.

sneak

2 days ago

This article could be summed up with “many projects are engaging in open source/free software cosplay”.

There are lots of projects that claim to be open source, and either are lying/don’t have free software licenses (CapRover, for example), or don’t work like an open source project is expected to (VS Code, Chromium), denying patches being integrated even if they fit project standards and provide benefit to users.

notfed

2 days ago

Also worth mentioning that, in the time since this article was written, Signal Messenger is now post-quantum secure [1], and has always been free and actually open source.

[1] https://signal.org/blog/pqxdh/

ProxCoques

3 days ago

AFAIKT, even the "Popular/Strong Community" list on https://opensource.org/license all just essentially say you don't have pay for the source code, can't complain to the authors if it goes wrong, and then some variations around not treating it as your own code.

(BTW their filters work funny)

lifthrasiir

3 days ago

FYI: Update filters and refresh the page to get the correct list. (Yes it is wonky...)

eddiejaoude

2 days ago

So many companies try to scam the community, by calling themselves open source but many are not. Great to see you checked and called them out.

We should support and reward the real companies that are actually open source, and who care about the community and transparency!

fergie

3 days ago

Its almost as if some companies coughElasticcough want the upsides of being open source without having to, you know, actually be open source.

echelon

3 days ago

You should be able to be open source to your customers, but closed source to hyperscalers like Amazon with 1000x your scale and budget.

bruce511

3 days ago

You can do that. There are lots of models. Just don't call it Open Source. That term has a meaning, and you may not like the meaning, but that doesn't mean you change the term. It means you publish under a different license.

mickael-kerjean

3 days ago

Working on a OSS product myself, there's a much darker side I've seen played out many times by many companies including well known ones like Deutsche Bank and Royal Bank of Canada where they abuse your time and knowledge by making you think they will purchase support from you but end up never doing it.

mschuster91

3 days ago

The problem is, the assumption under which the "old" OSS models operate no longer hold true - primarily, that the actors (which used to be universities) play fair and contribute back to the ecosystem, and there is no reckless exploitation by single actors that kill off other actors who do contribute back.

I do love open source software, I contribute to open source software in all kinds of ways from filing bug tickets over develop workarounding hacks to legitimate enhancements. I have no problem with small and medium businesses can profit off of that.

But I - and many others - have a serious problems with (especially) the large hyperscalers doing just about nothing to contribute back. We need licensing models that prevent hyperscalers squeezing out the rest of the ecosystem like fucking lemons and keeping all the revenue.

bruce511

3 days ago

>> The problem is, the assumption under which the "old" OSS models operate no longer hold true - primarily, that the actors (which used to be universities) play fair and contribute back to the ecosystem, and there is no reckless exploitation by single actors that kill off other actors who do contribute back.

I think it's more likely your assumption that "fair" has got anything at all to do with licenses. It's never been about "fair" and it's never been about "contributing back". (I'm not aware of either of those terms appearing in any license I regularly encounter.)

Open Source is not about "fairness". And it's certainly not about "contributing back". It's a license under which software can (and in some specific cases) must, be distributed.

To me, the problem is, that people don't understand what is actually written in the licenses, and so in that absence make up all kinds of alternative ideas about what it means just from the title.

>> But I have a serious problems with (especially) the large hyperscalers doing just about nothing to contribute back. We need licensing models that prevent hyperscalers squeezing out the rest of the ecosystem and keeping all the revenue.

Fair enough. Then stop developing under a license that let's them do exactly that. Clearly (some / all?) OSS and Free licenses do not fit your goals. So stop developing under them.

What you do with your time is up to you. What license you choose for your code is up to you. What projects you contribute to is up to you. But don't complain about others when they simply exercise their rights under those licenses.

klez

2 days ago

> It's never been about "fair" and it's never been about "contributing back".

I've agreed with basically everything you said everywhere in this thread, but this is, imho, historically inaccurate.

Both Free Software and Open Source exist because of socio-political reasons, that are then implemented via legal means.

Free Software was born because Stallman thought that he should be able, as a user, to use, inspect, modify and redistribute modifications to software that ran on his own machine, because that's the moral thing to do. This can be enforced via licenses that make sure the user have this freedom.

Open Source is a software development model, inspired by the development of the Linux kernel, born because its proponents were convinced that the more people worked on a piece of software the higher the quality of that software would be. This can be enforced via licenses that make sure developers have the freedom to inspect, modify and redistribute their modifications (plus a bunch of other things listed in the OSD[0])

In other words, the licenses are just the means through which you realize, on one side, the "fairness" (or the ideological/political objective, in the case of Free Software) and on the other the "contributing [back]" (or the technical and social objective in the case of Open Source Software, even thought I agree this one's a bit of a stretch).

[0] Which is, in a way, more restrictive than the Free Software definition. This is, IMHO, ironic considering that many people view the FSF as the zealots and the OSI as the pragmatists.

bruce511

2 days ago

I hear you, and I agree with your summary of the origins. From Stallman's point of view the "fairness" (if we view it in that light) is that the _user_ has all the rights, and the _developer_ has none. He wanted to fix a printer driver (as a user of that printer) and so he believed he should have access to that code.

He approached it very much from the user point of view - and certainly that is born out in the Free licenses, and in many ways (sans virality) in Open Source ones. If "fairness" is implied, it's very much in the direction of the user (which makes sense given the context of the time.) I would argue that the FSF licenses skew so heavily towards the user that they are anything but fair.

What I have a problem with is that "current" companies (the object of this thread being a case in point) want to water down these user rights. They want to give more rights to developers. They want developers to have some control - to limit who can run the software, who can profit from it, and so on. All in the name of "fairness" so the little guy can stand up to the big guy.

I'm all for fairness. I'm all for companies having the right to determine how their work can be used, and by whom. I have nothing against licenses that promote that. All I note is that those are not Open Source licenses. Most of my own projects are under a source-supplied license. It's not Open Source. And I don't claim it is.

The equivalent argument exists about giving back. Stallman wanted to edit the driver and give it to his friends. He wasn't driven by the desire to push those changes back to the original authors, and he wasn't driven by any moral impetus to require people to feed things back to him (in terms of code, or money.) Given how much effort he put into the license I can't assume he just "forgot to put that in."

Does some section of the community contribute back? yes, of course. Is it a requirement of the license though? Specifically not. OSS and Free licenses go out of their way to confer freedoms on the -users-. Some (very, very, tiny) percentage of users feel a moral obligation to donate finances, or contribute code. And there's nothing wrong with that (obviously.) But the license does not implicitly, or explicitly, require that.

One can of course complain that "big company x" is using work without "giving anything back". But when they are using it within the terms of the license, a license you as the author explicitly chose, it rings a bit hollow to me.

Of course lots of companies abuse the term because they want the benefits (marketing, technical etc) of declaring themselves Open Source. But then to release under a non-open-source license is slimy (at best). Or they release under the OSS license, and complain when the product is adopted by "the wrong people." Which (at best) just means they didn't bother to understand the license they were releasing under.

aleph_minus_one

3 days ago

> But I - and many others - have a serious problems with (especially) the large hyperscalers doing just about nothing to contribute back. We need licensing models that prevent hyperscalers squeezing out the rest of the ecosystem like fucking lemons and keeping all the revenue.

If you have a problem with this, license the product, for example, under GNU Affero General Public License (AGPL).

Doctor_Fegg

3 days ago

I used to suggest WTFPL for that, but unfortunately Google now allows WTFPL-licensed code (https://opensource.google/documentation/reference/thirdparty...).

I've written the even swearier FUPL as an alternative (FU standing for exactly what you think it does), but haven't had the cojones to use it in anger yet. https://pastebin.com/knPbAycm

duskwuff

3 days ago

One fun recent option I've seen is the NWSL (Nuclear Waste Software License), which begins:

> This software license is a message... and part of a system of messages... pay attention to it! Writing this software and associated documentation files (the "Software") was important to us.

It's functionally equivalent to a two-clause BSD license, but I pity the fool who tries to get their legal department to approve it.

https://github.com/ErikMcClure/bad-licenses/blob/master/NWSL

(The repository has a couple of other amusing licenses which you may wish to peruse.)

user

2 days ago

[deleted]

yencabulator

2 days ago

Tell me you don't know what Open Source means without telling me you don't know what Open Source means.

> 5. No Discrimination Against Persons or Groups

> The license must not discriminate against any person or group of persons.

2Gkashmiri

3 days ago

I personally see "OSI approved license is only open source license" argument as childish. Free software and free license OTOH, is much wider and is beyond the triviality of the fact whether OSI has approved a license or not.

That said, "free software" movement what that is, is elastic sspl a free software ideology compatible or not?

johannes1234321

3 days ago

What OSI mostly does in that space is giving a definition for "open source" https://opensource.org/osd

Having a definitions for a term is good, as it makes sure thee is a common reference in usage. If everybody uses a different definition it hinders discussion.

If that definition doesn't serve your needs better use a different term (there are more or less related other terms like free software, shared source, libre software etc)

Licenses more or less automatically fall under that definition or not (yeah, yeah, there is a process by OSI for certification, but that is relatively close to the definition)

frumper

2 days ago

I've always read the term open source as the source is available for me to read so I know what I'm running. Beyond that if I'm an adventurous sort then I could try and compile it to run for my personal usage. Windows 95 was closed source because we couldn't read the source code, not because we couldn't contribute or fork it.

lmm

3 days ago

The OSI's open source definition agrees with the FSF's free software definition and Debian's DFSG. The SSPL is none of those. "OSI approved" is a useful line in the sand that, in practice, tells you whether a license is free software or not, and avoids endless bickering. Which is in fact a far more adult approach than trying to do everything from first principles every time.

chrisandchris

3 days ago

Is it? It's about knowing what you're getting into and what (and specifically what not) the provider of the source expects you to do. If you take a well-known license, people know what they get and, imho, maybe some larger provider will pick up your software and let your business grow. If you do a custom license, legal may say no and people avoid your software.

I also think one shouldn't mix free software/free license and open source. Elastic is IMHO compatible to a free software, but it's not really open source (just source available).

llm_trw

3 days ago

Being open source is not a great thing to aspire to. After all, it's just free software for people who don't want to give their users the source code.

klez

3 days ago

What definition of "Open Source" are you talking about that allows to not give your users the source code?

llm_trw

3 days ago

The MIT license for one.

actionfromafar

3 days ago

It's a reference to that GPL protects user access to source. (Sour grapes that the term Open Source encompasses Free Software as defined by FSF, I'd say.)

klez

3 days ago

The second point of the Open Source Definition is literally:

> 2. Source Code

> The program must include source code, and must allow distribution in source code as well as compiled form

So I'm still not sure what they're talking about.

Unless they're talking about MIT, BSD, Apache, etc. licenses, that allow third parties to redistribute compiled binaries without having to provide source code, in which case the point is still weird, since they are still considered Free Software licenses by the FSF.

Suzuran

2 days ago

I think they are referring to the MIT license and similar, but not wording it well. I can take something that is MIT-licensed and incorporate it into a closed-source commercial product, and I am not forced (as I would be with the GPL) to open-source my entire commercial product. They feel this is not truly "Open Source" and it is wrong to accept licenses which allow this behavior as "Open Source".

actionfromafar

2 days ago

The last paragraph is exactly what I mean. Yes, it’s weird or at least not articulated well. Even FSF believes MIT is a free license, albeit in their view, an inferior one.

rellfy

3 days ago

There's nothing wrong with releasing software under a license that allows contributions but disallows commercial use, which is what Cyph was attempting to do:

> We're a small startup with a significant amount of time and money invested into the development of Cyph. We recognize the need for anyone to be able to review the code and verify our production build against it from a security perspective, but at the same time it would be problematic if an unrelated third party could just stand up their own instance of Cyph and directly compete with us at this stage. We would be much more inclined to fully open source Cyph at a later stage of the business.

I disagree with the philosophy of forbidding any contributions just because they are not fully open-source for commercial purposes.

This seems like a very common scenario for software that is almost "open source" except for not allowing commercial deployments. I would be surprised if there is no existing licence to cover this use case, but it will not be fully open source of course. Which again doesn't mean that all contributions need to be forbidden.

chihwei

3 days ago

There are bunch of well known source available licenses, such as BSL 1.1 (https://mariadb.com/bsl11/). No need to invent a new license that gives more confusions.

im3w1l

2 days ago

non-production use is pretty vague. And like the entire license hinges on that word being correctly understood.

inhumantsar

2 days ago

ianal but I think it's done this way to allow for some latitude in interpretation. gives licensees the ability to get things going, eg as a private beta, and seek a commercial license when they're ready instead of worrying about that up-front. also gives both parties the ability to argue whether a particular situation counts as production use if the dispute ends up in court.

im3w1l

2 days ago

Maybe so, but it's a pretty weird license to point to if you want to make the case that we already have a good enough license and don't need more.

bruce511

3 days ago

I'm not sure what "forbidding" you ate referring to? Who forbids? Who feels bound by such forbidding?

Not open source is more than welcome to accept contributions and people are free to contribute to anything they like.

There's also no such thing as "fully open source". It's either open source or it's not.

There are lots of business models. Open source is one very specific model. Please don't call it Ooen Source if it's not that.

lifthrasiir

3 days ago

That's unfortunately a very narrow sense. In fact, the most common definition of open source implies open governance because of the wording. The exact definition will vary depending on exact authorities (OSI vs. FSF), governance transparency, relationship with patents, treatment of non-software contents and many others. This ambiguity is why I never say "open source" alone, at the very least I say F/OSS to be clear. Maybe I should start saying something more soon.

bruce511

3 days ago

Open Source is a specific thing. Free Software is a specific thing. When I say Open Source I mean Open Source. When I say Free Software I mean Free Software. The two are not equivalent.

Open Source is defines by OSI. Free Software is defined by FSF. (The clue is right there in the name.)

Feel free to refer to F/OSS if you want to refer to both. You definitely should be saying something more if you wish to include other models.

>> In fact, the most common definition of open source implies open governance because of the wording.

eh? I disagree with this. Open Source does not imply Open Governance. I'm not sure any license discusses governance at all. Organisations have governance rules, not (most / all ?) Licenses.

Your reading of the license name to imply some form of governance is, in my opinion, unwarranted.

lifthrasiir

3 days ago

> Open Source is a specific thing. Free Software is a specific thing. When I say Open Source I mean Open Source. When I say Free Software I mean Free Software. The two are not equivalent.

The hint is that you have slightly changed your terminology there, intentional or not. The capitalized terms "Open Source" and "Free Software" indeed have specific definitions. But generalized and thus non-capitalized words "open source" and "free software" had been fuzzier, and pretty much all conversations about F/OSS deal with that sense (the "common" sense hereafter). In fact the notation F/OSS is an acknowledgment that both words are, nominal definitions notwithstanding, used as if they are synonyms to each other.

> Open Source does not imply Open Governance. I'm not sure any license discusses governance at all.

Under the "common" sense, they are heavily related and this has been one cause of maintainer burnouts. Again, I don't like the term "open source" (capitalized or not) for that reason too.

klez

2 days ago

> But generalized and thus non-capitalized words "open source" and "free software" had been fuzzier, and pretty much all conversations about F/OSS deal with that sense (the "common" sense hereafter).

You'll have to provide some source for this argument. The very fact that we're having this conversation means that the fact that "Open Source" and "open source" are different things is, at the very least, controversial.

"Free Software" has been a controversial term since the late 80s, I'll give you that, but the only confusion it ever brew was between "free as in freedom" vs "free as in free beer", and people thinking the term "free software" means "software I don't have to pay for" is rather common.

But, as I said in another subthread, this whole mess about the meaning of "open source" only started recently when people started overloading the term to mean something other than "whan has been defined as 'Open Source' by the people who coined that term in regards to software in the first place" (i.e., the OSI). There was no confusion 10 years ago.

lifthrasiir

2 days ago

Even 10 years ago, it was already very common to assume that "open sourced" softwares should necessarily open their development process. I have several first-hand accounts and tried very hard to decouple them to no avail. And this confusion was built into the origin of that term; esr's highly influential The Cathedral and the Bazaar [1] exactly suggested that after all. It is no surprise that the term became even fuzzier by now.

[1] https://www.catb.org/~esr/writings/cathedral-bazaar/cathedra...

bruce511

2 days ago

I feel that applying "common sense" to legal documents may lead you into trouble.

That aside, there are as many governance models are there are licenses - and they two are not linked in any way. I've certainly seen plenty of Open Source projects which are not in any shape or form Open Governance.

lifthrasiir

2 days ago

> I feel that applying "common sense" to legal documents may lead you into trouble.

Of course IANAL and we are not even talking about the legal aspect here, but legally speaking to be pedantic, the common sense does play a role when there is a reason to believe that some party failed to understand a deeper legal meaning. You can't arbitrarily replace any word in legal documents provided that definitions are given in advance, after all.

> That aside, there are as many governance models are there are licenses - and they two are not linked in any way.

Nominally not, but they are linked in the way that some sort of openness is heavily expected for most "open source" projects.

user

3 days ago

[deleted]

user

2 days ago

[deleted]

rambambram

3 days ago

Please fit in the exact little box that I have of you in my mind and stop deciding for yourself what you want to do with your stuff.

I beg your pardon!?

surfingdino

3 days ago

Microsoft dropping "open source" licenses into the Open Source ecosystem? Why am I not surprised? The ghosts of their "Linux is Cancer" campaign just cannot die.

b_shulha

2 days ago

This is why I like Fair Source License. It protects the company's IP but gives a community legal ways to contribute & use software for their needs.

https://fsl.software

michaelmior

2 days ago

The link you gave is to the Functional Source License. Did you mean to use a different link? If you were referring to the Functional Source License, it's worth noting that it is explicitly not open source.

b_shulha

2 days ago

Right, that's a good addition. Thanks.

However, it solves problems the author mentions in his article: you can freely contribute and use the software as you wish, just don't create a competitive company using the recent versions of the sources.

And in 2 years the code becomes true OSS - either MIT or Apache 2.0 (or anything else you want - the FSL itself is pretty short so you can easily adjust it to your needs without spending hours on lawyer consultations).

BTW, the FSL is driven by Sentry, and they have created an org to cover the fair usage licensing: https://fair.io (that's why I have mistyped the FSL name in the original comment).

b_shulha

2 days ago

This is the core part of FSL-1.1-Apache-2.0. For MIT it is the same, just the "Grant of Future License" paragraph mentions the corresponding license.

---

License Grant

Subject to your compliance with this License Grant and the Patents, Redistribution and Trademark clauses below, we hereby grant you the right to use, copy, modify, create derivative works, publicly perform, publicly display and redistribute the Software for any Permitted Purpose identified below. Permitted Purpose

A Permitted Purpose is any purpose other than a Competing Use. A Competing Use means making the Software available to others in a commercial product or service that:

    substitutes for the Software;

    substitutes for any other product or service we offer using the Software that exists as of the date we make the Software available; or

    offers the same or substantially similar functionality as the Software.
Permitted Purposes specifically include using the Software:

    for your internal use and access;

    for non-commercial education;

    for non-commercial research; and

    in connection with professional services that you provide to a licensee using the Software in accordance with these Terms and Conditions.

phkahler

3 days ago

Going one level up from the title one should want to avoid OSI licenses. Their original purpose was to approve new licenses. MIT, BSD, and the GPLs already existed, so OSI "approving" more was IMHO not very helpful. Anyone not satisfied with those options was usually trying to add some level of control. Even with a well written new license you cause developers problems wondering about "license compatibility" when they try to combine code under different licenses - a practice that is really useful but often overlooked by license creators.

JimDabell

3 days ago

All new licenses that apply for OSI certification have to fill a gap that existing licenses don’t cover:

https://opensource.org/licenses/review-process

firesteelrain

3 days ago

I haven’t looked but taking what the author is saying at face value - there are 100 unique gaps requiring 100 new licenses?!

JimDabell

2 days ago

No. The author pointed out there are over 100 OSI licenses, not over 100 new OSI licenses. Many of those are pre-existing licenses, superseded licenses, etc.

firesteelrain

2 days ago

You said “ new licenses that apply for OSI certification have to fill a gap that existing licenses don’t cover”

That was my point - there are 100+ gaps?

JimDabell

2 days ago

No. I’m not sure what you aren’t understanding? There are 100+ total, not 100+ new.

firesteelrain

2 days ago

I am not sure what YOU are not understanding. Your original comment said:

"All new licenses that apply for OSI certification have to fill a gap that existing licenses don’t cover"

Author said 100 total. Again, why are there 100 unique cases that 1 license or maybe a few don't already cover?

That's my question!

yencabulator

2 days ago

Compare when license was written vs when OSI added it to their list. OSI had to play along with the existing licenses. New licenses get less leeway.

firesteelrain

2 days ago

I get that but OSI started in 1998 and there were only a few.

OSI has reviewed and approved 100 or more licenses. My point still stands - do we really have that many gaps or unique requirements?

yencabulator

2 days ago

OSI approved a bunch of pre-existing licenses when it was still establishing itself -- that is, they did not require a "gap" to exist at that time, so your question is based on a flaw premise.

For quite a long time now, they've been trying to get people to use the already-approved ones.

https://lists.opensource.org/pipermail/license-review_lists....

firesteelrain

2 days ago

That’s not true - OSI has approved about 85 and assumed the rest.

They may now want to slow or stop new licenses but that wasn’t the case.

My point still stands.

mnky9800n

3 days ago

You know what I hate about these days is this is a blog I enjoyed but then I got to the post about hacktoberfest and it occurred to me, what if this was all written to advertise hacktoberfest and the author got paid in some way for this? What bothers me about it isn't whether or not it happened, it's that I questioned the authenticity of the author simply because he posted a link and what if he did so because he was paid to do so as opposed to simply being interested. Which is exactly the internet I want to live in. One where people write interesting things and share links to other interesting things.

crimsoneer

3 days ago

Of all the blogs on the internet I'd trust to not be covertly "shilling", I'd put this one in the top... Like, maybe 1?

edent

3 days ago

Thanks! I'll stick your cheque in the post.

edent

3 days ago

I can exclusively reveal that I have received several t-shirts from Hacktoberfest. Indeed, I'm wearing one right now. My laptop also has many of their stickers.

They didn't pay me to write this blog though.

Of course, you have no way of knowing if that's true. Just as I have no way of knowing if you were paid by a rival to spread discord.

mnky9800n

3 days ago

My point isn't that this happened. I don't think anyone did anything other than write and read a blog post. It's that we exist in a world where it could and therefore the thought that I might need to question the authenticity of things is ever present which I find troublesome.

edent

3 days ago

This isn't a modern problem. Shakespeare was paid handsomely by the Crown - hence his somewhat hagiographic biographies.

You will never find writing which is free from bias and influence. You can either make peace with that and find ways to mitigate against it, or you can remain in distress.