[feross]

Just to make sure I understand you correctly — you believe that because a maintainer releases an open source artifact at a given point in time, you are entitled to dictate the terms that any future artifacts are released under?

You might want to reread the MIT license provided with the software to see which guarantees it actually (doesn’t) provide to you.

[makomk]

In your blog post, you complain about a startup's product that charges $50 per month per developer to check if the open source software they're using is licensed in a way that won't cause them massive legal and financial headaches. This is why that product can exist and make money.

As you point out, the license of open source software provides zero protection against someone creating a snappily-named, heavily promoted open source project, waiting for it to become widely adopted, and then slipping a nasty surprise license change into the next release - and some open source developers think that the idea they shouldn't do this is unfair entitlement. In this low-trust world, providing a way of checking that none of their thousands of little dependencies has done that is far more vital than most of those dependencies, and certainly provides more value than some linter config files.

[baq]

but why can't that product be open source?

[pferde]

No, the subthread was discussing paying later for services already provided (quoting: "mailing a check in return for services provided").

Not for any future services, which, obviously and as you correctly point out, are not necessarily subject to the past agreement.