[tecoholic]

I get that people get upset that their software of choice license is changed at the philosophical level. But I don’t get it at the economical level. When a project changes the license for a future version, the older versions are still available in the older open license right? So the contributions from collaborative effort is still usable under the same terms in those versions. So what’s this “bait and switch”? License changes, people don’t like the new license, they don’t contribute anymore (let’s keep the forks aside for a second), all new change are now by the employees of the company, they own the rights to that like every other product company. What am I missing here? Why do people get upset about the economics of effort and benefit?

I have always been to afraid to ask this ask this question for fear of appearing stupid. But gotta live and learn. So here goes nothing.

[mooreds]

What you're missing is that people contribute (time, energy, code, attention) in the now expecting to be able to reap the benefits into the future.

When I learn redis, I spend time and want to amortize that over a long period. When I integrate elastic search into my application, I expect to be able to use it in the same way far into the future.

Relicensing, as you point out, doesn't affect past versions, but it sure does future ones.

Now I have a surprise chore on my plate, to figure out if and how I need to replace the existing component or learn about an alternative.

More than that, my confidence is shaken. Will they make changes in the future requiring more work on my part?

Changing a license is very similar to an increase in price, but even more fundamental in terms of uncertainty. And people hate change.

(I'm explicitly not addressing the impact of a license change on software freedom because I think it is very important to some. But IMO most folks are more interested in free as in beer than free as in speech. I don't know enough to speak to the free as in speech aspect, so won't.)

I think you asked a great question, hope my answer sheds some light.

[zokier]

But you are not forced to upgrade. You can just keep using the foss version indefinitely exactly the same way as before. That's the great benefit of foss, upstream changes can never force downstreams to do anything.

[skipkey]

Depends on the regulatory environment you work in. If you are in anything related to the financial industry, when CVEs are filed, you absolutely do have to upgrade to the version that doesn’t have them. The company I was working for at the time of the license change did three things. One, they initially forbid the new version to be used. Two, they recommended no new projects use redis. And then they negotiated a license with them, but still kept the recommendation to not use them. So they got some short term revenue, and long term they will be replaced.

[dontupvoteme]

sounds like a problem for the financial industry, thank God they have money to pay for it! they certainly don't use any of it to actually support anything of course.

[shermantanktop]

An ever-increasing list of CVEs represents erosion of value over time.

Software is a shark - if it stops moving, it dies.

(I heard that saying somewhere, and I think it is untrue of actual sharks but it is definitely true of software)

[tecoholic]

Thank you. I was more interested in the “free as in beer” part of the reaction. So it absolutely addresses my question.

[Fr3ck]

But why do you feel like you need to replace Redis because of this license change? The license change impacts the hyperscalers which at the end of the day contribute little to the project but try to profit off of it the most.

[1] https://www.infoworld.com/article/3714688/the-bizarre-defens...

[chipdart]

> So the contributions from collaborative effort is still usable under the same terms in those versions. So what’s this “bait and switch”?

It's undoubtedly bait and switch.

You have a company that portrays itself as the host of a project that relies on community contributions for maintenance, and all of a sudden that host unilaterally forces a licensing change where all users, including those who have been directly and indirectly contributing to maintain the project, are faced with an invoice-or-lawyer threat.

Yes, the source code is still available. Yes, anyone can pick up the last release and run with it. But it isn't business as usual anymore.

It disrupted day-to-day operations of all companies that have been using the software. Managers of all levels had to hold meetings, internal and across organizations. They had to ask lawyers questions and decide what to do and how to act based on their answers. People scrambled to react to this change.

To make matters worse, this change was overtly designed to extort money from it's users. There is no two ways around it. The first step is a sudden change in licensing terms, and expectedly the second step of sending in the lawyers to collect payments under threat of legal action.

[clvx]

Which is included in the as is part of the license.

A ton of projects have stopped working which forced to fork or replace completely due maintainers not caring anymore, getting sick or just switching priorities. Why is this different. For all the licenses change cases, contributors who disagreed forked and stablished a new route. This is 100% the spirit of the license.

[chipdart]

I have no idea what you tried to say. Your comment sounds like machine-generated garbage.

[pizza234]

> forces a licensing change where all users [...] are faced with an invoice-or-lawyer threat.

You're spreading misinformation. See other comments about RSAL/SSPL.

[chipdart]

> You're spreading misinformation. See other comments about RSAL/SSPL.

I think you are commenting on things you know nothing about.

Take the time you need to read through the license you are quoting.

Here's a link to the Redis Source Available License 2.0 (RSALv2):

https://redis.com/legal/rsalv2-agreement/

With RSALv2 you do not need to reach very far in the licensing terms to read the part where it explicitly prohibits users from providing Redis as a service, or even a modified version of it.

With Server Side Public License (SSPL) it's an even bigger shit show, as it forces any business that uses the software to release under the very same license all software and systems and even user interfaces (?!) that directly or indirectly interact with their project. As it is very easy to understand, this prohibits any company from adopting any software released under that license.

And of course it's so very convenient and an incredible coincidence that the same company that tries to force-feed these licenses to the world just so happens to sell proprietary "enterprise" versions of the same project.

[graemep]

> With Server Side Public License (SSPL) it's an even bigger shit show, as it forces any business that uses the software to release under the very same license all software and systems and even user interfaces (?!) that directly or indirectly interact with their project. As it is very easy to understand, this prohibits any company from adopting any software released under that license.

Not "any business", only a business that offers a hosted version of the software. AWS has a problem offering a hosted Redis service, but no one who self-hosts (including running it on a cloud) is affected.

[growse]

> Not "any business", only a business that offers a hosted version of the software. AWS has a problem offering a hosted Redis service, but no one who self-hosts (including running it on a cloud) is affected.

Does "hosted version of the software" mean that the hosted service has to exactly match the API semantics to count? Or does it mean any service that's semantically similar (and powered by) the software (e.g. simply storing and retrieving data on a user's behalf)?

Or does it mean something else?

Where is this actually defined?

[evanelias]

The license defines it: "Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Program or modified version."

I'm definitely not a lawyer; but as a layman I would interpret that as meaning you can't just change a few cosmetic things in the API to get around these terms, since that clearly still "entirely or primarily derives from the value of the Program or modified version" as well as "accomplishes for users the primary purpose of the Program or modified version".

There's certainly edge cases here which I assume will remain a gray area unless they're eventually worked out in court as part of some lawsuit. But given the intent of the license terms and motivation for adopting it (preventing cloud providers from reselling infrastructure software as a managed service), I would really not expect to see lawsuits against non-cloud providers. I mean there's no logical motivation whatsoever for vendors of SSPL-licensed software to start suing random users who aren't competitors. If they wanted payments from all self-host users, they would have used a very different license.

So my guess is the only way this goes to court is if a cloud provider blatantly violates those SSPL terms, which seems unlikely to happen.

[growse]

The bait and switch is because people feel the social contract has been broken.

If you start a project, invite people to come along and donate their free time to making it better, building (and benefitting from) a community of people working towards a common goal, suddenly switching that project to proprietary is a bit of a dick move.

Sure, it's legal, but for the people who thought they were collaborating together on something it feels a bit crappy.

[readams]

You can't just use old versions of software. You need security fixes, dependency updates, etc just to keep it running

[physicsguy]

As soon as there’s a security problem you have to update though.