[openthc]

Another thing that kinds of sucks about this whole "license rug-pull" kind of business is that other teams (like ours) who are publishing open-source software/tools are now suspects too.

Folk ask themselves, why contribute to this thing (MIT/GPL licenses) if there some for-profit entity involved?

Folk can't take us at face-value (I'd argue demonstrated value) and level (unfounded) accusations at us; because some other player did things "dirty".

Well, other folk wanted to pay for support/customisation and in USA you make a for-profit entity to do that. So the corporate part of the open-source project is, nearly, a requirement.

[weinzierl]

"Folk ask themselves, why contribute to this thing (MIT/GPL licenses) if there some for-profit entity involved?"

You put MIT or GPL in the same bucket here, but really shouldn't because the difference is all that matters.

There is no "rug-pull" as you call it. What happened with Redis is what the BSD license allows and what people should expect to happen.

The combination of GPL (or AGPL) with a large enough and diverse set of contributors who keep their rights in their contributions is a proven way to prevent what happened with Redis.

It is our decision as publishers of open-source projects which way we want to go. It is our decision as contributors which open-source projects we support.

Both ways are fine, but blaming others that you regret your decision is not.

[homebrewer]

> The combination of GPL (or AGPL) with a large enough and diverse set of contributors who keep their rights in their contributions is a proven way to prevent what happened with Redis.

Also the lack of a CLA (and/or copyright assignment) because many "modern" projects under the GPL ask you to waive your rights away, thus nullifying the license. Do not contribute to them if you have any self-respect.

https://drewdevault.com/2021/04/12/DCO.html

[sanderjd]

I have self-respect and have no problem contributing to projects with a CLA and copyright assignment. I recognize that I don't control what happens with my contributions, as I have consciously agreed to their terms. Controlling what happens in the future of a project simply has never had anything to do with my motivations for contributing to a project.

[weinzierl]

Good to point out CLAs and thanks for the link. It is a good read.

[hellcow]

Mongo was AGPL until 2018. The AGPL didn’t stop Amazon from abusing the open source social contract, hence why Mongo modified the license.

[weinzierl]

Yep, but developers signed away their rights to MongoDB Inc. That is why I wrote "contributors who keep their rights in their contributions" above.

It is what makes all the difference between MongoDB and Linux, for example. What happened to MongoDB could never happen to Linux.

[_msw_]

Disclosure: I work for Amazon.

AWS never offered a service based on the AGPLv3 version of the MongoDB server. Therefore the change of license terms to SSPLv1 was not directly caused by Amazon’s use of the software as part of an offered service, and had no impact to Amazon DocumentDB as an independently developed interoperable protocol implementation.

There were cloud providers headquartered in Asia that did offer AGPLv3 based MongoDB server as a service.

[liveoneggs]

The BSD license doesn't allow changing it to another license any more or less than GPL.

[samtheprogram]

Yes it does. You can make a private, proprietary app that’s just tweaking a few bits of a BSD project. You can’t do that with the GPL.

Following that, unless the project has a CLA (so that the owner of the project reserves all rights of the code that’s contributed and essentially owns the contribution), any contributions made under the GPL cannot be made closed source, can’t be switched to an incompatible license, etc, because the contribution itself is GPL’d.

[liveoneggs]

Creating a commercial version of a thing is not a license change.

[samtheprogram]

Of course, I said proprietary. You said commercial.

Proprietary refers to ownership and licensing. While I somewhat conflated it with closed-source in my comment, it nevertheless applies since we are talking about the ability to make it closed source.

You can relicense derivative works of MIT or BSD software provided that you satisfy the original license requirements (attribution). This is irrelevant of commercializing it.

Conversely, and to your point, you can sell GPL software you didn’t write, or sell a derivative work of it, but because of the copyleft nature, your derivative work must also be licensed under a compatible GPL license.

[Osiris]

I look at bun in the JS ecosystem like this. They are open source for now but also backed by VCs. They will have to make money at some point.

I have no interest in engaging with that product just to have a new pricing model thrown my way and disrupt everything.

[ozgrakkurt]

It is not even the for-profit thing, it is the VC, because they will be expect to make millions and millions off the project and that is not really possible with just support contracts and similar

[Nemo_bis]

You don't need to ask people to rely on your promises. Just make sure that you are not able to do a rug pull, and explain that. It's generally pretty easy (just don't require a CLA) but you can make it clearer. For example, clarify that you don't own everyone's copyright by writing a copyright notice which includes all of the project's contributors.

There are some practical suggestions at https://reuse.software/tutorial/

[matsemann]

What would you feel if you did all the work, but other companies made all the money by redistributing your software? Wouldn't you find that unmaintainable in the long run?