Yeah, we just did this whole ride with Elastic [0]: company changes the license out from under the community, community revolts, company gives up and changes it back. Both companies even pulled the same "it worked" excuse ("while it was painful, it worked", "this achieved our goal").
Neither company has built in a legal safety mechanism to prevent themselves from pulling the rug again later and both companies have shown themselves to be untrustworthy stewards. They came groveling back when it turned out that community goodwill really did matter after all, but this is definitely a "fool me twice, shame on me" situation.
Dunno about Redis, but for Elastic I still feel sorry for them being thrown around like a rag doll by Amazon. On principal I will not use the Amazon fork, because I don’t want to support a company that would prefer to fork a project rather than fork over some cash. Amazon is more than willing to sell you their Elasticsearch fork at a loss as long as they can eventually recoup the losses when Elastic inevitably dies. At which point they will naturally abandon the open sources side of their fork and continue development in private, at a much slower rate, while doubling the price of the AWS service. At which point you’ll have no choice but the pay up, cause there aren’t any competitors left.
> On September 16, 2024, the Linux Foundation and Amazon Web Services announced the creation of the OpenSearch Software Foundation.[15][16] Ownership of OpenSearch software was transferred from Amazon to OpenSearch Software Foundation, which is organized as an open technical project within the Linux Foundation.
OpenSearch is Apache License 2.0. You can do whatever you want to/with it. How are Elastic the good guys in your mind?
Amazon's product had confusing naming and positioning, and lagged in compatibility which created a headache for Elastic.
And they were using an open source piece of software, but scaling it with closed source secret sauce on top of that. The license was saying they'd have to open up their secret sauce or pay, and their response was to leave the table instead.
OpenSearch still lacks tons of really basic functionality from Elastisearch, and watching how far ahead Elasticsearch got as a product shows how much free lunch Amazon was getting... and how much they actually cared about the product when it was time for them to put their money where their mouth was (despite AWS pulling Elastic's yearly revenue every 4 days).
Elasticsearch has generally matured like it has a passionate builder with a vision. They pushed on two major fronts (LLMs and Observability) and managed to execute effectively without letting product quality slip.
Meanwhile OpenSearch is still the place where tickets requesting 3+ year old ES functionality go to die.
-
I'm honestly on the opposite side: how is the hyperscaler offering a strictly inferior product with closed extensions and still managing to eat the main developers' lunches for the sole reason they already have sales pipelines established not the bad guy?
I guess I'm not really someone who believes in infinite scaling rules: something that can work at the individual scale doesn't have to work when hyperscalers do it (like selling hosted clusters)
> Amazon's product had confusing naming and positioning, and lagged in compatibility which created a headache for Elastic.
Irrelevant.
Elastic decided to release software to the public with a license that granted everyone under the sun the right to use it how they saw fit. This included also selling services.
That became a big part of their business model as it drove up it's adoption rates and popularity. If Elastic kept things like Elasticsearch proprietary, they would hardly have the same adoption rates.
You can't have it both ways. Why do you think people drop these projects the moment these corporations decide to pull the rug from under their userbase?
Of course it is relevant. TooBigTech is killing smaller companies just because it is too big.
When there are issues like this ("we made a successful product and someone forked it and it's killing us"), the "someone" is generally a BigTech, not 3 students in a garage. Then people complain about open source working/not working, and forget that the root problem is the monopoly that is screwing them.
No, it is irrelevant. Try to think about it for a second. You release a project under a license that grants everyone the right to use it as they see fit, including building a business on it. Everyone starts using the project as they see fit.
Do you believe you now have the right to retroactively pull the license on a whim?
Try to think about it for a second: multiple problems can exist in parallel:
1. Some company uses a permissive licence, sees a competitor making a proprietary product from their base, and starts whining. Too bad, they should have used a copyleft licence from the beginning on.
2. Some company makes a nice product. TooBigTech sees it and builds an alternative (be it a fork or from scratch, I don't care). TooBigTech offers it for free (because they can, because they are too big) and capture the market. The original smaller company dies, because they can't offer their product for free. Now TooBigTech can start enshittifying because they own the market, again.
> Do you believe you now have the right to retroactively pull the license on a whim?
If you own the copyright to the whole codebase, of course you can. All those contributors who signed a CLA and are now whining should think about that.
> Large companies using their scales to compete is a feature of capitalism, not a bug.
It's more fundamental that that. It's this idea that a corporation can arbitrarily change licensing terms already granted to end-users to extort them.
This is not limited to any managed service provided by a random cloud provider. The core reasoning is a corporation identifying end-users who are profiting from a service that directly or indirectly involves a project they release to the public under a FLOSS license. They see people getting paid, and retroactively change terms to coerce them into paying them. The same argument they throw at AWS providing a managed service also applies to any company using their project. How does this make any sense?
> It's this idea that a corporation can arbitrarily change licensing terms already granted to end-users to extort them.
If contributors refused to sign CLAs, then corporations would either not get contributions or not be able to arbitrarily change the licence. It's also the contributor's fault if they contribute to a permissive project and give up their copyright. Is it extortion if they agreed to it?
And then those contributors come whining because the corporation does whatever they want. Too bad, don't sign a CLA. And don't contribute to permissively-licenced projects if you don't want your code to end in proprietary products.
> Large companies using their scales to compete is a feature of capitalism, not a bug.
Large companies using their dominant position to compete is not a feature of capitalism. Antitrust laws prevent that. It's just that the US ignores them.
> AWS only gets to compete using their source code because they opened it in the first place. The competition was explicitly invited.
This part I agree with: if you build a permissively-licenced project, you don't get to whine when competitors use it in their own proprietary alternatives.
> Elastic decided to release software to the public with a license that granted everyone under the sun the right to use it how they saw fit. This included also selling services.
The original licensing decision was made well before the formation of Elastic the company. Maybe Shay didn't quite give it the full consideration. I don't know him super well, but like most developers starting open source projects, I don't think he has a legal background. I confess to a certain about of naivety, thinking that contributors would adhere to the spirit of contribution rather than the absolute letter of the license. I don't think it's unreasonable to have societal expectations above and beyond the legal requirements.
I've been doing open source for ~25 years and it appears to me there's been a distinct shift in how companies approach open source. I feel like what I started with was almost a eutopic ideal and now I'm expected to just do free support work for companies that don't want to pay anything to anyone. I don't see any problem with devs realizing their mistake or changing their mind and updating the license accordingly. For my part, I used to use ASLv2 for everything and now I default to AGPL.
> You can't have it both ways. Why do you think people drop these projects the moment these corporations decide to pull the rug from under their userbase?
Just like you have no legal obligations above what the license says, they have no legal obligations to make their work available under the license you want. It's open source, so feel free to take the commit from version before the license change. Of course, it turns out it's quite a bit messier to have two incompatible versions floating around, but as long as we're limiting ourselves to legal requirements that's a non-issue.
The most obvious reason these projects get dropped after a license change is because they now use a license that needs to be reviewed. It's a lot easier to justify spending on a new AWS service than it is getting a new license approved. But, that was more or less happening anyway. If you're already on AWS it's easier to add a new service than pay for hosting a service with a third party. I don't particularly fault Elastic for not wanting to be Amazon's R & D arm and support team.
We have a lot of systems and infrastructure in place that only mostly work because both parties hold up their own end of an unspoken agreement. Large tech companies have decided they can save money by breaking breaking away from that and just sticking to the letter of the license text. Legally, they have that right, but the other parties have predictably responded. I think what it really shows is our licenses don't fit all scenarios. Maybe I'm okay with individuals and companies with a market cap < $1T using the software under terms akin to open source but don't want to be a de facto employee for a large company reselling my software. We're well past the point of open source being about software freedom.
Most of these projects start off as a developer choosing a license without having the legal background to truly assess it and then they run into an 800 lbs. gorilla with loads of in-house counsel. Blaming them for not thinking it all the way through or realizing the implication of their license choice seems to me counter-productive. Okay, so they made a mistake. What now? They don't want to continue working under the framework where they feel being taken advantage of. I don't think they should be obligated to continue doing so because all of the non-Amazon folks don't want to incur the headache of forking. I'd love to see some of that ire aimed at the company willing to break the illusion to make some extra money than the folks that have freely given away their work for years.
> Well they obviously do have the rights, are you saying they broke the law?
No, they do not. They can release new versions with some other license if they get all contributors to agree. They absolutely cannot pull the FLOSS licenses from existing releases.
> They can release new versions with some other license if they get all contributors to agree.
Contributors must sign a Contributor License Agreement (CLA) before a contribution will be merged. The CLA signers gave Elastic the right to change licenses, among others, when they signed the agreement. Consequently, Elastic doesn't need to get individual sign-off from each contributor before changing the project license. The code wasn't based on copyleft license, so there's no compulsion to continue using the same licensing terms for all future distributions. That's a motivating factor for many CLAs. If you made a contribution prior to the introduction of the CLA then things get murkier.
You keep spamming this to anyone who replies to you: maybe your take is the irrelevant since it didn't stop them from pulling the rug in the first place?
> people drop these projects the moment
Noisy people always proclaim that they will, and hyperscalers gleefully market their forks... meanwhile it's mostly hyperscaler customers that they weren't going to get in the first place that actually move.
Elasticsearch was source available for 4 years and still saw massive growth.
People tried to spin Redis db-engine rankings dropping as being due to Valkey, but their trendline doesn't seem to have been affected at all by the change: https://db-engines.com/en/ranking_trend/system/Redis
-
But to be more direct, I'm honestly unimpressed with this brand of reductionism.
It's super easy to keep yelling IRRELEVANT THEY WERE RUNNING AN OPEN LIBRARY AND SHOULD HAVE EXPECTED SOMEONE TO SHOW UP WITH A HAULER TO TAKE ALL THE BOOKS, but it's not useful.
I'd also rather have a software ecosystem that uses targeted defenses to counter hyperscalers (which are more like an invasive species) than one that throws up its hands at them.
For anything that isn't Linux-scale, the alternative is that most of the well funded development ends up being from hyperscalers and that just concentrates their power.
> Yes, anti trust rules should have stopped amazon. But they didn't, this directly hurts open source.
What absurd, twisted logic. No, it does not affect open source. What are you talking about?
> The problem is Amazon, not elastic that's trying to survive.
No, the problem is Elastic trying to coerce end-users to pay them for using FLOSS projects. It makes absolutely no difference if AWS provides a managed service or if I run Elasticsearch in a AWS EC2 instance I pay for.
If a corporation wants to build a business model around FLOSS, it's their responsibility to figure out how to do that. What they cannot do is abuse FLOSS licenses to pull bait-and-switch on their userbase to coerce them to meet their revenue targets.
They did figure it out. Contributors signed CLA and so their license change was absolutely legal and in line with what everyone agreed upon. When you started using the product, you should have known this.
This risk has always existed. It existed when they chose to open source it in the first place.
Time and time again we see the lesson being learned the hard way that "if your business value is your codebase, it's hard to build a business whilst literally giving it away".
> "if your business value is your codebase, it's hard to build a business whilst literally giving it away".
perhaps then it comes as no surprise that some very outspoken open-source proponents do not open-source their core business components. I can understand they do it in order to exist as a company, as busineses, but I don't understand why they have to endure being shamed for staying closed-source, while all their stack is open. many such companies exist.
and let's add to this all the fact that everything released in 2025 as open-source gets slurped by LLMs for training. so, essentially, you feed bro's models breakfast with your open-source, like it or not. in the very near future we'll be able to perhaps prompt a 'retell' of Redis which is both the same software, but written so that it is not.
in essence there seems to be now little reason to open-source anything at all, and particularly if this is a core-business logic. open-source if you can outpace everybody else (with tech), or else you shouldn't care about the revenue.
A sufficiently capable LLM might be good enough to do cleanroom design on its own, with little to no human assistance. That would destroy the entire idea of copyright as it exists for software.
You need one agent that can write a complete specification of any piece of software, either just by using it and inferring how it works, or by reverse engineering if not prohibited by the license. You then have a lawyer in the middle (human or LLM) review it, removing any bits that are copyrighted. You then need another agent that can re-implement that spec. You just made a perfectly legal clone.
Cleanroom design is a well-established precedent in the US, and has been used before, just with teams of humans instead of LLMs.
I think some companies will be completely unaffected by this, as either the behavior of their code can't easily be infered just from API calls, or because their value actually lies in users / data / business relationships, not the code directly. Stripe would be my go-to example, you can't just reverse-engineer all their optimizations and antifraud models just by getting a developer API key and calling their API endpoints. They also have a lot of relationships with banks and other institutions, which are arguably just as important to their business as their code. Instagram, Uber or Amazon also fall into this bucket somewhat.
Because, unlike humans, LLMs reliably reproduce exact excerpts from their training data. It's very easy to get image generation models to spit out screenshots from movies.
> Can we start at "humans are not computers", maybe?
Sure. So it stands to reason that "computers" are not bound by human laws. So an LLM that finds a piece of copyright data out there on the internet, downloads it, and republishes it has not broken any law? It certainly can't be prosecuted.
My original point was that copyright protections are about (amongst other things) protecting distribution and derivative works rights. I'm not seeing a coherent argument that feeding a copyrighted work (that you obtained legally) into a machine is breaching anyone's copyright.
> So an LLM that finds a piece of copyright data out there on the internet, downloads it, and republishes it has not broken any law?
Are you even trying? A gun that kills a person has not broken any law? It certainly can't be prosecuted.
> I'm not seeing a coherent argument that feeding a copyrighted work (that you obtained legally) into a machine is breaching anyone's copyright.
So you don't see how having an automated blackbox that takes copyrighted material as an input and provides a competing alternative that can't be proven to come from the input goes against the idea of copyright protections?
> So you don't see how having an automated blackbox that takes copyrighted material as an input and provides a competing alternative that can't be proven to come from the input goes against the idea of copyright protections?
Semantically, this is the same as a human reading all of Tom Clancy and then writing a fast-paced action/war/tension novel.
Is that in breach of copyright?
Copyright protects the expression of an idea. Not the idea.
> Copyright protects the expression of an idea. Not the idea.
Copyright laws were written before LLMs. Because a new technology can completely bypass the law doesn't mean that it is okay.
If I write a novel, I deserve credit for it and I deserve the right to sell it and to prevent somebody else from selling it in their name. If I was allowed to just copy any book and sell it, I could sell it for much cheaper because I didn't spend a year writing it. And the author would be screwed because people would buy my version (cheaper) and would possibly never even hear of the original author (say if my process of copying everything is good enough and I make a "Netflix of stolen books").
Now if I take the book, have it automatically translated by a program and sell it in my name, that's also illegal, right? Even though it may be harder to detect: say I translate a Spanish book to Mandarin, someone would need to realise that I "stole" the Spanish book. But we wouldn't want this to be legal, would we?
An LLM does that in a way that is much harder to detect. In the era of LLMs, if I write a technical blog, nobody will ever see it because they will get the information from the LLM that trained on my blog. If I open source code, nobody will ever see it if they can just ask their LLM to write an entire program that does the same thing. But chances are that the LLM couldn't have done it without having trained on my code. So the LLM is "stealing" my work.
You could say "the solution is to not open source anything", but that's not enough: art (movie, books, paintings, ...) fundamentally has to be shown and can therefore be trained on. LLMs bring us towards a point where open source, source available or proprietary, none of those concepts will matter: if you manage to train your LLM on that code (even proprietary code that was illegally leaked), you'll have essentially stolen it in a way that may be impossible to detect.
How in the world does it sound like it is a desirable future?
Maybe I need to explain it: my point is that the one responsible is the human behind the gun... or behind the LLM. The argument that "an LLM cannot do anything illegal because it is not a human" is nonsense: it is operated by a human.
> I agree with the fact that LLMs are big open-source laundering machines, and that is a problem.
Why do you believe this is a problem? I mean, to believe that you first need to believe that having access to the source code is somehow a problem.
> I mostly see it as a problem for copyleft licences.
Nonsense.
At most, the problem lies in people ignoring what rights a FLOSS license grants to end users, and then feigning surprise when end users use their software just as the FLOSS license intended.
Also a telltale sign is the fact that these blind criticisms single out very precise corporations. Apparently they have absolutely no issue if any other cloud provider sells managed services. They single out AWS but completely ignore the fact that the organization behind ValKey includes the likes of Google, Ericsson, and even Oracle of all things. Somehow only AWS is the problem.
> I mean, to believe that you first need to believe that having access to the source code is somehow a problem.
How in the world did you get there from what I said? Open source code has a licence that says what the copyright owner allows or not. LLMs are laundering machine in the sense that they allow anybody to just ignore licences and copyright in all code (even proprietary code: if you manage to train on the code of Windows without getting caught, you're good).
> At most, the problem lies in people ignoring what rights a FLOSS license grants to end users
Once it's been used to train an LLM, there is no right anymore. The licence, copyright, all that is worthless.
> Also a telltale sign is the fact that these blind criticisms [...]
> LLMs are laundering machine in the sense that they allow anybody to just ignore licences and copyright in all code (...)
No. Having access to the code does that. You only need a single determined engineer to do that. I mean, do you believe that until the inception of LLMs the world was completely unaware of the whole concept of reverse engineering stuff?
> Once it's been used to train an LLM, there is no right anymore.
Nonsense. You do not lose your rights to your work just because someone used a glorified template engine to write something similar. In fact, your whole blend of comment conveys a complete lack of experience using LLMs in coding applications, because all major assistant coding services do enforce copyright filters even when asking questions.
> do you believe that until the inception of LLMs the world was completely unaware of the whole concept of reverse engineering stuff?
The scale makes all the difference! A single determined engineer, in their whole life, cannot remotely read all the code that goes into the training phase. How in the world can you believe it is the same thing?
> Nonsense. You do not lose your rights to your work just because [...]
It is only nonsense if you don't try to understand what I'm saying. What I am saying is that if it is impossible to prove that the LLM was trained with copyrighted material, then the copyright doesn't matter.
But maybe your single determined engineer can reverse engineer any trained LLM and extract the copyright code that was used in the training?
This is exactly what the AGPL was made to combat against. But open source devs still choose more permissive licenses first - presumably to attract corporate clients to use their product (and because devs are suckers to large corporate interests)
This. They choose a permissive licence, proudly advertise it ("use us instead of our competitor because they are copyleft and we are not"), and then come whining when other competitors benefit from the very fact that they chose a permissive licence.
There are different FOSS communities that hold different values. I come from the copyleft camp because I want to advance Software Freedom objectives for end-users. Others are more interested in advancing software developer freedom, and they find the obligations that are designed to advance end-user rights are unduly burdensome to the software developer. Articles like the one on the FreeBSD website [1] explain why they take a different position
I choose to believe that both of these sub-communities of the larger FOSS community are principled in their beliefs. I don’t see whining from FreeBSD folks about competitors, or for-profit companies using all the permissions they give with their choice of license.
> I don’t see whining from FreeBSD folks about competitors
Sure! Then that's all good! I have nothing against the use of permissive licences (though I am on the copyleft camp too, obviously). Or put it in the public domain.
My problem is with those who do and then whine about it.
It especially bugs me when company blogs call out “abuse” when they only exist as a company because others gave them the permissions needed to build a business on software they did not author themselves!
The solution to the old problem of "what if someone uses my code to compete with me" is "don't open source your code".
This isn't complicated. It's trade secrets 101.
I'm being disingenuous though. Of course the bait-and-switch merchants know this, they're just banking on getting enough product momentum off the free labour of others before they cash in. That's the plan all along.
I think that is a little unfair. I don't know anything about the companies behind Redis and Elastic. But another possibility is that they want to make a good open source product and create some sort of business around it and find it difficult to make a waterproof moat. I'm sure that there are many other open source companies with the same basic strategy that are just more lucky, e.g. don't get AWS as competition.
> The problem here is that Amazon is in a position where they can fork and sell it for a loss in order to crush the competition.
Everyone can fork any FLOSS project. That's by design. There are also no restrictions on random people selling services directly or indirectly using said FLOSS projects.
If a corporation changes their mind and decide it was a mistake for them to release software as FLOSS, they have the right to do what Redis just did. What they can't do is feign ignorance or do a bait-and-switch to try to coerce their userbase to cough up licensing fees for FLOSS projects.
Selling at a loss isn’t bad. Selling at a loss to build marketshare or kill competition usually is.
The issue is that previous companies usually use this aspect to build marketshare, so there is no other way to compete. Other tactics include lobbying, patent bullying, etc.
Shoot, as bad as Uber is, just look at how taxis in major cities were formed.
Then look at labor laws in other countries.
Under the current legal/political structure for any modern country, there is no winning without exploitation, which is why I refuse to start my own business.
No - that's why their pricing is so detailed and why their services have few limits you can't request them to increase.
They can afford to maintain a better branch of Elastic Search or Redis or so on, an drive those companies out of business by the virtue of efficient free market competition. At which point they'll make sure their branch is only useful on their servers, perhaps by adding dependencies on all their internal microservices - so technically they released the code but you can only run it if you're Amazon.
> At which point they'll make sure their branch is only useful on their server
Can you think of any examples where they've done that? They certainly could, but I can't think of any times they have actually rug-pulled like that, and the motive to do so seems tenuous too. In order for Amazon to do something like this they would need established market dominance, as well as a belief that some new player will hurt their market share enough to justify alienating the FOSS community.
Sorry, I didn't want to imply that they do. This would be illegal as per antitrust regulations.
What I wanted to say is that AWS using a permissively-licenced project is fine. The project should have thought about the licence beforehand and started with copyleft from the beginning on. Their problem now.
But a more general problem I see is that even if you use a copyleft license for your project, you have the risk to be crushed by anti-competitive behaviours coming from TooBigTech. It's not rare, they do that all the time and the US doesn't enforce anything. And when others (like the EU) try to do it, the US put pressure because they defend their US TooBigTech.
The latter is not a model or licencing issue, it's an antitrust issue. Now Amazon could compete with Redis without doing it illegaly, but they can only because they are so big. And the fact that they are so big is related to the lack of antitrust enforcement (it's documented, TooBigTech have all abused their dominance forever).
Not really. I have done multiple AWS pricing and costing exercises while launching services and there was never a direction from the VP to sell it lower than what it costs to build and operate. Cost to build and operate includes everything from salaries, infrastructure and many other line items. And usually things are projected 3-5 years into the future and P&L analysis must show that eventually the service will make a profit. It does make some assumptions about minimum customer adoption for the profit margins to materialize which eventually becomes part of the product and sales teams goals.
The costing model does allow losses to be incurred in the initial years because building the thing is more expensive at first but then it should settle down and revenue should outpace expenses.
What can happen with these open source products being launched as a service is that that initial cost can be cut down by as much as 50-75% but rarely more than that because you still need to build all the surrounding infrastructure, documentation, UI. It still gives AWS an advantage by relying on an existing body of work they can start with where many problems have been thought through and solved. Also you will likely get a good product roadmap skeleton ready to be prioritized which otherwise can be a huge time sink.
In a nutshell, no. AWS won’t sell a service at a loss (there are exceptions of course) but there is room to incur a loss at the beginning but it is priced to eventually turn a profit. Whether that happens for every service in reality is a different story.
Most (all?) open source licenses allow you to sell hosted clusters. They offered a hosted solution well before they changed its license. You can also fork it; but depending on the license, you might need to open-source any fork.
: I don't know of any open source license ones that don't allow someone to sell hosted cluster. Even AGPL, which is copyleft, allows it; so long as the hosted version is either: the same as the open-source version, or it's version is also open-sourced.
Nobody knows what the AGPL actually says, since it has not been determined sufficiently in court (at least in the EU) which is why the license is blacklisted by most companies.
If you want corporate adoption except AWS, you still cannot use AGPL.
I feel like there should be a license that doesn’t allow hyperscalers alone to fork without releasing source while being palatable to smaller companies
Interesting that you use the word "free." Long before there was open-source, it was called "free software" and the restrictions on use that required derivative software to give back their changes was the entire point.
> On principal I will not use the Amazon fork, because I don’t want to support a company that would prefer to fork a project rather than fork over some cash.
That's specious reasoning at best.
The whole point of FLOSS is that anyone is free to use it how they see fit. Whether it's a hobbyist doing a pet project or a FANG using it as their core infrastructure, they are granted the right to use it how they see fit.
That's exactly why they started to use it to begin with. Isn't it?
When a random corporation decides to pull the rug on the established user base expecting to profit from the pain of migrating existing services, it is not the user base who is the bad actor.
Can you elaborate on what exactly Amazon did to Elastic? I read all of their blog posts and the only thing I really got out of it was "they sell hosted Elastic cheaper than we can", which is hardly surprising given that Elastic really just packages up AWS/GCP/Azure cloud infra. That doesn't have to be AWS selling at a loss, AWS just doesn't need to pay itself.
And by all accounts I've read Amazon did contribute back to Elastic development up until Elastic switched the license on them. At that point they forked, but it's hard to blame them when they were deliberately locked out of the original project.
Most of the arguments I've seen against Amazon with regard to Elastic have tended to be very vibe-based. Amazon bullied Elastic because that's always what Amazon does! It's plausible, but it's also plausible that Elastic thought they could use Amazon's terrible reputation as a weapon against it without there being any substance.
Elastic was in the same bind as every company which writes opensource. There's no way to monetize it when a hyperscaler can sell it at much thinner margins.
Either the product is donated to a foundation, or the parent company dies.
While amazon technically wasn't doing anything "wrong", they're effectively squeezing the oxygen out of the ecosystem.
The parameters of the problem are relatively new. SAAS - which is now the norm for how software should be delivered, and opensource - which is old - just don't mix, the incentive structure is completely misaligned. Companies are prodding to see how to get out of this conundrum. Mongodb set the tone with the SSPL, and other midcap just kind of followed suit, what else was there to do, what other approaches could have been taken? Now, as the fallout starts to become clear, there's just a lot more information now on what works and doesn't, and companies are pivoting.
There's no vibes about it, it's brutal reality out there, big tech is strangling the market, and the small guys are figuring a way out, first trying one way, now another.
Being in a position where you can copy anything and crush competition is a problem.
In terms of antitrust, I believe that if you could prove that Amazon forked and offered the service with the intent to crush the competition, it would be downright illegal. A current case is Meta: back then, Zuckerberg was happily writing (internally) that Facebook needed to buy WhatsApp and Instagram and Snapchat to prevent them from ever competing. This is anti-competitive.
Companies that build themselves on selling open source software put themselves in the position where anyone else can copy them and compete with them on price, and price alone. This is clearly the disadvantage of open source. It brings plenty of advantages, which is why people do it - but you can't have only the advantages and no disadvantages of open source.
Open sourcing your product is a risky investment, and as with all risky investments, it might pay out, or it might not.
As I said before, I believe that using permissive licences is a bad idea. I have seen multiple projects choosing a permissive licence as a way to compete against an already established copyleft project, just because it's easier to get adopted by companies. I find it unfair but also a bit stupid: by using a permissive licence, they allow anyone to compete with them with a proprietary fork.
Still, there is an antitrust question (that is slightly orthogonal): if TooBigTech can offer a similar product at a loss (e.g. for free) until they capture the market, then that's a problem. And they can only do it because they are too big, and that is an antitrust issue IMO.
I meant they have the resources to copy any product in a way that will crush the competition.
As in, they can build an alternative to an open source project, offer it for free (i.e. at a loss) for years until they capture the market, and then start enshittifying. This is an antitrust problem.
> Elastic explicitly allowed AWS to copy and use their source code, then whined about it.
Yeah at the very least they should have started with a copyleft licence.
1. People put a lot of work into building databases. The license choice is OSS / FOSS.
2. Some people in the community (original authors, community leads) make a company around the database and continue developing it for years on end. They sometimes raise venture capital to expand the business.
3. Amazon / Google / Microsoft offer managed versions of the database and make bank on it. Easily millions in revenue. Original creator / company doesn't get anything, and the hyperscaler isn't obliged to pay.
4. The company decides to change the license to force Amazon / Google / Microsoft to pitch in and pay a fee.
5. Amazon / Google / Microsoft fork the database. The community revolts. Sometimes the people revolting are employees of the hyperscalers, other times these are just FOSS fans that hate "source available" licenses or relicensing.
6. Database company is forced to walk back the changes. Still no revenue.
---
The solution is clear: start your new database with an "equitable source / source available" license from day one. Nobody will complain about a relicense since your license will handle the hyperscalers right off the bat.
Basically your license needs one of a few things if you want to prevent Amazon from walking off with your money:
- A hyperscaler clause such that any managed offering has to (1) be fully open source, (2) has to pay a fee, or (3) is prevented outright.
- A MAU / ARR clause such that hyperscalers are in the blast radius. Note that this also hits your customers.
> The solution is clear: start your new database with an "equitable source / source available" license from day one. Nobody will complain about a relicense since your license will handle the hyperscalers right off the bat.
Yes, this would be the honest thing to do, but people don't do it because using a non-FOSS license loses you adoption. The step you're missing in your little timeline is that the only reason the project takes off at all and becomes big enough that anyone is making money off of it is because it's Open Source. Proprietary databases, programming languages, and similar have lost big time and that's not changing any time soon.
So what's really happening is that these FOSS companies want to have their cake and eat it too. They want to release code for free so that other devs will use it and then make money from the project while somehow banning other companies from also making money off it.
What's missing is why open source won. It's impossible to be rug pulled. If the maintainers (this is a carefully chosen word) attempt a rug-pull you can just Elastic or Redis them. If the product is closed this is impossible and you're at the mercy of whoever you built on. Open Source is the ultimate right to repair. Everything is working as intended.
Selling software is a deadend. Nobody in their right mind will pay for it because the risks are too great. If you want to build a technology business sell services and support.
The majority of software was always proprietary. GNU was a revolutionary idea. Businesses giving away their product to gain favor is just the natural tendency of the rate of profit to fall.
This purist mindset is killing the long term viability of open source. If hyperscalers can make money from successful projects but open source founders can't, in 10 years we'll have fewer open source projects.
Licence freedoms don't have to be all or nothing, or apply to everyone in the world. It can be open source and have restrictions. Anything else turns open source into a religion.
Not a religion, but a term with a specific meaning, which meaning implies a collection of freedoms granted without discrimination. People are welcome to use licenses that revoke those freedoms, but calling them FOSS is confusing and muddies the waters.
See Llama's license: if it can be Open Source while having restrictions, then having an Acceptable Use Policy is okay, right? So Redis could create a license that bans its use if you host adult content, Star Wars fan fiction, or documents containing the letter R?
If Open Source doesn't mean a license that indiscriminately grants a set of specific freedoms then it's pretty useless as a term—all I know on hearing it is that a project's source code is available. Which reminds me, we already have a term for that: Source Available.
Sort-of, we've had a litany of Postgres devshops go bust over the past decade. Some will be for the usual reasons but I wouldn't want to discount the impact of RDS.
However I think Postgres is a bit different. It's a bigger market and more widely used. There's a need for tuning services no matter which platform provides the database servers, so there's a level to make money above cloud hosting.
> So what's really happening is that these FOSS companies want to have their cake and eat it too.
talk about kicking down. So no harsh words about the big dogs who, while contributing nothing, and just due to sheer size and scale advantage, are capturing the lion's share of the enterprise value?
This is a line that gets thrown around very casually, but every assessment I've heard says that the big dogs are quite prolific contributors to these projects.
> capturing the lion's share of the enterprise value?
Ah, here's the Matt Mullenweg logic creeping in again [0]! This is basically his taunt towards DHH (though at least you're using it to cry foul rather than tease!): "although he has invented about half a trillion dollars worth of good ideas, most of the value has been captured by others."
And this is where I think most of this aggression towards cloud providers is actually coming from: a significant number of these companies have bought into the idea that they're a failure if they fail to capture the majority of the value from their Open Source project. Which is understandable when you make a VC-funded business out of it, but makes no sense given that FOSS has always been about advancing the collective good, not raking it in.
If your last sentence were true, you’d prefer a world where hyperscalers do not fork and close source a FOSS project but the FOSS project continues on to thrive
With copyleft being effectively banned in most companies, it means that there is no viable FOSS business model.
Reality is that for now, many FOSS contributors do it for free in their spare time. Comically critical pieces of infrastructure rely on such goodwill development.
But as cozy salaries decline and job security does, less people will have time to work for free.
We will have less Foss, less innovation, less new viable projects compared to if there were no hyperscalers.
ok sure, but there's contributing and contributing.
> a significant number of these companies have bought into the idea that they're a failure ...
ok, fair enough. But in that equilibrium you're painting, _only_ companies like AWS will ever be able to monetize open source, especially since software delivery and SAAS are essentially equivalent in 2025, and SAAS is a margin's play which small fry cannot compete with.
VC-funding is also the lever that allows for open source software to find deep and quick penetration in the industry. it's not aws driving it. So when a practitioner benefits from the mature tooling and such a wide userbase of say Redis or ElasticSearch, it is not only because it was cheap (open source), but also because it was lavishly supported (VC).
> I think most of this aggression towards cloud providers is actually coming from ...
I mean, you're certainly right about that, wouldn't call it aggression necessarily.
The software platform is different now than it was 20 years ago. If we want a thriving open source ecosystem, we will need a answer to the fact that big tech can hover up the spoils before the upstarts - that both spearhead the project _and_ fund its expansion - have a chance.
I don't think the license pick is because of adoption - outside of a few specific cases, the license usually isn't the blocker to getting your tools/projects more widely adopted.
I've written code in the past that I put under GPL that today, I'd probably use a different license for (BSD 3-clause has my preference these days, although I'd just prefer a generic non-commercial license instead). I don't really bother relicensing cuz... it just doesn't matter in the end, these projects are super niche anyway. I picked the GPL since "everyone uses it".
There's always this backlash to demonize anyone daring to move away from the GPL when the simple fact is... maybe some products just don't work in the modern market with the GPL. The hyperscaler thing is a pretty massive issue and the fact that GPL proponents can only give platitudes of "it's working as intended"/"fuck your greed" instead of y'know, accepting that maybe the GPL doesn't work in these environments is... not great.
That isn't a defense of the SSPL or anything like that (it's quite the bad license), but there's a reason that these entities keep writing new licenses instead of going "all rights reserved, we publish source as a courtesy, you can't use it for anything" (even if they effectively close all contributions, they still want to try a permissive license.
Basically the thought that goes into picking the license often isn't nearly as complicated as you may think. It can literally just be "if everyone is doing it, maybe what they're doing is right". Not so much "the GPL gets you more contributors".
I think it might depend on the business. In some places, open source is the "safe pick" (particularly if you aren't selling software and are not worried about things like the GPL). In others, licensing concerns are huge.
> Amazon / Google / Microsoft offer managed versions of the database and make bank on it. Easily millions in revenue. Original creator / company doesn't get anything, and the hyperscaler isn't obliged to pay.
This isn't what is happening. A company called Garantia Data renamed themselves to Redis Labs and acquired the Redis trademark. They're not the original company, and they used a naming trick to present as if they are official (they are now, and nothing they did was illegal).
I really would like to but from working in consulting I know that AGPL is banned in most companies since it’s specifics are completely diffuse and need to be hashed out in court (or are unpalatable).
In spirit the AGPL is what is needed but in practice it kills any corporate adoption sadly.
A license that singles out hyperscalers or goes by revenue is probably a better bet.
Maybe a license that is more clear canbe written, maybe not.
You know Amazon has a hosted Grafana service, right? The AGPL isn't a guaranteed obstacle to hyperscalers sucking up most of the value produced by maintainers.
All companies should do this.. if anything so we know what not to use.
Any sort of proprietary product (be it fully closed source, source-available, or "open source with limitations") is always a risk. You were happily using database X, but they got acquired by Broadcom and now their product costs 100x what it was before. What do you do now?
That's why it is much safer to adopt open source - worst case is the company goes under, but you still keep using last released version indefinitely, and hope new entity (maybe even hyperscaler!) forks the code. Or make an in-house fork if you have enough resources.
"equitable source" license means it's not an option. That new product should really be much, much better than open-source alternatives to even be considered.
> worst case is the company goes under, but you still keep using last released version indefinitely, and hope new entity (maybe even hyperscaler!) forks the code
But it's not always the worst case, is it? If the licence is permissive, an hyperscaler can just take is and make a proprietary product out of it.
Hence copyleft licences without a CLA. Nobody could make Linux proprietary because the copyright is shared between so many people/companies.
I don't understand what you are saying. What has a "supplier" to do in this?
Copyleft is always the best for the customer. Copyleft says "the customer has rights". Permissive says "do whatever you want, as long as you keep my name somewhere in the attributions".
A product - in this case, software - is supplied from a supplier, or vendor, to their customer. Is this business 101?
The usual worst case for the supplier is that they give the product but don't get paid, and the usual worst case for the customer is that they give the money but don't get the product.
With copyleft specifically, the supplier is much more likely to not get paid, but the customer receives the benefit of being allowed to continue the maintenance of the software themselves if the supplier goes out of business. The supplier hopes this will help them acquire and keep customers, many of whom will pay, and keep them in business.
I understand what a supplier is. I don't understand how it relates to what I said.
> With copyleft specifically, the supplier is much more likely to not get paid
That doesn't make any sense. Whether the supplier open sources their code as permissive or copyleft doesn't have any impact on the likelihood of getting paid.
But if they distribute it as permissive, a competitor can just make a proprietary fork. Possibly continuously importing the new improvements from upstream and focusing on differentiating. Whereas if they distribute it as copyleft, a competitor has to share their changes, that upstream can benefit from.
So for the supplier, if that's how you want to call it, it's better to licence code as copyleft. Except if the whole idea is to be adopted by corporations, but in that case don't whine when they take your code and build a proprietary product without contributing anything back.
The original company went under, they no longer exist, so they obviously don't care.
The software user does not care either. OK, someone made a proprietary fork, and that "someone" is a hyperscaler... so what? The last released version is still out there and still can be used-as is / maintained by you / maintained by other 3rd party.
The new maintainers / fork authors should not care too. They base off the last released version, and their fork is not affected in any shape by what some hyperscalers do.
(I guess you can make an argument that proprietary fork might pull users/resources from the open-source one... but I don't think it's a big issue. If the users chose open-source version to begin with, why would they switch to proprietary fork?)
This breakdown hits hard because it’s not just about business models — it’s about trust.
Open source succeeded because it created shared public infrastructure. But hyperscalers turned it into extraction infrastructure: mine the code, skip the stewardship.
The result? We’ve confused “open” with “free-for-the-powerful.”
It’s time to stop pretending licenses are enough. This is about incentives, governance, and resilience. The next generation of “open” has to bake in counterpower — or it’s just a feeding trough for monopolies.
Before moving from permissive licences to non-open-source licences (because they have exceptions for TooBigTech), an easy step would be to use copyleft licences, wouldn't it?
> Grafana's a great example of this. AWS and Azure _could_ have sold the unmodified AGPL Grafana as a service or published their modified versions, but instead, they both struck proprietary licensing and co-marketing agreements with Grafana Labs.
> The company decides to change the license to force Amazon / Google / Microsoft to pitch in and pay a fee.
Could you put a clause in the license that calls out those specific companies that you're concerned about and makes them pay, as well as any of their subsidiaries, a list that can be changed later?
That way, smaller businesses around the software can still exist, nobody gets concerned with the license too much because it calls out specific hyperscalers (no love lost on them in the community) and you still get them to pay their fair share.
Why do people try to ruin everything by SSPL that's overly restrictive and catches everyone else in the blast area, or try to write some clever license that would apply in all cases? Just call out the exact companies that are eating your lunch!
Hyperscaler Anti-Freeloading License (HAFL): If you belong to any of the following companies, or are a subsidiary of them, or operate any of the given cloud platforms and want to offer the service there, pay up: Amazon Web Services (Amazon), Google Cloud Platform (Google), Microsoft Azure (Microsoft), Alibaba Cloud (Alibaba Group), IBM Cloud (IBM), Oracle Cloud Infrastructure (Oracle), Tencent Cloud (Tencent), SAP Cloud Platform (SAP). This list can be changed at our discretion.
No you are wrong. People want adoption by any company other than hyperscalers.
People would be happy to sell service contracts and the like while keeping their code foss, if only hyperscalers weren’t direct competitors to that.
But the reality is that current copyleft licenses means immediate blacklist by most companies legal department.
Which is why almost all cooyleft companies offer copyleft plus some corporate licensing even though in 99 percent of the cases it has nothing to do with the spirit of copyleft as companies just want to import and use the damn package in some completely unrelated internal project or whatever
The combination of unclear legal precedent and corporate governance means that copyleft in it’s current state exactly does not work as most people want
> But the reality is that current copyleft licenses means immediate blacklist by most companies legal department.
Because they always manage to find permissively-licenced alternatives! There are many different copyleft licences (not only the GPL family, take e.g. MPL or EUPL) that can be used and that are not "viral".
> The combination of unclear legal precedent and corporate governance means that copyleft in it’s current state exactly does not work as most people want
This is wrong. What it means is that corporate governance doesn't handle it correctly, because they don't need to.
If a project goes permissive because they want to please corporations, they shouldn't whine when they do. Otherwise they should just use a copyleft licence and teach the smaller companies that they can actually totally use that!
This is the heart of all of these stupid takes. There is no "your money" for anyone else to walk off with. Nothing was stolen.
If you want to sell software, or rent access to software, then just do that honestly forom the outset. And good luck to you on that. I will not consume it unless I have no other choice, and I will not contribute to it at all period, even tertially by for instance developing things that use it or help people work out how to solve problems with it etc. In other words just generally not invest in it, in all the different ways one might invest in something. But hey maybe you will make something indispensible and do it better than anyone else can, and maybe you will get a bunch of other customers.
If you want to benefit from the adoption and goodwill and army of free work that comes with open source, then do that.
The honest reason to work on open source is because you yourself have recognized how much utility you have been given fo free because of it, and wish to pay it forward and basically add to humanity as a whole. What you get back out of it is the same thing everyone else does, the use of the software itself, plus your name being on it.
But if you license something open source, and then care the TINIEST BIT what someone else does with it beyond adhering to the attribution and share-alike terms, then you have missed the point of open source. You are bent about being "robbed" of something that was never yours in the first place. You have no right to Amazon's billions, even the part of it that they made by hosting a copy of some oss software you happened to have written. Amazon is not selling your property, they are selling a managed hosting service. You have no right to the revenue from that. The software being hosted is a community resource there for everyone to use like the air or water, only even better since unlike Nestle taking the water from everyone else, everyone else still has the software.
If anything the supposed injured party in all of these cases are the bad community members because they are often only OSS disingenuously in the first place. They start off with MIT/BSD style licenses because they know a lot of companies are allergic to GPL. But WHY are they so intolerant of GPL? Because GPL doesn't allow them to steal, but MIT allows them to steal. So they start with an MIT-type license because it's "commercial friendly" and then later cry that someone "stole" their B S freaking D licensed software.
People that do that were never writing open source for the purpose of adding to the community pool in the first place. It's either dishonest or at best, possibly honest but in that case just unbelievably incompetent and ignorant.
Yeah, it’d be great if everything was open source and everyone was happy.
But that’s not really what happens. Redis and Elastic are popular exactly because there’s entire companies behind it constantly maintaining it, securing it, and adding features.
If you want use open source software at your job that’s a hard requirement. No, you can’t use “MySillyKeyValueCache” that Timmy develops in his free time with no security or compatibility concerns.
Companies cost money to run. Google and AWS exploit open source work for profit, and don’t contribute back enough to ensure its support. This is what you should be really mad about. The internet giants are literally killing open source.
If they have their way you’ll be stuck with their proprietary software. In practice AWS is already there.
> Companies cost money to run. Google and AWS exploit open source work for profit, and don’t contribute back enough to ensure its support.
I don’t understand this take, if Google/AWS/Microsoft decide to host your service and some vulnerabilities are discovered then you got free Security Research done, your product would either have remained vulnerable or someone else would have filed the same bug.
You own the code so you can decide only certain people can commit PRs and can choose to close any feature requests issues.
If one of the cloud providers decided to use your product it’s because they deemed it reasonable as is or they can fork / contribute upstream.
That is what OSS is, by definition.
Hell you can post the code with a license like MIT and then never touch it again, and if someone else can monitise that code kudos to them.
If you are an existing company and open sourced your code, Facebook/react, then you presumably already make enough money to support development yourself or intend to stop development.
If you open source code that is your core business and somebody “steals your lunch” your learnt an important lesson and hopefully won’t make the same mistake twice. If you then decide to relicense and the community abandons you and causes uproar on the internet you are reaping the rewards of your actions, accept them.
Look, in principle I don’t disagree with anything you said.
However, I think OSS is a net positive to the industry, and would like to see it remain that way.
The classic way to monetize OSS has been to provide hosting and support for a price.
Now the internet giants are taking that entire pie for themselves.
If we agree that we want OSS to be a viable option going forward, and we agree that you need money to hire devs to maintain a successful large scale OSS project, then what do you suggest be done?
> and we agree that you need money to hire devs to maintain a successful large scale OSS project
Therein lies our disagreement, you don’t need to. If you are amazon and upstream is willing to accept requests then amazon can hire devs, and if someone eats their cake then those devs will eventually migrate to the new location.
As someone who did the initial work for OSS I put the code out there, if I dislike the direction a fork is taking I can ignore said fork and keep working on my own version, why do I need to use the version they are using.
It boils down to why did you even start an OSS project, if the intention was to make money or hire other employees you fundamentally misunderstood the assignment.
If you made a project that serves your own need, decide someone else may benefit so you publish it as FOSS online and it gets massive traction how does that change your need, you probably have no reason to make it commercially viable, it is still serving the same need it always has for you.
Now if it gets forked and the fork proves to be of better quality and still serves your need then switch to the fork for your own personal need and now someone else is doing the maintenance, so you end up being the “freeloader”.
And I’ve already discussed the “burden on the maintainer”, if it’s such an issue close access to issues and pull requests. No more burden.
The fork is typically closed source so you do not get to benefit from it and neither does the public good.
This of course means that you should never use permissive licensing since it doesn’t provide many key benefits of what people thought oss would do.
You could use copyleft but i guess with llms it kinda amounts to the same
What exactly is the nature of this fantasyland? I have to have said I wanted or expected something for that to make any sense. You make silly claims based on nothing. That is not an argument.
In fact it's the other way around. Expecting to enjoy both the benefits of OSS and the benefits of collecting rent at the same time for the same thing is the fantasyland.
Then sell software. I said that first thing. Where is the fantasy in that?
If you don't understand it such that you think it's a fantasy (despite the ocean of existing software as proof that is produced, and countless published manifestos from people who do it describing why they do), well that's a you problem not a me or anyone else problem.
You don't get it, that's fine, then simply don't get it, and don't participate in this activity you think is insane.
You are free to have any opinion you want about what constitutes a rational use of your time and effort.
But don't pretend you understand something that the participants do not understand. We're all eating non-fantasy food just fine, somehow.
If they try to sell their software, by your own admission, you won't consume it. That's the point. The fantasy is the idea that some of these open-source products would even work as a closed-source proprietary business model.
Then don't try to sell it. Or make something else that people can't live without and are willing to pay for and can't just pay themselves to write an equivalent instead of paying rent to you forever, whatever, what's it to me or anyone else?
Do whatever you want but it's no one else's problem if you can't figure out what.
I disagree with you on a lot, but you're bang on the money here.
If you want a business, build a business. One key aspect of building a business is understanding what your IP and trade secrets are, how they affect your bottom line, and then controlling them appropriately.
The point is that if there was no business behind projects like Redis and ElasticSearch you wouldn’t be using them either. You’d be using some random Microsoft or Oracle product.
I’m guessing you don’t want that either, so come up with a way to make sure Redis has the financial support it needs to hire engineers to do the full time work that part time contributors like us don’t want to.
The point is I don't have to come up with any such thing.
It is not true that if redis didn't exist then I'd be using some MS or Oracle product. I might, if it was practical. Or someone might have invented redis, or I might if that was a space that still needed filling and somehow no one else did it.
It's like saying if linux didn't exist we'd all be using NT.
That's completely ridiculous. No we would not. BSD already existed and if not that then a minix clone or someone else would have started some other unix clone. There were several small unix clones and other full OS's made by completely small developer teams by then, even single people, commercially. If a single guy can do it at all (regardles that they were doing it to sell), it means the job is not infinitely big and so perfectly doable by a few self-motivated volunteers, especially given how that kind of work has no deadline.
Except "volunteer" is the wrong word because they aren't some kind of weird saint doing something just for you or me. They are doing it for themselves, and you get to have it too.
Everything is like that. Redis is no different. There is nothing magic about redis. Things exactly like that get created when the need for them arises every day. If redis didn't exist is a nonsense invalid premis because 12 redis-alikes will always exist any time the need for it exists. It doesn't matter that I didn't already do it muyself, and I don't have to now either, and that is not just beacause redis happens to exist.
This goes back to my original point. You’re living in fantasy land.
In reality, that’s not how it works. If to use Redis your company had to assign someone to do maintenance work then you just wouldn’t be allowed to use Redis. And yes, you would be using MS Redis, because none of the clones would be secure and supported enough for you to feel good using them.
> Google and AWS exploit open source work for profit, and don’t contribute back enough to ensure its support. This is what you should be really mad about. The internet giants are literally killing open source.
They would have to publish their changes if those projects used copyleft licences. Copyleft licences don't force to "contribute back", but they force disclosing the changes, that the community can then benefit from.
Not sure I understand your message. If you have a copyleft licence without a CLA, then the copyright is distributed between all the contributors, which makes it almost impossible to change the licence. And because it is copyleft, it means that the sources need to be distributed to the users.
So TooBigTech can build a service upon a copyleft project, but they have to distribute their changes, which means that the community can benefit from them. One example I learned about here is Grafana: AWS did not want to use their AGPL version so apparently they pay Grafana to get a commercial licence. That's of course possible only because Grafana own the copyright of the whole codebase. It wouldn't be possible with Linux, for instance, where nobody has the power to give a commercial licence and therefore it is GPLv2 for everybody.
It doesn't prevent TooBigTech from competing by serving the open source project, but that is more of an antitrust issue, I think.
Copyleft are sadly unclear legally which is why essentially no company uses copyleft licenses even if they should.
I mean the intend of apgl is exactly right, but in practice it means you can never ever use it in a company even if you really do not even want to change it or sell it or host it in isolation in any way.
That is really frustrating. Most internal licensing tools i have seen just literally blacklist any direct copyleft imports
Essentially yes. While weak copyleft would be fine for the use cases i have seen, the distinction and the licenses have yet to be tested in a EU court.
As a a consequence there are a numbers of legal options on the matter and as a consequence to that, it is a very hard no from most compliance deps i have seen
There is no problem to solve because there is no rug to pull out. Redis are not owed anything and no one stole anything from them.
When I try to make a business hosting copies of an http server, I am not pulling the rug out from under nginx who actually wrote the http server.
And when AWS does that better and than me, they are not pulling any rug out from under me, or at least not in any way that is special to any of the software involved, just plain old bigger businesses vs little businesses, no different than say Safelite vs Joe the Glass Guy.
No one needs to come up with anything. OSS is already just fine. I don't know what you want, but it seems to be something you never had any right to, and no one needs to come up with anything to satisfy it.
It’s easy to say everyone else is wrong but the majority of innovation and new projects nowadays are coming from people wanting to do oss while still supporting a business with it. That is having it be more than a hobby.
Now you can say that this itself is already a misunderstanding and maybe you are right, but I think you forget also that software reality has changed and indeed there was a time when oss fulltime was viable.
Now the reality is that there is no business model other than closed source or oss with some inevitable rug pull of some sort.
Everyone else is not wrong, and I did not say they were, and so any argument you try based on that is already voided nonsense before you start.
Some people are wrong. It's easy to say that because it has always been true for everything in the world. This topic is no different.
If you want to suggest that you are not wrong, or that I am, you have to present an argument that holds water for that, not anything else.
No one owes anyone a business selling OSS, not even the author of said OSS. If you write something that you want to make money selling, then you are not interested in participating in OSS. That's it. Full stop.
Sell your software honestly.
"But I can't if it's not..." So what? Ok then don't sell it. It's no one else's problem that you have a misguided notion of why OSS exists and what it is good for and why one should spend any time or effort contributing to it.
All the other wailing and crying stems from bullshit you never had any right to in the first place. Not just legally or technically but morally and common-sensely.
> "But I can't if it's not..." So what? Ok then don't sell it.
Interestingly, when it's coming from TooBigTech, apparently they're happy to say "But we can't make viable LLMs if we don't abuse copyright" (yes, they said it). And apparently it works.
Not that I disagree with your point, though: nobody is owed a business selling OSS.
the problem is the definition of Open Source is controlled by the Open Source Initiative, which has been captured by the hyperscalers
which is sort of funny because the term "Open Source" was itself coined to make it possible for people to seek funding to build companies based on the (crazy?) idea of producing software, then giving away its source code
20 years later, the structure of the industry has now changed, and now "Open Source" exists to feed Amazon, Microsoft and Google
if it's not possible to alter the definition to include licenses that include terms that allow sustainable value creation for businesses other than the
hyperscalers, then the term is no longer fit for purpose, and we need a new one
It's really not though. The OSI quickly loses credibility when they try to push a definition that the community doesn't like (see the Open Source AI kerfuffle).
Both the OSI and the FSF are agreed that Source Available with bans on specific use cases is not FOSS. When you've got freaking Richard Stallman opposing you you really have to do better than just scream "corporate capture". Engage with his idea of Freedom, don't set up straw men.
> Both the OSI and the FSF are agreed that Source Available with bans on specific use cases is not FOSS.
well... yes, because they decide the definition of the terms
> When you've got freaking Richard Stallman opposing you you really have to do better than just scream "corporate capture". Engage with his idea of Freedom, don't set up straw men.
Stallman has a very particular view of Freedom (itself a multifaceted term)
and he rather famously completely rejects the term "Open Source"
the situation we're finding ourselves in is one where three increasingly malevolent entities control and capture 100% of the value generated by writing and selling software with source code
if you're an employee of these entities, great for you
for the rest of us, this is a bad situation to be in
and certainly not one that could produce another Red Hat
I agree that the OSI and FSF are trapped with their most hardcore followers, and can't effectively change, assuming they even wanted to.
As for Stallman... his idea of freedom is very narrowly-scoped. In particular, it makes no distinction between hobbyists and megacorps, and is completely blind with respect to economics.
By lumping hobbyists with companies, it makes the category error of extending human rights to corporations. This of course, is nothing new in America, and hasn't been since the infamous 1886 Santa Clara County vs Southern Pacific Railroad court case, that established corporate "personhood".
Corporations are collections of humans. There are certain ways in which extending human rights to corporations a mistake, but allowing them to use free software isn't one of them: either the individuals in the company are able to use the software or they are not, and if they are not then the software is not free.
And in this case it means that it's not AGPL, but proprietary. Which kind of proves my point: they are apparently paying Grafana Labs to avoid the constraints of AGPL. If Grafana was permissive, they would surely not pay.
You wouldn’t use the ten commandments as your only moral guide.
The landscape has changed. Google, Amazon, and microsoft are actively trying to destroy open source business models. Don’t let the leopards eat your face because you were too attached to your ideology.
> Don’t let the leopards eat your face because you were too attached to your ideology.
You're conflating ideologies. User-focused ideology doesn't care about business models. Leopards aren't eating their faces. They're perfectly fine where they are.
Business model focused ideology might care, but the AGPL exists and meets Debian's requirements. Those who care can choose to use it, or not, as they wish.
> the problem is the definition of Open Source is controlled by the Open Source Initiative, which has been captured by the hyperscalers
Thank you for pointing that out.
This is something I have noticed in the last decade:
A lot of fake, captured organisations have popup around open source. I once went down the rabbit hole to try to make a list and quickly found dozen of them.
It is always very hard to understand what they do and employ a bunch of people who usually never wrote a single line of code.
One example found on the Fedora website is the "Digital Public Goods Alliance" [0]
> the problem is the definition of Open Source is controlled by the Open Source Initiative, which has been captured by the hyperscalers
I'm not sure this is true. The OSI's definition of open source doesn't seem to have changed since ~2001 [1] - before AWS was founded - and it'd been around in various forms since ~1997.
This was the era of Microsoft's 2001-era "Shared Source license" which was deliberately GPL-incompatible; Bruce Perens, author of the definition, wrote "Microsoft's Shared Source program recognizes that there are many benefits to the openness, community involvement, and innovation of the Open Source model. But the most important component of that model, the one that makes all of the others work, is freedom." [2] (Perens also judged the first version of the "Apple Public Source License" insufficiently free [3])
They've kinda always been about not just being able to view the source, but also modify it, and redistribute the modified version, merge it into other software projects, make commercial use of it, etc etc
It just so happens that this stance, adopted well before AWS existed, works extremely well for AWS.
I'd argue it doesn't "just so happen" to benefit AWS, it was causal: Open Source created AWS. AWS is structured the way that it is in order to benefit from Open Source, and it grew to its current size by so benefiting.
In a lot of ways things like AWS are what the OSI set out to create when they set out to sell Free Software as an idea to corporations. This was the pitch.
NATS almost ended up doing it recently, too. Fortunately they caved in just today, after the CNCF and the community protested. [1] While the outcome is great, it was a bunch of drama for nothing, and their reputation has been harmed.
Yep. Actually if Redis would end up in CNCF and Redis Labs could provide commercial hosting, extensions - this would be outcome I would be excited about
Interestingly their CEO states that AWS an Google forking redis and maintaining it separately was their "goal" all along. Because fragmentation is apparently good?
Yeah, the whole "they give nothing back" line might be the worst part of the PR around these changes. It's obvious to anyone familiar with the ecosystem that it's not true, which damages the credibility of Redis's argument in the eyes of the people who matter most.
> Neither company has built in a legal safety mechanism to prevent themselves from pulling the rug again later
Previous versions are still available under the original license, right? So if you don't want to use it with a new license, you're in the same situation as if company went out of business or stopped support and development for any other reason. There are no safety mechanisms for that either.
An existing safety mechanism is to do exactly what Linux does: have a copyleft licence and no CLA. So that the copyright is shared between the contributors (so it's impossible to change the licence) and the licence enforces sharing your changes of the project.
The legal safety mechanism is the license. They gave you software under a certain license and you're in the clear as long as you follow it. You don't have to delete it if they give different software under a different license.
If you do need constant updates, you may trust forks more not to switch license, but forks tend to disappear at about the same rate that originals switch license, so why does it matter? Such is the nature of relying on free stuff - you're at the mercy of the one who hands it out.
Neither company has built in a legal safety mechanism to prevent themselves from pulling the rug again later and both companies have shown themselves to be untrustworthy stewards. They came groveling back when it turned out that community goodwill really did matter after all, but this is definitely a "fool me twice, shame on me" situation.
[0] https://news.ycombinator.com/item?id=41394797