AGPL is very controversial. I'm clearly on the "won't touch it with a 10 meter pole" side.
There are people with other opinions, but even they agree that this is not tested in court, and it's more expensive to be sued, even if you win, than to just buy (or write from scratch) ANY alternative to the AGPL software in question.
AGPL is a legal landmine. You can't plug it into anything else, even for your own purposes.
Let's say you use these to create a guest wifi network. According to AGPL it looks like you must now opensource any and all scripts that you use to manage this environment.
In other words that one-off script you used to loop over all your access points during setup must be opensourced. Oh, it has details about your internal asset tracking system? Well, they now have to be public. Oh, it relies on your internal database? I guess that's opensource now too.
Did you even keep that one-off script? AGPL demands that others must be able to run what you run, essentially. It says that everything you do operationally to your service must now be documented and published.
You want to connect your internal SSO to the AP? Sorry, you better instead change it so that your internal SSO takes whatever protocol the AGPL software already takes. Oh, that's not feasible? Ok, give up then.
1 year later… oh shit oh shit oh shit, someone added internal SSO to the AGPL software! Now we have to opensource that, but we can't because it includes code we licensed from a third party only for nondistribution!
AGPL only makes sense for organizations that fundamentally ONLY will EVER run open source software (like FSF and that's it), and usually not even then.
Also ideologically it's a huge violation of freedom. What I do in my own home is absolutely none of your business. What executes on my hardware is my business.
For those who disagree about my examples: Yeah… I'm personally not a lawyer (but HAVE consulted with lawyers about this). You may be right. In the end a court will decide. But do you want to take this poison pill in order to find out in court if you die?
So GPL doesn’t have this character? Like the GPLv2 taken by Linux kernel. I have an impression that AGPL only add “A” to GPL to adapt itself to the cloud era. Because a cloud/service deployment is not treated as redistribution in GPL, considering there wasn’t cloud at the time GPL was made. So some big cloud company can deploy GPL software on cloud without open source action because they are not actually “distribute” software, instead only distribute a service. AGPL fix only this hole created by cloud.
You say it "fixes" GPL, but as I described it makes AGPL completely unusable for basically any purpose, and it creates a HUGE risk that's in my opinion completely unacceptable, as described.
The only way it seems to work is:
1) it's extremely unpopular by number of projects
2) most private citizens who use it violate the license
3) most potential corporate users have it vetoed by their legal department, which means they plain don't use it
That's not a great situation. It only seems to work (in the rare cases that it's used) because so few people accept it, and the ones that do violate it.
AGPL removes freedom zero, in my opinion.
> The freedom to run the program as you wish, for any purpose (freedom 0).
I think my examples illustrate this, but I'm sure I could elaborate more.
The way I read it you cannot write an automation script for managing the MongoDB databases for your Etsy store without opensourcing those scripts.
In fact I disagree that "cloud didn't exist when GPL was created". This also applies to services like banks, and banks certainly existed before GPL, and provided a service.
So that was never a "hole" in GPL.
AGPL is poison because every time you touch it, even operationally, your work belongs to someone else. To call that "Freedom" is Orwellian.
But in the MongoDB case (when it was still using AGPLv3), those companies who violated AGPLv3 did have a solution: pay a fee for a commercial license of MongoDB instead of AGPLv3 which is free. In this way, those companies don't need to open source their code built based on MongoDB. MongoDB get money to go further, because I guess MongoDB people need to raise their family.
Sure. But if anyone who seriously uses some software (even on a hobby project) is either violating the license or buying a commercial license, in what sense is it free/libre software or even open source?
That's saying that AGPL is only useful to the extent that it doesn't exist.
But it's not just software "based on" MongoDB. It's your backup scripts. It's your cluster scheduling config for the jobs. It's your provisioning script, etc…
And it implies it being non-free software. It's only one (small) step removed from a licenes that disallows "commercial use".
A license disallowing commercial use is fine. But it's absolutely not "free software". Freedom zero was so obviously a freedom that it was initially just implied, and only added later to be explicit.
If you are saying AGPL's virus like behavior is much more severe than the GPL's virus like behavior, I am not professional on this aspect. Not sure.
If I understand correctly, the open source action is only required when you "re-distribute" it. So, if you play it only by yourself and never give your modified software to anyone else, it is OK for you to keep all code close. If you work on it together with other people in your organization, it is fair enough that you open the source code to those people for them to work together easily. But all the code are still kept inside your organization.
Only in a step that you want to re-distribute the software (or the service) to people (like external user or other company) who you don't want to show source code, you are facing violating the AGPLv3. But generally speaking, in this step you already have a plan to make money out of external people (like user or other company), so fair enough to pay a fee for commercial license.
"free software" or freedom zero is good, but how engineers/companies who develop free software make survival? Donations? If I am already a billionaire, I totally support your point.
There are people with other opinions, but even they agree that this is not tested in court, and it's more expensive to be sued, even if you win, than to just buy (or write from scratch) ANY alternative to the AGPL software in question.
AGPL is a legal landmine. You can't plug it into anything else, even for your own purposes.
Let's say you use these to create a guest wifi network. According to AGPL it looks like you must now opensource any and all scripts that you use to manage this environment.
In other words that one-off script you used to loop over all your access points during setup must be opensourced. Oh, it has details about your internal asset tracking system? Well, they now have to be public. Oh, it relies on your internal database? I guess that's opensource now too.
Did you even keep that one-off script? AGPL demands that others must be able to run what you run, essentially. It says that everything you do operationally to your service must now be documented and published.
You want to connect your internal SSO to the AP? Sorry, you better instead change it so that your internal SSO takes whatever protocol the AGPL software already takes. Oh, that's not feasible? Ok, give up then.
1 year later… oh shit oh shit oh shit, someone added internal SSO to the AGPL software! Now we have to opensource that, but we can't because it includes code we licensed from a third party only for nondistribution!
AGPL only makes sense for organizations that fundamentally ONLY will EVER run open source software (like FSF and that's it), and usually not even then.
Also ideologically it's a huge violation of freedom. What I do in my own home is absolutely none of your business. What executes on my hardware is my business.
For those who disagree about my examples: Yeah… I'm personally not a lawyer (but HAVE consulted with lawyers about this). You may be right. In the end a court will decide. But do you want to take this poison pill in order to find out in court if you die?