This behavior is antisocial, and completely destroys the offering/concept for everyone.
I have a bootstrapped software company with an open-core product. Meanwhile, a VC-backed startup that has raised over $100m of funding decided to use one of my core open source libraries (which they haven't contributed to in any way) for a critical component of their commercial product, which also overlaps with my product's functionality in some ways.
In response, I eventually made the difficult decision to archive that library's repo and moved its functionality into my main product in a way that prevented external use. So then this startup created a hostile fork of my library, and started to implement functionality that is only present in my own commercial product.
After that, I had to waste several months of unpaid time just to make their fork of my own library no longer easily compatible with recent versions of my own product. Some time later, finally the startup decided to abandon use of my library altogether and wrote their own similar library (which was undoubtedly much easier for them, being able to see all the edge cases my library already handled).
My lesson from all this: I will never create another new large open source product ever again. Too many sociopaths out there for the system to work at all. If I ever decide to make something source-available, I will consider BSL.
And before someone says "why not AGPL?", it is because many companies don't touch AGPL software with a ten-foot pole. My sense is that adopting AGPL for a brand new product typically causes the product to be dead on arrival. That said, I would honestly love to be wrong here.
If there are a lot of AGPL open core / commercial FOSS companies that have been successful, please share examples, I say this genuinely and without snark.
Books are rivalrous and excludable goods. If you take all the books, then others can't enjoy them. Open source software is non-rivalrous and (mostly) non-excludable. This is the thing that makes free software possible. And it's also the thing that makes it unlike the book example.
> decided to use one of my core open source libraries (which they haven't contributed to in any way) for a critical component of their commercial product, which also overlaps with my product's functionality in some ways.
This is really terrible, and I'm sorry to hear that it happened to you. But as far as I'm aware this has always been the whole point of "permissive" licenses. Licenses like MIT and (Berkeley) BSD subsidize the private sector with work done by the universities. The core idea, at least compared to GPL licenses, is to allow businesses to profit off of donated work. So while I sympathize with you, it seems like you deliberately chose a license that allowed and encouraged exactly the behavior you saw.
> And before someone says "why not AGPL?", it is because many companies don't touch AGPL software with a ten-foot pole.
This is presumably because businesses don't want to use software that creates in them obligations to give back. But you do want them to give back, or at least you don't want them to take too much. So I feel like there's a fundamental tension here. You're trying to make your project appealing to businesses by telling them they can take it for free and give nothing back. But you're also saying that behavior is "antisocial" and "completely destroys the offering/concept for everyone."
Sure, and if your company takes a bootstrapped commercial open source product that it didn't develop or contribute to, and then pays several employees a salary to do things which actively reduce that product's ability to develop a sustainable revenue stream, then you definitely risk permanently destroying that open source product.
On a macro level, if many companies do this, the entire ecosystem of open source begins to falter. Hence all the moves to BSL, SSPL, Commons Clause, etc.
I was making an analogy to that. If some people keep taking all the books and selling them, the system falls apart, and people stop putting free books in the box.
> it seems like you deliberately chose a license that allowed and encouraged exactly the behavior you saw.
"Allowed", yes. But nothing in the license I chose (Apache License v2) actively "encourages" the behavior of using a project in a way that actively destroys the project. (Nor does it discourage it either.)
> You're trying to make your project appealing to businesses by telling them they can take it for free and give nothing back. But you're also saying that behavior is "antisocial" and "completely destroys the offering/concept for everyone."
I have no problems with businesses using a project for free and giving nothing back, on its own. I do have a problem with businesses taking a project, and profiting off it while also directly competing with it and/or forking the project in a way that directly kneecaps the project's revenue stream. That is what I am calling antisocial and destructive.
Meanwhile I put some of the core logic (database schema introspection and diff'ing) in a separate library and repo, since it could be re-used for other applications in case my original product didn't get traction.
Fast forward many years, and the product has been fairly successful. The open source edition of the product has been used by many hundreds of companies and has been downloaded 1.2 million times. And in terms of the paradigm shift, the push/pull schema change semantics that I invented have been copied by several much larger projects, such as Prisma.
The separate library was used by a few companies too (e.g. by Canonical for one notable case), but mostly for internal use-cases, not things that directly competed with my product. I think most folks had enough moral fiber or common sense to understand that using the library in a competitive way would result in the library being killed off. What other choice did I have? I wasn't going to let my business be killed by a hostile fork of my own library.
> My sense is that adopting AGPL for a brand new product typically causes the product to be dead on arrival.
It may hinder adoption (in the corporate world) but not contribution to the source. And if you want to promote the spirit of opensource and make money too, dual licensing with xGPL is the best way to go. MySQL is a successful example of this licensing and business model.
Just because dual-licensing has been successful in a very limited number of exceptional situations, does not mean that it is a reproducible path towards building a sustainable software business.
Also keep in mind:
* MySQL hasn't been an independent business for over 15 years. AFAIK there is no public information on its revenue or profitability.
* Much of Oracle's recent work on the product has been on MySQL Heatwave, which is only available as a managed service.
* Most MySQL Community Edition commits come from Oracle.
* Meanwhile the company behind MariaDB, arguably a more "open" fork of MySQL, is having financial problems and may well end up having its stock de-listed soon.
* The non-open-source Business Source License was originally created by MariaDB for their MaxScale product. The license's existence is fully backed by Monty Widenius, original creator of MySQL.
To be clear, I'm not saying any of the above to criticize Oracle or MariaDB. Rather, just pointing out that a general statement of "dual licensing with xGPL is the best way to go" is not really backed by the facts on the ground.
I must ask, do you run a commercial open source business yourself?
I agree fully with your *GPL point of view and have seen that in practice many time.
It is in the written guidance for open-source in the company I work for, along the lines “for GPL-like licenses, that’s a ‘no’ by default, unless you follow this very complicated process to get approvals from many people”.
In other words, free as in freedom, but not free as in beer.
That's the Free Software slogan, not open source. The only relationship between the two is that open source can easily be relicensed into Free Software (or proprietary, or whatever.)
There's nothing in open source about friendliness or collaborative development. I'm not forced to take your advice or contributions just because I'm open source, so how could that have anything to do with it?
> There's nothing in open source about friendliness or collaborative development.
Your view of the meanings of "free" and "open source" software is very literal and narrow. I'm not trying to debate the technical definitions of those terms, because frankly, I don't care and I don't think they matter in this discussion.
The crux of what I am saying is this:
A company may choose to share their source code for others to benefit from, under the hope that large players will contribute back in some way rather than use the situation to the disadvantage of the upstream company.
In other words, they might hope to:
* Let hobbyists learn from and use their code for free.
* Let competing companies use their code, as long as they contribute something back (money, bugfixes, festures, community support, QA).
* Make their employees happy.
and they may not hope to:
* Empower other large companies to freeload--ie, profit without contributing back at all.
Yes, I understand that permissive open source licenses allow freeloading in a legal sense. That does not mean the upstream companies have to be happy about it, much in the same way that you're allowed to use your office's shared kitchen to microwave fish, but your colleagues do not have to be happy about it.
What about this is so hard to understand?
While you are correct that the Free Software Movement has slogans like "free as in freedom" and has a definition based on "the four freedoms," the Open Source Movement also recognizes and advocates for "Software Freedom" as well.
"We build a world where the freedoms and opportunities of Open Source software can be enjoyed by all." [1]
Software that is licensed under Apache 2.0, MIT, BSD, or any of the other so-called "permissive" licenses is labeled "Free Software" by the Free Software Movement as-is. It does not require a "relicense" to become Free Software.
Said another way: you don't have to use a copyleft license like the GPL to qualify for the "Free Software" label.
It is just a different name for the same thing, because there was a group that developed a vocabulary before another group existed.
Opinions like that are the reason why more and more companies are walking away from the great attempt of building stuff collaboratively.
It's totally understandable to not want companies to profit off of proprietary, closed-source forks of your software. I get it! But there are licenses that you can use to stop that from ever happening (namely [A]GPL). Why not use one of those?
IMHO not everything needs to be open-source, but in many case it just makes so much sense that is a dumb idea to reinvent the wheel.
Many projects are succesfull this way. One I can think of is LLVM.
Because projects believ(ed) that the good will of their users would be enough to sustain their projects and businesses.
Now that certain projects see that good will isn't working, they're switching to the legal system.
