this post was submitted on 02 Jul 2024
39 points (100.0% liked)

Free and Open Source Software

17959 readers
23 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] JackbyDev@programming.dev 1 points 4 months ago (1 children)

Open washing, which is to say the proliferation of licenses that look FOSS if you squint but don't work if you look closer, and practices related to these licenses. Here we have big players like Elastic, Redis, MongoDB, and numerous smaller cases as well. The practice of building off of the lavish advantages of being in the FOSS ecosystem, then pulling the rug and seeking exclusive commercial monopolization of the end result.

Someone help me understand why this is a problem. I am willing to accept that I'm missing something. As I see it,

  1. Strong copyleft licenses like GPL attempt to put restrictions on what you can do with the software because of ways that corporations have exploited more permissively licensed FOSS projects.
  2. Examples include the "TiVo" stuff in GPL v3 which forces users to not lock people into specific executables or AGPL which prevents a loop hole of wrapping GPL software in something to allow usage over a network and not be considered distributing.
  3. Some FOSS advocates go so far as to call permissive licenses derogatory things like "cuck licenses" because of how they potentially allow corporations to exploit your work.
  4. Mongo, Elastic, and now Redis felt exploited by companies and that AGPL (what I believe is generally accepted as the most restrictive FOSS license) was not restrictive enough to meet their needs and switched to SSPL. Mongo in particular was even already using AGPL.
  5. The SSPL was rejected by the OSI because it allegedly discriminates against would-be SaaS providers which would violate OSD #6. I don't see how that's any more true than saying GPL v3 "discriminates against DVR manufacturers" because it had a clause specifically to combat what TiVo was doing or even saying AGPL "discriminates against SaaS providers" because it requires network use to be considered distribution (Google specifically warns against it).
  6. AGPL closed a loop hole in GPL. That's a fact. I don't think that's debatable. I believe SSPL is closing a loop hole in AGPL and I am confused why others disagree.
  7. Mongo, Elastic, and Redis are available under the SSPL but the requirements are strict enough that no SaaS providers want to use them. They are also available under commercial licenses which lift those restrictions for a price. The goal of this is to allow the benefits of open source without being exploited. While people disagreeing with me about SSPL being FOSS might say that this is intended to make it difficult for SaaS providers, I'd point out that dual licensing is common and acceptable. Take Qt for example. You can either use Qt and be bound by GPL (which means it is difficult for you and you have to release some of your would-be proprietary code) or you can pay for a commercial license and not be bound by GPL.

So... My question is, what's different about SSPL?

  • Why is SSPL not considered FOSS while other restrictive licenses like AGPL and GPL v3 are?
  • How are companies behind FOSS projects meant to prevent their code from being exploited by SaaS providers?
  • Is there some hypothetical lesser version of SSPL that still captures the essence of it while still being more restrictive than AGPL that would prevent exploitation by SaaS providers?
[–] moonpiedumplings@programming.dev 3 points 4 months ago

Why is SSPL not considered FOSS while other restrictive licenses like AGPL and GPL v3 are?

So I have an answer for this. Basically all of the entities listed that relicensed their projects to the SSPL, also relicensed their projects using the dual licensing scheme, including one proprietary license. That's important later.

The SSPL's intent is probably that the deployment framework used to open source this software must be open sourced. I like this intent, and I would consider it Free/Libre Software, but it should be noted that another license, the open watcom license, which requires you to open source software if you simply deploy it, is not considered Free Software by the FSF. I don't really understand this decision. I don't count "must share source code used" as a restriction on usage cases. It seems that the FSF only cares about user freedom, whoever is using the software, and views being forced to open source code only used privately as a restriction.

Now, IANAL... but the SSPL's lettering is problematic. What is part of the deployment system? If I deploy software on Windows, am I forced to open source windows? If I deploy it on a server with intel management engine, am I forced to open source that? Due to the way it is worded, the SSPL is unusable.

And a dual license, one proprietary and one unusable means only one license — proprietary. There's actually a possibility that this is intentional, and that the intent of the SSPL was never to be usable, but rather so that these companies could pretend they are still Open Source while going fully proprietary.

But, for the sake of discussion, let's assume the SSPL's intent was benevolent but misguided, and that it's intent was not to be unusable, but rather to force companies to open source deployment platforms.

Of course, the OSI went and wrote an article about how the SSPL is not an open source license but that's all BS. All you need to do is take a look at who sponsors the OSI (Amazon, Google, other big SAAS providers) to realize that the OSI is just protecting their corporate interests, who are terrified of an SSPL license that actually works, so they seek to misrepresent the intent of the SSPL license as too restrictive for Open Source — which is false. Being forced to open source your deployment platform still allows you to use the code in any way you desire — you just have to open source your deployment platform.

Is there some hypothetical lesser version of SSPL that still captures the essence of it while still being more restrictive than AGPL that would prevent exploitation by SaaS providers?

AGPL. There's also Open Watcom, but it's not considered a Free Software license by the FSF, meaning software written under that wouldn't be included in any major Linux distros.

I think in theory you could make an SSPL that works. But SSPL ain't it.

Of course, there are problems with designing an SSPL that works, of course. Like, if you make it so that you don't have to open source proprietary code by other vendors, then what if companies split themselves up and one company makes and "sells" the proprietary programs to another.