[muks]

> The result, however, is that at this moment, MongoDB is under a non-approved license and therefore IS NOT OPEN SOURCE.

Perhaps you meant to say "is not OSI Certified", because the OSI don't appear to have a right to restrict use of the phrase "open source". See what's on your own website: https://opensource.org/pressreleases/certified-open-source.p...

On the other comments in this thread, even though MongoDB have "submitted" to having the OSI review their license, OSI still aren't capable of restricting anyone's rights on the use of the phrase "open source" including MongoDB's.

I can see your organization tries to make sure that there is an approved set of principles that identify libre/free software which is good. The phrase "open source" has been used in myriad ways since its early days, and not just for software.

I'm a programmer who has written open source since 2000. I would defend you when it comes to the benefits of libre software, but you can't restrict others over using something that you don't legally own.

[bunderbunder]

So, yes, technically, OSI does not own the term open source, and it could be that this license does comply with everything set out in the Open Source Definition (https://opensource.org/osd), and that means that, technically, "(the latest version of) MongoDB is not open source" is overstating the case.

Except that, as a non-lawyer developer who generally agrees with the Open Source Definition, "under an OSI-approved license" is my working definition of "open source". I believe the same is true for many others. And, under that definition, if Ms. Brasseur doesn't consider it to be open source (yet), I'm happy to fall in line with that.

She went on to say the magic words that mean so much more to me on this front than any debate about who gets to own the term: "It's probably best to limit your legal risk," and, "at this point." OSI's recommendations are a key part of how I limit my legal risk, and they're working on vetting it as we speak. My best course of action is to sit on my hands and wait for their advice.

[geoelectric]

Between Cygnus/Red Hat and Mozilla, I've worked for open-source-based companies for 7 years of my career, and never once heard or believed "open source" in lowercase to mean "OSI-approved."

I appreciate what OSI does, and do value an OSI review and endorsement, but you're seriously reaching here and trying to double-down on it.

Edit:

To be clear, I think the OSD captures what open source is, but OP tried to say "We haven't reviewed it, so it's not open source," not "We haven't reviewed it, so WE don't know it's still open source." Whether or not and when OSI gets around to reviewing something has zero bearing on whether something meets the OSD, even if we are going to assume that's the de facto definition.

I find the idea the VP thinks we need to wait on them to deliver their judgment from on high to be, frankly, offensive. OSI didn't successfully get the trademark on "open source" for a reason, and I can read a license myself.

[bad_user]

> Between Cygnus/Red Hat and Mozilla, I've worked for open-source-based companies for 7 years of my career, and never once heard or believed "open source" in lowercase to mean "OSI-approved."

That bullshit.

If that wasn't the case then Microsoft's Shared Source licenses could also be considered "open source", licenses which completely restricted commercial usage. Thankfully the world did not fall in that trap.

Without a working legal definition, the term "open source" becomes (1) meaningless and (2) a legal minefield.

Basically you've been spoiled by OSI approved licensing because our industry rejected anything else. We could've had a different industry and yes, all those bullshit projects on GitHub without a license are a legal minefield.

[threeseed]

Open source for most people means whether you can see and modify the source code.

Not whether OSI gives it some arbitrary stamp of approval.

[jkrems]

Yeah, but that's a really dangerous position to take and if they'd work with me I'd be quick to set them straight. Because that path leads to legal adventure.

What you are describing is "source available", not "open source". And that's a huge difference in practice. https://en.wikipedia.org/wiki/Source-available_software

[tlrobinson]

I'd add "redistribute" to the GP's definition, but the point stands that the definition of "open source" is not "licensed using an OSI approved license"

[azmenak]

A “source available” example

https://github.com/highcharts/highcharts

[patmcc]

Whether or not it's OSI approved or not isn't relevant, but if it doesn't meet their definition or something similar (https://opensource.org/osd) then it probably isn't what most of us would call open source.

How about I create a license called the ABA (anyone but amazon) license. If you're not Amazon/AWS/a subsidiary, it's just the MIT license. If you are, then you have no rights to use the software. Would you call that an open source license? I wouldn't. An important point (I thought) of open source was that the rules are the same for all, whether you're using it for personal projects or the biggest business on earth, whether you charge money for it or do it for free.

[bunderbunder]

That's a fine interpretation of the term for amateurs.

By which I mean, it's probably fine to think of things that way when you're working in an amateur capacity. If you're working in a non-amateur capacity, thinking about things that way could result in unwittingly exposing yourself to more legal risk than you want.

[tlrobinson]

I don't think simply checking that the license is "OSI approved" gives you many legal guarantees. There are currently 83 "OSI approved" licenses containing a variety of terms, from aggressively copyleft to extremely permissive: https://opensource.org/licenses/alphabetical

[bunderbunder]

I don't either. . . we might be playing a game of moving goalposts here. I was specifically responding to the observation that, "Open source for most people means whether you can see and modify the source code.", and saying that that, while that is a workable definition, it's probably not one that most people want to use.

[jfoutz]

You might want to be a little tighter with that definition. You can find the source for all sorts of crazy stuff. And with that, you can modify it.

Oracle or Microsoft or any other copyright holder that didn’t release that is going to be ticked off at you.

There has to be some element of the author wants you to have it.

I know this sounds silly and pedantic. I think there have been organizations that ignored copyright and released stuff they didn’t control the rights to.

You might want to tack on something about the authors want me to have access to this.

[cmroanirgo]

> That's a fine interpretation of the term for amateurs.

That's a seriously polarizing statement that you've made.

While I understand that your argumentation is from points of law, I think you need to realize that the term open source, was pushed by us, the developer community and so I feel that it is us amateurs that have the right to maintain the heart of the law. So, revisiting the heart of the matter:

"We had identified free software as a promising approach to improving software security and reliability and were looking for ways to promote it. Interest in free software was starting to grow outside the programming community, and it was increasingly clear that an opportunity was coming to change the world. However, just how to do this was unclear, and we were groping for strategies." [0]

So, what MongoDB has done is in fact increased (imho) the open source aspect of their offering by attempting to curtail corporate abuse. You should be thanking them.

[0] https://opensource.com/article/18/2/coining-term-open-source...

[nulagrithom]

No, it has nothing to do with "amateurs". Whether the source is open and what the license dictates are two wholly different things. The danger is exactly in conflating the two.

Take for example the NPOSL-3.0:

A variant of the Open Software License 3.0, this license requires that the organization using it is a non-profit and that no revenue is generated from sale of the software, support or services.

https://tldrlegal.com/license/non-profit-open-software-licen...

The source is open, but you can't use it outside of non-profit orgs. It's "Open Source™", it's approved by OSI, and it can still get you in legal trouble.

[cyphar]

Huh, how on earth did that get approved. It violates Section 6 of the definition: "No Discrimination Against Fields of Endeavor" (which specifically has the example of discrimination by disallowing software use within a business).

Personally I never liked the OSI's definition of "open source", and the FSF definition of free software has always felt (for me) to be far more fundamental.

[candeira]

If you never liked the OSI's definition of "open source", what do you think about the Debian Free Software Guidelines?

About the discrimination of fields of endeavour, please read the sibling comment to yours. I think you and the grandparent have both misunderstood the license.

[candeira]

You've misinterpreted the license. What it says is that the licensOR (not the licensEE) is a non-profit. That is, by publishing your original software under the NPOSL, you claim that you are a non-profit organisation. That's it.

Nowhere does the license say that you can't use the code outside non-profit orgs. In fact 17.d says very clearly that if you're not a non-profit, you are allowed to distribute your modified works, but under the original OSL license, not the NPOSL. So you can use, modify it and distribute it, only with a complication in the licensing.

The other amendment the NPOSL adds is where the original OSL gives a grant of patents and a warranty of provenance, and the NPOSL explicitly doesn't, because it's designed for non-profit companies, which have no money, so it's intended to reduce legal exposure.

It's a Free Software license in my opinion, and I bet you a drink that Stallman and the FSF would consider one too, even if they would not recommend using it.

Also note that the license's author is Laurence Rosen, who was General Counsel of the OSI, knows more about software licensing than most people, and who explains the details and rationale of the NPOSL in [1]

[1] https://rosenlaw.com/OSL3.0-explained.htm

If you have any other license that's OSI-certified and you think is non-free according to the principles of the FSF, I'm interested in learning about it.

One thing to take into account, though, is that the OSI is a certification body, and the FSF isn't.

Thhis means that the list of Open Source (according to the OSI) licenses is closed and published on their site. The FSF gives a set of principles and also publishes a list of licenses with some analysis, but the FSF's list is non-exhaustive, nor does it pretend to be. There are infinite potential free licenses that the FSF will not list, because its doesn't count license certification as one of its goals.

[threeseed]

If I am using an open source project I make sure to understand the license rather than blindly trusting some organisation.

Seems pretty amateur not to do this.

[Intermernet]

>Open source for most people means whether you can see and modify the source code.

Do you mean legally? If not, Windows 2000 is open source. If so, then that's what the OSI tries to ensure.

[icebraining]

No, the OSD according to the OSI requires much more than seeing and modifying.

[Intermernet]

Yes, the OSD tries to include legality in "seeing and modifying". If you regard Open Source as just "seeing and modifying" the source then anything that you can get the source code for is Open Source. This is most definitely not the case, as illustrated by my previous example of Windows 2000. Please see [0] and [1] for more info. Confusingly, there are still copies of the W2K source on github which have an MIT license in the root which is, I assume, false and unauthorized by MS [2].

[0]: https://news.microsoft.com/2004/02/12/statement-from-microso...

[1]: https://torrentfreak.com/microsoft-takes-pirated-windows-nt-...

[2]: https://github.com/pustladi/Windows-2000/blob/master/LICENSE

[mindcrime]

No, most people accept the OSD as the de-facto definition of "open source".

[bad_user]

I think you've been spoiled by Open Source licenses, due to the people that actually fight for that definition.

Would you consider Microsoft's Shared Source licenses as being "open source"?

https://en.wikipedia.org/wiki/Shared_Source_Initiative#Restr...

[nunobrito]

On my side those cases are categorised as "Public source" and the respective license terms are then labelled as freeware for most cases, as a sub-variant of Proprietary license types. The other two variants would be Purchase or Subscription.

From a licensing compliance/verification perspective, being OSI approved is a good help to guide developers and reduce the effort of processing the applicable terms. For the auditor itself, the OSI stamp is OK but not something critical.

Looking better, we simply don't even use the terms Open Source nor FOSS on our procedures to be inclusive of the commercial/closed 3rd party products.

[hueving]

Not sure anyone actually thinks "open source" is a term owned by an organization and the gp didn't say they were restricting Mongo, so I'm not sure if your clarification is necessary.

It's like someone claiming certain software doesn't scale. There is no need to clarify that the author doesn't own the word "scalability".

Op is speaking for the OSI's opinion on whether it's open source or not.

[Waterluvian]

Then Op should not say in all caps, "IS NOT OPEN SOURCE".

[mcny]

I understood it as meaning "my organization cannot yet certify it as open source" with yet being the operative word.

[mindcrime]

The OSD may not be the de-jure definition of "open source", but it is the de-facto definition. The statement above is correct in all but a trivial, pedantic sense.

[throwaway2048]

Not just trivial and pedantic, this has been a common avenue of attack over the years in an attempt to dilute the meaning of the term. Such as when Microsoft made a concerted effort to try to redefine open source as "non commercial" source available software.

[darkarmani]

> because the OSI don't appear to have a right to restrict use of the phrase

You are really hung up on this. Where did they say they were restricting the use of the phrase? If they said: "MongoDB is not good software" would you be saying they aren't allowed to restrict MongoDB from saying they are good software?

[brentonator]

This VP specifically states MongoDB "IS NOT OPEN SOURCE" presumably referencing their own organization's definition of open source. What's worse is their current definition technically qualifies MongoDB as open source. She conflates a non-OSI-approved license with the definition of open source very blatantly.

As someone just above said open source for many simply means the source code is open (can be viewed).

Edit: Realizing now that "open source" may be a genericized trademark held by one of their board and we may need to ignore their assertions in this thread.

[cyphar]

> What's worse is their current definition technically qualifies MongoDB as open source.

I don't agree, the modified section 13 appears (at least to me) to violate the spirit, if not the letter, of section 9 of the OSD:

> 9. License Must Not Restrict Other Software. [...] For example, the license must not insist that all other programs distributed on the same medium must be open-source software.

The new SSPL requires that all of your server configuration and tools be distributed under the terms of the SSPL. This is so badly worded that it could include your operating system kernel (which, on Linux, would not be possible since GPLv2 is incompatible with this new license).

Also, the scope of "providing a service" isn't limited to network services (which is what you'd think). No, it applies to any service "includ[ing], without limitation [...] offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.".

I'm sure you can easily come up with some examples whether this concept of "providing a service" will run into strange consequences when your accountant is giving you a download link for MongoDB as well as all of Windows.

[gonzo]

there is no registered mark for the term "Open Source". It's too descriptive.

Therefore, it's not genericized and nobody holds it.

[axaxs]

Open source is mostly objective, unlike 'good software'. The parent comment stated in caps that MongoDB is not open source, which is objectively untrue. It's a silly thing to bicker about, but the original should have probably said something along the lines of 'OSI approved open source license'.

[icebraining]

The only objective definition of Open Source I know of is OSI's. Everything else is a hodge-podge of whatever the user of the word feels it's open. Is it reading the code? Modifying it? Redistributing it? There's no consensus besides OSI.

[MrStonedOne]

But their definition does not restrict it to OSI approved licenses, so their assertion its not open source because it hasn't been approved is not valid.

[pessimizer]

> I can see your organization tries to make sure that there is an approved set of principles that identify libre/free software which is good.

The OSI doesn't define what Free/Libre software is, the Free Software Foundation does. The OSI is in charge of the common definition of "Open Source" software, which is accepted outside of non-software or idiosyncratic usages (such as "open source is when I show my references" or "open source is when I derive my conclusion from publicly available information" which is becoming the common definition in the intelligence field.)

It's good when we have a common definition, and discuss that definition rather than the label; it's a waste of time to argue "of course it's organic; it's carbon based!"

One thing that we can both agree on is that more people are familiar with the OSI's definition of "open source" than are familiar with your personal definition, so it's probably more productive to talk about the one more people are familiar with.