Have you heard of the Open Source Pledge? Not exactly what you're suggesting but in the ballpark: https://opensourcepledge.com/
I hear you. This feels very similar to the early days of OSS licenses. They were terrible and scary until a few big companies finally came out and said OSS licenses weren't (all) terrible or scary. Then accepting OSS…
Ahh, in that case, I think we are in "violent agreement". :)
We used to say the same thing about Open Source licenses, and that changed. The long-term hope is that enough projects adopt the Open Source Maintenance Fee, or something like it, that it becomes the norm for companies…
Why? It's not specific to the WiX Toolset at all. Other projects can (and some have) adopt the Open Source Maintenance Fee with no changes (or they can change if if they want). WiX is just the first project to use the…
You should read the EULA. You'll find it doesn't say anything about the issue tracker. The EULA is actually a very standard software license that basically says if you use the software and you make revenue, you need to…
There aren't 2 classes of participants. The OSMF only talks about two but there are plenty of spaces for contributors to participate. And it's possible people will choose to participate less, but I haven't seen that…
I appreciate that "edit". :) And, yes, you are very correct that finding balance is very challenging. However, I feel that the OSMF suits the bill quite well, at least for projects of a shape and size that I'm familiar…
Oh, sure there are some. There were some before. It's Open Source after all. That's kinda' the point. :) If more consumers choose to take on the work of maintaining their own fork because of the OSMF, that's okay too. I…
Legal in many companies of different sizes, from Microsoft to tiny ones, have all evaluated and approved of the OSMF EULA. Now, it's fine if someone says I don't want to deal with the EULA. But, in that case, my project…
Oh, I (would and do) expect we'll see our download numbers (nuget.org and GitHub both track those) decrease. Or maybe consumers will choose to stay on a version before the OSMF was introduced longer. So, we'll kinda' be…
You sound like a very reasonable person. :) Many arguments here are extremes with the assumption that everything is a hard lines that cannot be crossed. That's not generally how the real world works (there are some hard…
So far the only hard conversations with accounting are how to pay by invoice (since GitHub Sponsors invoice handling is a bit wonky). Those that pay by credit card have pretty universally been, "Oh, this is easy. Done."…
> everyone contributes whatever they can and uses whatever they need Yeah, Open Source projects don't work like that in reality. It's far more consumers take what they want and demand what is missing.
Well, we've had a few CVEs to work around Windows vulnerabilities, and one of our own making. :( We've also improved the integration with modern Windows build systems. Now adding some features to the language to make it…
It should be. The goal was to make it compatible with all OSS and FOSS licenses.
This is something companies track. Honestly, tracking payments is one of the most important tasks for the procurement teams in a company. They have tools and if the OSMF becomes common, it'll be standard practices for…
I 100% agree with you, and I applaud your efforts. However, my experience is that procurement teams will not pay unless they are required to. Once they are required to, that's what they do. Charity, good will, and…
> If an author uses a license that makes big tech pay, they will not pay. That's not my experience. > But, of course, if the project has started with this license, it never would have gotten to the point where several…
Yeah. My experiences with the OSMF is that companies won't pay for charity, but they will comply with licenses.
This hasn't been the case as of yet. We've had many large companies just pay the sponsorship. Honestly, the problem is not the EULA, it's the need for more flexibility in invoicing than GitHub Sponsors provides today.…
Yeah, that's basically it.
I'm not sure you're still interested but our Quick Start is much, much better and rolls straight into our tutorial. Now there is still a lot of work for us to do but it's better. I made the huge mistake of believing…
Oh, definitely. CVEs have a special place to be reported in GitHub. PSA: Do NOT use the issue tracker to report a CVE. That makes everyone's life difficult. Go through the correct channel.
> Some licenses might allow you to distribute binaries with extra restrictions, but the one you chose almost certainly doesn't The OSMF EULA has been through a few lawyers now. If you're a lawyer, we're happy to have…
Have you heard of the Open Source Pledge? Not exactly what you're suggesting but in the ballpark: https://opensourcepledge.com/
I hear you. This feels very similar to the early days of OSS licenses. They were terrible and scary until a few big companies finally came out and said OSS licenses weren't (all) terrible or scary. Then accepting OSS…
Ahh, in that case, I think we are in "violent agreement". :)
We used to say the same thing about Open Source licenses, and that changed. The long-term hope is that enough projects adopt the Open Source Maintenance Fee, or something like it, that it becomes the norm for companies…
Why? It's not specific to the WiX Toolset at all. Other projects can (and some have) adopt the Open Source Maintenance Fee with no changes (or they can change if if they want). WiX is just the first project to use the…
You should read the EULA. You'll find it doesn't say anything about the issue tracker. The EULA is actually a very standard software license that basically says if you use the software and you make revenue, you need to…
There aren't 2 classes of participants. The OSMF only talks about two but there are plenty of spaces for contributors to participate. And it's possible people will choose to participate less, but I haven't seen that…
I appreciate that "edit". :) And, yes, you are very correct that finding balance is very challenging. However, I feel that the OSMF suits the bill quite well, at least for projects of a shape and size that I'm familiar…
Oh, sure there are some. There were some before. It's Open Source after all. That's kinda' the point. :) If more consumers choose to take on the work of maintaining their own fork because of the OSMF, that's okay too. I…
Legal in many companies of different sizes, from Microsoft to tiny ones, have all evaluated and approved of the OSMF EULA. Now, it's fine if someone says I don't want to deal with the EULA. But, in that case, my project…
Oh, I (would and do) expect we'll see our download numbers (nuget.org and GitHub both track those) decrease. Or maybe consumers will choose to stay on a version before the OSMF was introduced longer. So, we'll kinda' be…
You sound like a very reasonable person. :) Many arguments here are extremes with the assumption that everything is a hard lines that cannot be crossed. That's not generally how the real world works (there are some hard…
So far the only hard conversations with accounting are how to pay by invoice (since GitHub Sponsors invoice handling is a bit wonky). Those that pay by credit card have pretty universally been, "Oh, this is easy. Done."…
> everyone contributes whatever they can and uses whatever they need Yeah, Open Source projects don't work like that in reality. It's far more consumers take what they want and demand what is missing.
Well, we've had a few CVEs to work around Windows vulnerabilities, and one of our own making. :( We've also improved the integration with modern Windows build systems. Now adding some features to the language to make it…
It should be. The goal was to make it compatible with all OSS and FOSS licenses.
This is something companies track. Honestly, tracking payments is one of the most important tasks for the procurement teams in a company. They have tools and if the OSMF becomes common, it'll be standard practices for…
I 100% agree with you, and I applaud your efforts. However, my experience is that procurement teams will not pay unless they are required to. Once they are required to, that's what they do. Charity, good will, and…
> If an author uses a license that makes big tech pay, they will not pay. That's not my experience. > But, of course, if the project has started with this license, it never would have gotten to the point where several…
Yeah. My experiences with the OSMF is that companies won't pay for charity, but they will comply with licenses.
This hasn't been the case as of yet. We've had many large companies just pay the sponsorship. Honestly, the problem is not the EULA, it's the need for more flexibility in invoicing than GitHub Sponsors provides today.…
Yeah, that's basically it.
I'm not sure you're still interested but our Quick Start is much, much better and rolls straight into our tutorial. Now there is still a lot of work for us to do but it's better. I made the huge mistake of believing…
Oh, definitely. CVEs have a special place to be reported in GitHub. PSA: Do NOT use the issue tracker to report a CVE. That makes everyone's life difficult. Go through the correct channel.
> Some licenses might allow you to distribute binaries with extra restrictions, but the one you chose almost certainly doesn't The OSMF EULA has been through a few lawyers now. If you're a lawyer, we're happy to have…