As far as I understand it, the stance of the 'Open Source' crowd is that if Amazon can't make it one of their AWS offerings then it isn't true open source, and they'll get very upset at you if you claim it is.
I'd like to see some recognition from this crowd of the "free-ride competition" problem as this author puts it. What Herman is doing is a service to us all, and we should find a term (better than 'source-available', which is cold and doesn't capture community projects accurately) that people can promote themselves under without much weeping and gnashing of teeth.
EDIT from a comment in a thread way down, that summarises my point:
I argue that the natural winner-take-all dynamics of the marketplace are not beneficial to the the mission of free and open source software. In fact, having no safeguard against large organisations making money this way is actually hugely detrimental to the mission by enabling these companies to ensnare unsuspecting users in a web of both their own proprietary software as well as all that free and open source software has to offer.
> As far as I understand it, the stance of the 'Open Source' crowd is that if Amazon can't make it one of their AWS offerings then it isn't true open source, and they'll get very upset at you if you claim it is.
You don't get to just redefine terms if you find them inconvenient and people are right to push back against such attempts. If you want something else, put in the work to get mind share for your model instead of trying to catch a free ride by taking over an established one.
My issue with "source available" as a term has always been that it basically sounds like a synonym to "open source". It's not clear to me why the place to draw the line for what level of restriction constitutes " would be between what's known as " source available" and "true" open source when the question of "can I read the source code for this or not" seems way more intuitive to me than "can I run a cloud-based software service for this without violating the terms of the license".
From what I can tell, the argument against including stuff that's called source available in the category of open source basically boils down to the OSI definition, but it doesn't seem reasonable to me for an organization to claim exclusive rights to a very generic-sounding term with an intuitive definition that clashes with how they want to define it. If there's a concern over the pollution of their brand, they should be trying to trademark it, and if there's not, the constant backlash against anyone using the term in a way that conflicts with their definition is pretty antisocial. I recognize that this battle is probably already lost, but I'm not sure I'll ever understand why as a community we seem to have been happy to police usage of an unintuitive definition through public pressure just to try to make a point that doesn't seem to have nearly as much consensus behind it as the expectation of uniformity would imply.
I suppose this is the move if you're looking to foreclose all possible competing usages. Kudos for using correct terminology as it is no longer Open Source.
However, I still believe AGPL is a better alternative in most cases and functionally prevents large enterprises from touching your code due to typical internal policies.
It's always sad when someone removes their project from the free software world.
I'd like to comment further on the permissive license point:
> When I started building Bear I made the code available under an MIT license. I didn't give it much thought at the time
I suspect many people choosing permissive licenses do it in the same spirit. They don't give much thoughts about the license, they just want to share the code with others (which is very nice!), and there was a push some years ago to make permissive licenses the default in many ecosystems (this is not innocent, by the way).
For me, the first lesson from this blog post is: think hard about what you want to really allow.
Given what the author says later:
> It hurts to see something you've worked so hard on for so long get copied and distributed with only a few hours of modification
The permissive license was obviously a bad choice. Not blaming, of course, hindsight is 20/20.
Pick permissive licenses if you are okay to work for free for other entities, and if you are cool with the potential asymmetry of them not sharing their improvements.
I'll preach for my church: when you release something, please consider a strong copyleft license. If it's SaaS, consider AGPL. It still allows people to provide services with your work, but if they need to improve your code, they are required to redistribute the improvements to their users. I don't see many reasons, in most cases, to allow people to get your code and not do the same as you: provide the code to their users; that's unfair to both their users and yourself (a notable exception is if you want to push/promote a format or a standard - then you want to push adoption at "all" costs).
Most of the times, this means you can get these improvements back. By sharing free software under AGPL, it is still possible that you'll work for free for someone else. But at least, you'll be competing on more equal footing. They'll actually need to work to be better than you.
In both cases, your advantage over them is your expertise in your own stuff.
A side effect of the AGPL is that big corps are afraid of it, so you will likely not get competition from them (even though AGPL allows them to do so).
From their GitHub:
Obviously you could self host it (and I guess plenty have figured out how to and even created competitors with the code if they are making this change?), but they discourage hobbyists from trying with this unhelpful statement. So what was the point of even being open source? Their whole statement kind of comes off as disingenuous to me because of this.
"Bear Blog has been built as a platform and not as an individual blog generator. It is more like Substack than Hugo. Due to this it isn't possible to individually self-host a Bear Blog."
Has the maintainer looked at fair source? [0] I believe it's superior to source-available (and open core), because it eventually becomes fully open source under DOSP [1], which is great for free and paid users, especially for a blog platform like Bear. There's an FCL [2] fair source license, which aligns pretty well with their current Bear Blog License (namely the non-compete and license key bits from the ELv2). All in all, the term "source-available" is pretty meaningless, because there are too many variables. Fair source tries to tighten that up.
It also aligns quite well with Bear's manifesto [3]. Even if Bear PTY LTD ceases to exist, Bear won't. This can be codified under DOSP.
Disclaimer: I'm involved with fair source and helped write the FCL.
I’d like to see a “no jerks” license. It’d be MIT by default, but call out specific bad actors as being disallowed from using the software. That way your average corporate user wouldn’t need to consult a lawyer before adopting
Curious what author would think of separating the service and the core parts and leaving core as open source.
This way someone could create a competing service but they would have to write the entire service layer themselves and a single user would be able to self host the core part.
Also curious what they think about the thiefs not caring about the license and copy pasting it anyway. I don’t think the kind of person that copies your code and tries to sell it would really care about the license
I really believe this is the best model or licensing. I care about seeing the code and being able to modify it to suit my own preferences, but I also care about the project being healthy and the maintainer being able to earn from their efforts without worrying about cheap competition.
Even better when a project starts with this model so it doesn't feel like a rug pull or doesn't get messy with forks overshadowing the original product. But I don't feel like Bear had the kind of scale to face this type of reaction.
I use mataroa.blog periodically which is in the same nice and I wish the Bear maintainers fulfillment with their project.
I understand the reasoning and I also understand the interest of still providing the sources. I'm however curious why the MIT license was chosen instead of the AGPL if competition was a concern
I certainly get the hurt feelings, but i'm not clear on the license at all.
>Limitations: You may not provide the Software as a hosted or managed service that offers users access to substantial features or functionality.
Where on the spectrum sits an average cookie-cutter VPS provider that comes with an OS package manager that installs the program? Does the VPS provider have to screen the package manager? Does that change if they build a wiki with "1-click-install" that just sends an ssh command to install?
Is this just a requirement to have some theater where an "unaffiliated" third party has to provide the set-up scripts? Or just a rule you can't mention the option during the sales pipeline?
> This license is almost identical to the MIT license but with the stipulation that the software cannot be provided as a hosted or managed service
Note that while the original change was an additional clause to the MIT license, it was quickly changed to something completely different.[0] Since it no longer permits sublicensing and restricts "remov[ing] or obscur[ing] any licensing, copyright, or other notices in the Software," I believe it's closer to GPL now?
Naive. Guy picks a license that allow anyone to do anything they want with his code. Later realizes that was not appropriate when he's trying make money. Changes to an obscure license that on the surface seems to fix the problem.
Your options are: MIT / BSD, GPL, LGPL, AGPL. All others are unnecessary and create needless incompatibility.
Nitpick but I accidentally upvoted the article (in the bearblog.dev website itself, the small upvote in the website)
and turns out once you upvote, you can't downvote?
Well, I love minimalist site providers
Its license is AGPL which still technically falls under Open source as to what "OSI?" says.
Source available just have a bad taste in my mouth. Maybe my critique of them isn't based on good intentions but I feel like I am getting really restricted as a user by source available licenses. I understand the pain of developers trying to make money. I just think that AGPL is a better use case and even elastic search went back to agpl and a lot of these source available things are going to agpl
I am sure that big tech might be able to bypass agpl itself somehow and that's why there were things like sspl but I still think that agpl is one of the most rock solid copy left licenses.
Silly. Globally over half of smartphone users have Android phones. Bear was actually the only thing that kept me in the Apple ecosystem for so long, was really bummed when I switched to Android to have to move to another notes program.
IMO - you are charging money for your app which makes you a business. When you don't listen to the market you forfeit any right to complain when you get your lunch money stolen. Sounds hard but most lessons in business are expensive!
As much as people tend to hate it, I quite like copyleft licenses on the whole and wouldnt mind it at all for Bearblog, but this particular variation seems a bit odd. I mean I havent heard any problems from Elastic with it so I guess it sorts itself out, it just seems more complicated just AGPL
> We're entering a new age of AI powered coding, where creating a competing product only involves typing "Create a fork of this repo and change its name to something cool and deploy it on an EC2 instance".
I've been curious about how LLMs would impact open source, I have some theories and this is not the only one.
72 comments
[ 2.4 ms ] story [ 81.1 ms ] threadI'd like to see some recognition from this crowd of the "free-ride competition" problem as this author puts it. What Herman is doing is a service to us all, and we should find a term (better than 'source-available', which is cold and doesn't capture community projects accurately) that people can promote themselves under without much weeping and gnashing of teeth.
EDIT from a comment in a thread way down, that summarises my point:
I argue that the natural winner-take-all dynamics of the marketplace are not beneficial to the the mission of free and open source software. In fact, having no safeguard against large organisations making money this way is actually hugely detrimental to the mission by enabling these companies to ensnare unsuspecting users in a web of both their own proprietary software as well as all that free and open source software has to offer.
You don't get to just redefine terms if you find them inconvenient and people are right to push back against such attempts. If you want something else, put in the work to get mind share for your model instead of trying to catch a free ride by taking over an established one.
From what I can tell, the argument against including stuff that's called source available in the category of open source basically boils down to the OSI definition, but it doesn't seem reasonable to me for an organization to claim exclusive rights to a very generic-sounding term with an intuitive definition that clashes with how they want to define it. If there's a concern over the pollution of their brand, they should be trying to trademark it, and if there's not, the constant backlash against anyone using the term in a way that conflicts with their definition is pretty antisocial. I recognize that this battle is probably already lost, but I'm not sure I'll ever understand why as a community we seem to have been happy to police usage of an unintuitive definition through public pressure just to try to make a point that doesn't seem to have nearly as much consensus behind it as the expectation of uniformity would imply.
However, I still believe AGPL is a better alternative in most cases and functionally prevents large enterprises from touching your code due to typical internal policies.
I'd like to comment further on the permissive license point:
> When I started building Bear I made the code available under an MIT license. I didn't give it much thought at the time
I suspect many people choosing permissive licenses do it in the same spirit. They don't give much thoughts about the license, they just want to share the code with others (which is very nice!), and there was a push some years ago to make permissive licenses the default in many ecosystems (this is not innocent, by the way).
For me, the first lesson from this blog post is: think hard about what you want to really allow.
Given what the author says later:
> It hurts to see something you've worked so hard on for so long get copied and distributed with only a few hours of modification
The permissive license was obviously a bad choice. Not blaming, of course, hindsight is 20/20.
Pick permissive licenses if you are okay to work for free for other entities, and if you are cool with the potential asymmetry of them not sharing their improvements.
I'll preach for my church: when you release something, please consider a strong copyleft license. If it's SaaS, consider AGPL. It still allows people to provide services with your work, but if they need to improve your code, they are required to redistribute the improvements to their users. I don't see many reasons, in most cases, to allow people to get your code and not do the same as you: provide the code to their users; that's unfair to both their users and yourself (a notable exception is if you want to push/promote a format or a standard - then you want to push adoption at "all" costs).
Most of the times, this means you can get these improvements back. By sharing free software under AGPL, it is still possible that you'll work for free for someone else. But at least, you'll be competing on more equal footing. They'll actually need to work to be better than you.
In both cases, your advantage over them is your expertise in your own stuff.
A side effect of the AGPL is that big corps are afraid of it, so you will likely not get competition from them (even though AGPL allows them to do so).
"Bear Blog has been built as a platform and not as an individual blog generator. It is more like Substack than Hugo. Due to this it isn't possible to individually self-host a Bear Blog."
It also aligns quite well with Bear's manifesto [3]. Even if Bear PTY LTD ceases to exist, Bear won't. This can be codified under DOSP.
Disclaimer: I'm involved with fair source and helped write the FCL.
[0]: https://fair.io
[1]: https://opensource.org/dosp
[2]: https://fcl.dev
[3]: https://herman.bearblog.dev/manifesto/
This way someone could create a competing service but they would have to write the entire service layer themselves and a single user would be able to self host the core part.
Also curious what they think about the thiefs not caring about the license and copy pasting it anyway. I don’t think the kind of person that copies your code and tries to sell it would really care about the license
You know something's broken when Microsoft gets to claim to be the biggest backer of open source.
Meanwhile they'll break your back and steal all your trust and credibility if they can
Even better when a project starts with this model so it doesn't feel like a rug pull or doesn't get messy with forks overshadowing the original product. But I don't feel like Bear had the kind of scale to face this type of reaction.
I use mataroa.blog periodically which is in the same nice and I wish the Bear maintainers fulfillment with their project.
I would love to see this reversed and moved to AGPL instead.
>Limitations: You may not provide the Software as a hosted or managed service that offers users access to substantial features or functionality.
Where on the spectrum sits an average cookie-cutter VPS provider that comes with an OS package manager that installs the program? Does the VPS provider have to screen the package manager? Does that change if they build a wiki with "1-click-install" that just sends an ssh command to install?
Is this just a requirement to have some theater where an "unaffiliated" third party has to provide the set-up scripts? Or just a rule you can't mention the option during the sales pipeline?
Note that while the original change was an additional clause to the MIT license, it was quickly changed to something completely different.[0] Since it no longer permits sublicensing and restricts "remov[ing] or obscur[ing] any licensing, copyright, or other notices in the Software," I believe it's closer to GPL now?
[0]: https://github.com/HermanMartinus/bearblog/commit/89c3f346ef...
Your options are: MIT / BSD, GPL, LGPL, AGPL. All others are unnecessary and create needless incompatibility.
and turns out once you upvote, you can't downvote?
Well, I love minimalist site providers Its license is AGPL which still technically falls under Open source as to what "OSI?" says.
Source available just have a bad taste in my mouth. Maybe my critique of them isn't based on good intentions but I feel like I am getting really restricted as a user by source available licenses. I understand the pain of developers trying to make money. I just think that AGPL is a better use case and even elastic search went back to agpl and a lot of these source available things are going to agpl
I am sure that big tech might be able to bypass agpl itself somehow and that's why there were things like sspl but I still think that agpl is one of the most rock solid copy left licenses.
IMO - you are charging money for your app which makes you a business. When you don't listen to the market you forfeit any right to complain when you get your lunch money stolen. Sounds hard but most lessons in business are expensive!
I've been curious about how LLMs would impact open source, I have some theories and this is not the only one.
Why does this keep happening? Why are so may developers blind to this obvious outcome?