[toomuchtodo]

It is easy to judge another’s actions from afar when it’s their meal and roof they’re working for. It’s okay for Amazon (a trillion dollar company) to make money off of their work but not themselves?

Imho, the problem isn’t “well it’s not open source anymore then.” The problem is people who give more weight to a religion/philosophy than sustainability. Who cares if it’s open source if the people developing it can’t support themselves?

Fair code > open source.

https://faircode.io/

[YPPH]

If they don't like it, they shouldn't have licensed their software under a free software license. This was an entirely foreseeable consequence. They only have themselves to blame. The AGPL generally fixes this perceived problem, but means that several large players (like Google) will never touch your code with a ten foot pole, let alone improve it. So, there's some difficult decision-making at the inception stage of a project - what do you value more?

Sony forked FreeBSD and used it as a substantial component of their operating system for their PlayStation 5, a product which they will make money off (in the long run, at least). No changes are available to anyone. No one at FreeBSD is jumping up and down about it. Maybe because there's more to a software project than maximising profit.

[Barrin92]

>If they don't like it, they shouldn't have licensed their software under a free software license

They or anyone else are also free to relicense their project, there's nothing wrong with it at all and anything under the old license is still what it was before.

It seems kinda strange to demand that someone operate under some license in perpetuity, there is no such rule. Licensing questions don't stop after the inception of a project.

[AmericanChopper]

The lessons that some contributors (myself included) will learn from this, is that it’s now a common bait and switch to build your product with open source contributions, and then relicense it when it’s time to monetise. I used to talk most of my employers into letting me bug fix open source projects that they were having issues with, now I just talk them into maintaining their own forks. The open source “freemium” business model is very clearly a scam at this point.

I also personally can’t stand Elastic, because they charge enterprise rates for support, and then offer open source level support. You’ll come across a show stopping issue, and the support you’ll get is most commonly “why are even trying to do this?”, or “please refer to this issue that’s been stale since 2016”.

[pabs3]

There are lots of open source projects that aren't bait and switch, like the Linux kernel, or Python. So I would encourage you to reconsider a blanket fork-everything policy and at least contribute to the projects that aren't backed by VC-funded companies and instead have a diverse community of contributors with multiple copyright holders.

[AmericanChopper]

Yeah I should have been more specific. I’m just whining about the open source as a business model type of projects.

My general approach has been, when I’m capable and have the time to, to fix any issues or obvious feature deficiencies that I come across in open source projects that I use. I still do that, but I now only contribute my changes back to projects that seem more trustworthy.

[pabs3]

I wonder what criteria you apply to determine the trustworthiness of a project. For me, signing a CLA or otherwise not using inbound=outbound licensing is a major one, as well as any project backed by a company with VC funding. Any project backed by a single organisation instead of a group of people from lots of different organisations is a red flag, with some exceptions for long-term known-trustworthy non-profits.

None of that helps with a situation like Audacity/MuseCore though, if developers are willing to sell out their project copyrights, that isn't something that you can really protect against, except maybe discussing people's opinions on that openly.

The other issue with withholding changes from upstream is the potentially infinite cost of updating your changes as the project evolves, things like git-imerge, mergify or git-mergify-rebase can reduce that burden by letting you do incremental rebases/merges though. Normally I don't contribute to projects with a CLA assigning extra rights to corporations over the license, but I've been considering signing one just to drop the maintenance burden.

https://github.com/mhagger/git-imerge https://github.com/brooksdavis/mergify https://github.com/CTSRD-CHERI/git-mergify-rebase

[ixs]

I fear you might underestimate the maintenance costs of forking.

A nice anecdote I heard a long time ago was comparing the approach to custom engineering between SuSE and Red Hat.

SuSE was always very happy to do custom engineering for paying customers and developed and shipped these features in their Linux Distribution. Specifically I am thinking of some interesting features done in the Kernel. At that point, SuSE received money for the engineering work but now had the burden of supporting their fork. The functionality code itself was not a problem, but the interfaces to the remaining kernel were a source of churn and pain.

Red Hat did the opposite. They told their customers that they can have whatever is in the upstream Kernel and they will help them upstream the necessary changes. That took markedly longer but the long term maintenance was much less effort because the in-tree code would be updated whenever an API/interface changed.

Canonical also had a tendency to happily fork of whatever project they needed to ship a fancy thing on time (think Netbook UI, think Unity etc.) and then get hit by the long term maintenance burden once upstream diverged.

Both SuSE and Canonical always found themselves in the unenviable position of having to constantly update their code and potentially seeing a competing but conflicting solution being merged upstream.

Carrying a few bugfixes or feature improvements in a local branch of a library is easy at first. But you're essentially creating technical debt which you'll need to pay off on every upstream change, every security fix etc. Most companies see value in developing features for their main application, not in maintaining internal forks of open source libraries.

[manojlds]

Good point on contributors, didn't think of it this way.

[pjmlp]

It is the return of shareware, as developers realised their parents wouldn't pay forever their housing needs.

[reacharavindh]

That is not quite fair is it?

Publicise your work as open source and make hay with the work of open source contributors who thought they were contributing to a truly free and open source project only to find out a couple of years later that their contributions are now locked into a project that locked itself up with a changed license... (I know that their contributions may stay with the license it originally was, but if the total product changes license, who is going to continue an unmaintained fork? )

IMO, it is fair criticism when someone starts off with a liberal license and then changes it when it is time to monetise, or someone else figures out how to monetise it better than the creators. Either be okay with it or not, you can't have it both ways.

[tybit]

No ones demanding they don’t change, they’re just stating that as users they’ll react accordingly.

[erezsh]

You write "accordingly" as if it's obvious what's the correct course of action for a company that's in direct competition with a titan, and any other course of action must disappoint their users.

What would you have them do? Would only their demise appease you?

[cutemonster]

> This was an entirely foreseeable consequence

I disagree. I think it was hard to know that many years ago (10+?) how things would turn out.

Especially not "entirely foreseeable."

There's a cognitive bias called "hindsight biasy", namely "the common tendency for people to perceive past events as having been more predictable than they actually were", https://en.m.wikipedia.org/wiki/Hindsight_bias

I agree with you about AGPL.

[AnonymousPlanet]

> I disagree. I think it was hard to know that many years ago (10+?) how things would turn out.

The GPL exists because of the problem of other people taking your code and hiding it in their products, placing you at a disadvantage.

The AGPL exists to extend that protection regarding SAAS.

According to Wikipedia, the AGPL is from 2007, and Elasticsearch started 4 years later.

I disagree that you need hindsight not to be surprised by how Elasticsearch was used by e.g. Amazon.

[necovek]

GPL exists because nobody can (should?) stop users from modifying software they use (at the very least, on the machine level) and such modifying should neither be illegal nor hard (thus source code).

The "sharing" bit is on top, and only comes out if you distribute your changes too. AGPL fixes the flaw where "users" don't really get a copy of the software they are using distributed to them in full (eg. only part of it with JS in the browser, but backend stuff is hidden).

So the focus point of GPL is use of the software (thus users), not writing of it (developers). Developers embrace it because they are simultaneously users of the software written by others, and they are best positioned to make the most out of those liberties ("standing on the shoulders of giants").

[necovek]

You are right: none of it was foreseeable, but rather, an expected outcome.

In case of success, which Elastic has certainly achieved with ElasticSearch, it is fully expected that other companies will jump in on the bandwagon and try to profit off of it too! And as a company, you hope for success, or rather, that to play out, but just that you'd be the go-to for earning the most off the product you created. While not foreseeable, it is not unexpected that you might not be the one to profit most from your product, and you should plan to profit enough! Where it gets complicated is that nobody expects to earn orders of magnitude less from a product they created than others relying on it.

What they did not foresee was that one of those companies would be The Cloud Provider, thus minimizing their value proposition since Amazon can throw significant resources at it, possibly even greater than Elastic themselves. One could argue that Amazon abused their monopolistic position in cloud providing to offer a bundled ElasticSearch experience that Elastic could never compete with. Even if they developed an alternative in-house product, it looks exactly the same as Microsoft bundling Internet Explorer with Windows back in the day.

Even today, if you are willing to develop an open source or free software product, if you get successful enough, you are likely to be an exploitation target of a megacorp. Companies always have an option to relicense in-house written code, and any code submitted by signatories of an appropriate contributor license agreement (CLA).

Basically, I agree it wasn't nice of Amazon, and that it wasn't foreseeable, but it ultimately wasn't unexpected either. To me, this is monopolistic behaviour that should be treated as such.

This also raises another interesting question: if AGPL is an appropriate solution, why did Elastic not relicense under it today? (I am sure they answered this very question when they published their original license, so it's mostly rethorical)

[sfifs]

> Where it gets complicated is that nobody expects to earn orders of magnitude less from a product they created than others relying on it.

And this is where the problem basically is. The core philosophy of open source licensing is that the creators who use it don't particularly care beyond compliance with the terms of the licenses (eg. Source distribution for copy left licenses)

If it turns out you *do* in fact care, then Open Source licenses are not a good fit for you. If you still go ahead release under Open Source and then change later, don't be surprised to be called out for bait and switch manipulation.

[dragonwriter]

> I think it was hard to know that many years ago (10+?) how things would turn out.

The long-term commercial advantage in Free Software being for the largest established players with revenue mechanisms centered around services rather than selling software licenses was widely recognized, with many observers independently coming to the conclusion, from at least the mid-1990s.

[bigiain]

On the plus side, the python repo is Apache2.0 licences, so fork away...

[mschuster91]

> No one at FreeBSD is jumping up and down about it. Maybe because there's more to a software project than maximising profit.

That is because xBSD have more than enough people to develop on it - hobbyists and companies alike.

For smaller software with less of an established ecosystem, the supply of people willing to work on it for free is... not exactly much.

[toomuchtodo]

Heaven forbid a FAANG doesn’t touch your code. Look at all the exposure you’ll miss out on. They might actually have to spend resources to write and maintain the code themselves, instead of open source maintainers begging for scraps [1]. The horror.

The homebrew maintainer couldn’t even get hired at Google [2] if I recall, even though they’re big fans of using the tooling internally!

[1] https://arstechnica.com/information-technology/2014/04/tech-... (OpenSSL Software Foundation President Steve Marquess wrote in a blog post last week that OpenSSL typically receives about $2,000 in donations a year and has just one employee who works full time on the open source code.)

[2] https://twitter.com/mxcl/status/608682016205344768 (Google: 90% of our engineers use the software you wrote (Homebrew), but you can’t invert a binary tree on a whiteboard so fuck off.)

[jchw]

Who said anyone was doing anything for exposure, either? I think open source is doomed if people fail to understand that when you release open source code under open source licenses, your users don’t owe you anything, and in return, you don’t owe your users anything either. As far as I’m concerned, I don’t even really care that much about whether or not people adhere to the licenses I use for the most part.

Nobody is owed a sustainable ecosystem to profit off of open source. When things align to be mutually beneficial, that’s great. But by the nature of it, if you want to make money off of software, you should not release it as open source. It’s probably going to eventually wind up being a conflict of interest, wherein the “open” parts of a project eventually become less and less relevant in favor of closed parts.

Open source doesn’t and shouldn’t guarantee a sustainable business model. The best you can hope for is that parties collaborate because they can benefit mutually from this collaboration, like with the Linux kernel.

[lumost]

An important distinction of Linux kernel development from most open source contributions is that the companies contributing code typically make their money off of selling hardware which must run or work with linux to be successful. These companies are all financially incentivized to keep the Linux collaboration successful.

[indymike]

Almost every open source package has a model where multiple contributors make money off something else. Usually that something else is software or hardware that is built with the open source package.

[andi999]

That sounds a bit like Thatcher 'there is no society' - society, I am not sure if open software can survive without permanence, trust and reliability (from the developer and customer side, not the code basis).

[kktkti9]

Sort of how Elastic using the license that’s biting them; can’t really expect much else so long as “it’s a private company they can hire as they see fit” is the default political posture.

Your problem transcends one whiner on Twitter; private entities can monopolize public agency across contexts and not be held accountable at all.

Here you are in a VC echo chamber; good luck

[StopHammoTime]

Uhh, no. "Trillion dollar company BAD, think of the billion dollar company!!!". Elastic made it's business off being open source, period. If they weren't open source to begin with they wouldn't be as successful as they have been. Their whole business model initially built off the popularity of a useful open source project.

Of course, once you add-on that they've basically done to Lucene what AWS did to Elasticsearch, then the whole thing is a joke. I also just checked and Elastic are NOT sponsers of the ASF: https://www.apache.org/foundation/thanks.

Absolute garbage company in terms of open source and community. I will never willingly install their software ever again.

[threeseed]

You seem to be confused here.

1) Elastic never forked Lucene.

2) Elasticsearch is not a competitor to Lucene.

3) Elastic developers are PMC members and committers for the Lucene project.

[blackoil]

Even Amazon did not fork ES, till they were explicitly blocked. If Lucene changes it license to GPL, elatic will need to fork it.

[zucker42]

It's entirely possible that the relicense and now this will have the the precisely the opposite effect though. I'm sure the relicense was an attempt to increase Elastic NV's revenues from SaaS by locking out competitors from using their same codebase (from public financial filings, Elastic NV is not profitable so they are probably looking to become so). But open source also attracts new customers and improves the product by encouraging outside contribution. It could very well be that in 10 years we'll look back as this year that led to downfall of Elastic as a company. Or this move towards a different business model could succeed. But even if it does succeed, it's possible it would also succeed if they had kept the code open source.

The person you responded to didn't even assert that open source software is morally superior to alternatives, but instead said that by moving away from open source, Elastic is failing to understand its customers. His argument doesn't require any judgement about the morality of the relicense.

[altdataseller]

1) Is outside contribution really important going forward? Most of the Elasticsearch contributors are probably already employed by Elastic.

2) Open source doesn't attract new customers. There's nothing special about having software where anyone can contribute freely, that makes it attractive to customers. There is however, something special in making it free to download, setup and use in your own servers that makes it attractive. Which is still the case.

[thayne]

> There's nothing special about having software where anyone can contribute freely, that makes it attractive to customers.

That may be true for some customers, but certainly not all. Being able to fix a bug or add a feature yourself instead of having to wait for a vendor to do it for you can be very attractive. Especially if you need a feature that would never be accepted upstream, and you have the ability to use your own fork/patchset. That is something my company has done many times, and is a factor when choosing software.

[nijave]

>There's nothing special about having software where anyone can contribute freely, that makes it attractive to customers

Community, support, acquisition, extendability and code quality.

Community/Support -- lots of documentation available for free, generally multiple vendors that offer paid support, free access to updates. Don't have any data but I suspect finding people to support/run it is easier (skills are more marketable and easier to learn on your own)

Acquisition -- eg less of a vetting/auditing process for places where that matters (you can handle vetting the code and supporting company separately)

Extendability -- you can hire developers to add features or integrate without being subject to the owner's timeline e.g. you don't have to plead for features

Code quality -- being open, it's more apparent if the software has a high number of bugs or large amount of technical debt that could lead to instability. Usually the issue trackers for OSS are open to everyone

These apply more to large companies with dedicated teams

[altdataseller]

3 of those 4 still apply to Elasticsearch. Mongo, another example has the same license and loads of docs freely available. You can still hire devs to add any missing features to Mongo (albeit you will have to fork it). You can still view their issues in GitHub too

[dantheman]

Open source does matter.

[atonse]

It’s moves like this that have made me go from largely neutral in this fight to actively hating elastic.co.

It’s their fault for not differentiating their offering enough.

When I looked at logz.io, I spent hours trying to get it to work and ultimately gave up, irritated that my seemingly plain vanilla use case (send ubuntu journald logs to ES) wasn’t as straightforward as I would’ve liked. (I’m aware they aren’t affiliated with elastic, just saying there might have been an opportunity for them here)

If elastic had a way for me to blindly copy paste things into an ubuntu server that allowed me to see all my systemd logs, I would’ve happily paid them. Instead it was an endless maze of having to figure out beats vs logstash, finding a journalbeat whose documentation says it’s beta, etc.

Yet ultimately the only thing that worked was AWS ES service hooked up to vector.dev’s agent. And boy does it work amazingly well. And it’s not like Amazon is doing anything special.

It’s on them for not having differentiated and made things drop dead simple. Now they seem to want to play dirty like Oracle.

[nijave]

People give Amazon flack but they offer solid support with reasonable escalation when you have an issue. Imo it's a bit sad Elasti Co couldn't out compete ES on their own product.

When AWS released ES you couldn't even dynamically scale cluster nodes and you had to use Amazon's special library to sign requests for IAM

There are other companies that run curated & managed SaaS on providers like AWS, GCP, etc that offer better services than the native ones. For instance, MariaDB SkySQL offers DBAs with their product and will help tune the DB for the workload vs AWS where they offer limited app-level support outside suggesting things like Performance Insights. When I looked, SkySQL was also a bit cheaper than AWS RDS for comparable hardware

[thedougd]

It's not a philosophical argument at all. Businesses embrace commercially supported open source software because it makes business sense to do so. The door of interoperability swings both directions. Open source vendors frequently acquire customers through users who 1) are moving from another compatible vendor 2) trialed their open source software for an extended period of time, often in production, and 3) from introduction by highly innovative teams in a larger corporation.

When customers see Elastic circling the wagons to remove some of the differentiators of their open source software, they're going to have to reconsider their options.

[toomuchtodo]

Indeed, a new equilibrium must be arrived at, as the existing contract has proven suboptimal (except perhaps for Amazon, in this context). This is why you see many projects (Redis, Elastic) with commercial potential (or actively generating revenue) moving away from open source licenses that allows for AWS to copy and serve their work wholesale without any compensation or rev share, even if they lose some business from doing so. A loss of some business is preferred to a level of business that is unsustainable for an org as a going concern.

[manigandham]

Customers want solutions, not software. Timescale is one vendor that figured this out and is having great success without any other enterprise licenses on the software itself. Others have at least started amplifying their cloud/support/managed offerings.

Elastic didn't, and AWS stepped to give customers what they wanted. And in case anyone wants to argue that it's impossible to compete with AWS, please go ask Snowflake how they built a better product on top of AWS itself and became one of the best SaaS success stories so far.

[rowchain]

The only question is: is it user hostile ? These changes are user hostile.

I don't care about VC's money to be honest. I design IT architectures for big banks, and apparent excessive greed from software companies tend to stress me.

[brodock]

A lof of people care. Not all choose opensource because of religion/beliefs. It's the most sane choice when you want to ensure business continuity as the company who owns it can do whatever they want with the product/service including sunsetting it. When it's open you at least have a choice.

[Salgat]

Plenty of major databases are able to operate in a self-sustaining manner while remaining completely open. NoSQL is a highly competitive field, it's not enough to go "well we should accept their behavior because they deserve special treatment".

[raxxorrax]

But you can actually multi-licence code. Put it under GPL and offer other licencing agreements for commercial actors. Copy-left inhibits commercial exploitation while your business licenses get you the money. That is entirely possible.

[iavael]

> Copy-left inhibits commercial exploitation

It doesn't.

[raxxorrax]

Perhaps exploitation is too negative and it is not true for some cases, but most companies do not employ it or use it as a component because of the restrictive licence.

[iavael]

It depends in usage and license. Not all business models suffer from requirement to provide source code to users. Even AGPL can be fine for company (e.g. MongoDB in AWS), if it sells service. And number of companies using Linux kernel licensed under GPL and even making their products based on it is countless.

[raxxorrax]

In that case I agree and kudos to those companies that embrace it and give back. I think it is a way many more companies could embrace if they modified their business strategy a bit.