[boredandroid]

I can address some of the critiques that seemed aimed at the blog post I wrote announcing the Confluent license change:

1. We aren't trying to get cloud providers to license our proprietary features. We run a cloud service of our software.

2. The book analogy is not very accurate. We have an FAQ here the helps clarify interpretation. The limitations it places are extraordinarily small, 99.9999% of users are completely unimpacted, it really only impacts companies wanting to offer, say, KSQL-as-a-service. https://www.confluent.io/confluent-community-license-faq

3. We aren't trying to "co-opt" the community or open terminology. We actually tried super hard both in the license and in the blog post to be honest and upfront. Whatever else you think you have to agree that Confluent's license is _exceptionally_ permissive and the software has a pretty great community of users. How do you describe a license that let's you run, modify, fork, and redistribute the code and do virtually anything other than offer a competing SaaS offering of the product?

4. Bryan Cantrill is an amazing engineer, but, well, as a lawyer, I think ours are probably better. We're quite confident in the enforceability, but it's a bit ironic because I remember this being the FUD around GPL that it was "totally unenforceable".

5. The "open source companies are all failing"-meme isn't factually correct. Many open source companies are actually doing quite well. MongoDB has gone up in value about 3x over the last year, Elastic was the breakout IPO of the year. There are a handful of other really strong businesses a year or so behind, including Confluent. An open source project is not in-and-of-itself a business model, but it is, just empirically, a big part of some of the recent successes in the infrastructure space. Probably worth noting that the reverse is true too: if you look at some of the really cool up-and-coming open source platform data technologies, a lot of them have the support of a company behind them. Of course there are plenty of sucky open source companies, but that is true of every category of startup.

6. I agree that it is silly to moralize about the behavior of the cloud providers. They are following their economic interest. The point is that this behavior does undermine the cycle of investment in some of the more promising hard tech open source projects and to try to change this dynamic.

7. This article has a bit of a tone of "Son, new things aren't possible, trust me, I tried them and have the scars to prove it". I have huge respect for Bryan, and I know that to some extent that is his schtick as a public personality, but I'm not sure that attitude is most likely to lead to improvement. I don't think the current crop of licenses was handed down from the mountain on Stone Tablets by our elders to be revered and not questioned. I think CockroachDB, Elastic, MongoDB, and Confluent are building really innovating technology platforms and building pretty cool companies to help fund that. I don't think we need dogma. And I still don't say "GNU/Linux".

[cyphar]

> How do you describe a license that let's you run, modify, fork, and redistribute the code and do virtually anything other than offer a competing SaaS offering of the product?

A proprietary software license. Let's not forget the infamous "don't be evil" clause.

> The "open source companies are all failing"-meme isn't factually correct.

Several of the companies you have mentioned (including yourselves) are no longer "open source companies" since you now develop proprietary software. You might not consider this a failure (maybe a "pivot"), but you are no longer an "open source company".

Don't get me wrong, I completely believe that there is a financial problem caused by cloud providers not paying you for your development work. And I understand the frustration and lack of fairness in such a dynamic. But that doesn't change that you now develop proprietary software.

> I don't think the current crop of licenses was handed down from the mountain on Stone Tablets by our elders to be revered and not questioned.

Nobody is claiming that, and those licenses have changed over the years. But the changes have always come from the community. MPLv2 was written so that it could be integrated with GPL code. The GPLv3 was written to deal with concerns about locked-down hardware. The AGPLv3 was based on a community fork of GPLv2.

The new proprietary licenses are coming from companies that wish to protect their businesses. This is clearly a different dynamic, and I think it's quite unfair to paint your critics with the brush of being unquestioningly reverent of our elders -- when in fact we are seeing that the existing, gradual evolution of licenses by the community has been co-opted by companies wishing to protect their own interests.

[nqzero]

you're creating a false dichotomy

neither open source nor proprietary represents a single thing and there's a continuum between the two extremes

this license is clearly somewhere near the middle

[cyphar]

It would be more accurate to describe it as proprietary than it would be to describe it as free software or open source. Proprietary software is software which restricts your freedoms when it comes to the usage, modification, or distribution of said software. If you prefer, you can also use the term source-available to distinguish the degree of restrictions -- but the point is the same. There are restrictions on your freedom in the software and thus it is proprietary.

Not everything has a middle ground. Software is either proprietary (restricts your freedom) or it isn't -- and discussions about how proprietary it is (how many restrictions it imposes on users) are secondary.

[sparkie]

I could argue a completely different case. The only "restriction" it is placing on you is that you may not restrict anyone else from exercising the same rights that you yourself were granted by the license, which I believe is the original spirit of the 4 freedoms and the GPL family of licenses.

The software is "effectively free," because for every user who simply uses it for personal use, research, or even many forms of commercial use, they have all of the same abilities that they would have with any other free software license.

The restriction only comes in when you make a derived work of the software and do not pay forward that derived work under equivalent licensing terms as the work on which it was based.

And this is where the real disagreement is. What exactly is a "derived work", and where do you draw the line in the sand?

If I'm essentially selling access to somebody else's software, I have little doubt that access software constitutes as a derived work. I think it's fair that a license like the SSPL asks me to release the code which provides access to the free software as free software itself.

Suggesting that "My freedoms are being restricted" because a licensing term prevents you from restricting the freedom of others is the same argument that "permissive" license proponents argue against strong copyleft licenses.

If I release something as SSPL, it isn't because I'm trying to "restrict your freedoms". It's that I'm trying to prevent you from restricting other's freedoms by selling them proprietary work based on it.

[cyphar]

The license being discussed here is not the SSPL. It's the Confluent Community License, which does not have any of the GPL-like aspects you refer to. Instead it simply denies the use of the software (freedom #0) for an "Excluded Purpose" (creating a competing product to Confluent). I'm sure you'll agree this is not in any way in the original spirit of the four freedoms.

> What exactly is a "derived work", and where do you draw the line in the sand?

This is mostly determined by copyright law, since "derived work" is a legal term of art.

> If I release something as SSPL, it isn't because I'm trying to "restrict your freedoms". It's that I'm trying to prevent you from restricting other's freedoms by selling them proprietary work based on it.

This is the justification, but due to the design of the license it is de-facto impossible to actually comply with its requirements. Therefore it acts as a de-facto proprietary license. Many copyleft lawyers have stated that the license would likely require you to re-license Linux under the SSPL if you run SSPL code on a Linux server. This is not possible to do, and thus you are forced to pay MongoDB to get a business license.

Maybe there is a place for a license like the SSPL, but given how there would be effectively no company that could comply with it (even if it didn't require relicensing to SSPL, many companies have contracted code that they cannot relicense to a free software license) I fear it would have the same effect.

[kemitchell]

> Many copyleft lawyers have stated that the license would likely require you to re-license Linux under the SSPL if you run SSPL code on a Linux server.

There's no such thing as a "copyleft lawyer". Even if there were, there wouldn't be many of us, even if you counted every one, worldwide.

I personally don't agree with the reading you referred to. But if Mongo's SSPLv2, which they've submitted to OSI, is any indication, it won't be tenable much longer.

[antt]

I'm free to modify the source code.

That's a lot different to never seeing it.

Calling these licenses proprietary strains the word past its breaking point.

[cyphar]

A licence is proprietary if it restricts any if your four freedoms. The Confluent licence restricts freedom 0, the freedom to use it for any purpose. It is therefore proprietary. JSON's license (with the "The Software shall be used for Good, not Evil." clause) is proprietary too.

Now, we can have a discussion over the degree of proprietary-ness, but I disagree with the statement that it isn't proprietary. Of course it is different to some other proprietary licenses, but I believe that discussion is secondary to the discussion over whether it is proprietary.

[slavak]

No, I'm sorry, that's not how things work.

You can say the license isn't "open source." The term has a well-defined meaning provided by the OSI, and they arguably have the right to define what it means and which licenses meet the definition, being the ones who pretty much invented the term.

You DO NOT, however, get to also define the meaning of the word "proprietary." The English language is not your plaything, and you have not been given dictatorial rights to re-define words as you wish. "Proprietary" does not suddenly mean "restricts any of the four freedoms" just because you said so. When antt calls this instance a misuse of the word, [s]he is relying on the common English meaning of the term, which very much supports their point. Your rebuttal is pretty much "nuh-uh because we're now using a different definition."

[antt]

The GPL/AGPL restricts freedom zero too.

You can't run your code on a users computer without respecting the other three freedoms, and the AGPL goes even further and says you can't even run it on your own computers.

This was an argument I used to hear being made loudly and unironically by the MIT/BSD crowd in the 90s/00s.

To quote Stalman, free software isn't about having the source available any more than a library is about making books with movable type. It is about giving people the power to be programmers without selling their souls to Big Evil.

That essentially all the code that makes Amazon Amazon is DevOps code on how production code and hardware is managed is something no one could have seen in 2007.

Pretending that orchestration is not the most important part of the stack today is as ignorant as saying that source code doesn't matter because you have the binary version was in 1995, again something I've heard said unironically.

The AGPL, the most radical of the free software licenses, does not deal with the supporting code on how to deploy the software. The prosperity license does, because it's written by people who are in the trenches today. And it's completely free when you open source your full stack.

[grumpydba]

However those unproven license are toxic.

I've cancelled the mongodb standardization in the big company I work for specifically to avoid them.

The only sane way for a cautious company to use those vaguely licensed software is the proprietary one. That's the intent of this artificial grey area.

And as a consumer I try to avoid proprietary software whenever possible. License management is a huge pain.

[WhatIsDukkha]

Why are you assuming there is a middle ground?

Many things in life have no real middle ground.

These "middle ground" licenses have yet to show a useful non-toxic instance that actually served their communities.

You have the burden of proof here.

[sparkie]

Middle ground exists because it is ultimately for a court to decide whether or not something is a copyright violation. These things aren't black and white. A license is a piece of legal advice which suggests the decision a court might make if it were to be taken to one, based on past judicial decisions. When it comes to new technologies and new distribution methods (or distribution loopholes), there's not much precedent to go off. The uncertainty here is the middle ground.

[WhatIsDukkha]

You are focused on enforcement which (might be interesting in an internet lawyering way) is irrelevant if noone uses the codebases in the first place because of the license makes it unuseful for users and coders.

Almost all of these "middle ground" license cannot be combined with the normal licenses that have huge functioning communities.

[nqzero]

> You have the burden of proof here.

even transistors, the basic underpinning of our digital worlds, have middle ground - it's the norm, not the exception, and dichotomies are almost entirely a human fiction to make things more computationally tractable

the burden is yours

[WhatIsDukkha]

So we can go down rabbit holes like this I guess? I mean whats the middle ground between believing the earth is flat and the center of the universe vs a modern scientific view?

Metaphors aren't really a good thinking tool here.

Instead maybe asking (as I suggested you do) if EVEN ONE of these LICENSE schemes is actually working for the community its supposed to serve vs the pr blahblah we see in their announcements?

[boredandroid]

Confluent continues to fund the development of quite a lot of Apache 2.0 code and that is a huge part of our business and strategy. Perhaps your point is that if a company produces any non-open source code they are not an open source company?

[csande17]

Microsoft and Oracle also fund the development of a lot of open source code, but I think it'd be a bit of a stretch to call them open source companies.

[brazzledazzle]

I’ll never understand why we collectively wag our fingers at individuals or companies that try to keep the likes of Amazon from building a profitable service off of their hard work then contribute back little-to-nothing. Would redis, mongodb and dgraph have even considered alternate licensing if companies like Amazon had thrown them a minuscule amount of funding and patches? We can’t know because they didn’t. And then we sneer at them for having the audacity to try to stay open but stop these giants from using them and throwing them away.

This kind of aggressive behavior toward these people trying to stop their own destruction at the hands of the biggest and most profitable companies in the world makes me wonder what the hell is wrong with our industry. This could easily be any of us. It might be any of us in the future. What do we gain by consolidating control in 3-4 different giants? What are we achieving with such a black and white view of what constitutes open source or not?

[grumpydba]

Mongodb are not trying to stop their destruction.

They want to bring millions to their investors.

If they were less cash hungry they would move slower, of course, but without selling proprietary software.

[antt]

This is nothing new. The loudest people in the software industry are the ones with the most time, which by definition is the ones who are least employed or most activist.

Back in the real world that reddis wants to charge a license fee would just mean an email to your boss and accounting with a short message saying "This is a better alternative since we can change the source code as needed for a pittance". Then it will go to the CEO and he will sign off with "Done" after reading the first 20 words of the report.