This guy seems to fundamentally misunderstand open source. It was not at all about permissive licenses, but it _was_ about "rebranding" free software to sound less ideologically-driven, while still pretty much meeting the same criteria that free software supports.
I think his "war" is actually on MIT/BSD licensing, but it just kind of comes out of nowhere? Who is this guy, what problems has he had or observed?
I think you may also be misunderstanding the GPL here, though.
If you obtain a copy of a project under the constraints of a GPL license, then, if you distribute that project, or a secondary project built using that project, you must also provide the source (plus modifications) alongside the project. There are some caveats about what "built using" means, and what it means to distribute a project to users, but this premise is broadly true for most forms and variants of GPL-family licenses.
The thing that allows relicensing to work is that GPL applies to the distribution of software. Linux isn't, per se, "GPL code", but rather when I download a copy of the Linux kernel, I'm downloading that under the provisions of the GPL license. But the person who wrote the source code does not have to licence the project to themselves. And they can choose to distribute further contributions to the project - or indeed the original contributions - under a new license.
Where this gets a bit more complicated is that most open source projects made up of contributions from a variety of people. Each of these contributors owns the copyright - and therefore distribution rights - to their code. For this reason, many organisations require you to sign a CLA to contribute code to a project, which signs over some rights to the project itself (or its core maintainers) and allows them to distribute your code under their choice of license. Alternatively, some projects will ask all contributors to a project for permission to relicense the code, and rewrite code where they couldn't get permission.
So the statement you make, that all future modifications of that code must also be GPL, is untrue. It is definitely the norm, because relicensing code is complicated and rarely done, and people who use GPL seem mostly satisfied with continuing to use it indefinitely. But it is perfectly legal for an organisation who owns the copyright to a given project to relicense that project under a completely different license. (Although they cannot revoke the original licence for the code they've already released.)
Is removing the GPL license from source code allowed by the license? The FSF owns the copyright to the license, not the source code authors. The license even states that they copyright the source code to protect your rights, does that mean by adding the license you're giving copyright to the FSF?
The FSF did not add the license to your source code, though. You did that (or another contributor), and the FSF gave you permission to use the text of their license. Adding the license does not assign copyright to the FSF.
> In order to make sure that all of our copyrights can meet the recordkeeping and other requirements of registration, and in order to be able to enforce the GPL most effectively, FSF requires that each author of code incorporated in FSF projects provide a copyright assignment, and, where appropriate, a disclaimer of any work-for-hire ownership claims by the programmer's employer. That way we can be sure that all the code in FSF projects is free code, whose freedom we can most effectively protect, and therefore on which other developers can completely rely.
Forfeiture of copyright would mean it becomes public domain and there are no longer any restrictions on distribution/modification.
If you mean transfer of copyright to an organisation aiming to maximise software freedom for end-users, then Software Freedom Conservancy is willing to receive copyrights and enforce the GPL and other code licenses. Probably the FSF is willing to do that too.
No worries! Yeah, the GPL isn't necessarily as strong as it could be, but that's deliberate: the GPL has a very specific and somewhat limited purpose, and is designed for that purpose only.
The principle beyond "Free Software" (in the FSF/GPL style) is that if you as a consumer receive a bundle of GPL'd software, you as the consumer will also receive the source code to that software. In addition, the GPL as a license is also designed so that if you receive software that partially contains some GPL code, you are given enough additional source code that you can make changes to that code and run your own version of it. For example, if you had a C application and included a single file that you obtained under the GPL, then compile it and distribute it to users, you can't just provide that one GPL file, because the user can't make changes to that file and run it - that's not how compiled C allocations work. You therefore need to provide the source code of the entire application - this is the basis of the viral aspect of the license.
The different versions and variants of the GPL affect how exactly that latter point works, and what forms of including GPL software in non-GPL software is allowed, but generally these are the relevant principles for GPL: if you distribute free software, you distribute its source code as well, and you distribute that source code well enough that the end-user could replace that source code if necessary.
The big difference between GPL and more permissive licenses is really only with the second point - the MIT license already ensures that if you distribute software using MIT-licensed code, you must provide the source code alongside it.
And importantly, all of these ideas apply to the people distributing software - the people running software are fundamentally free to do whatever they want with it. This is why "this code can't be run by ICE" or "this code can only be used for peaceful applications" are not considered free or open source - they aren't about the right to modify code you have obtained, but instead they restrict the right to run that code in the first place. And that's what makes things difficult with these questions around how services like Redis get licensed. If you download an application and its source code, make changes to it, and run it on your servers without distributing it to others, the ideas behind free/open source software say that you should be able to do that. But if you let other people access that running application on your servers, are you distributing that software to them? That's the big open question right now.
At least part of his description matches my memories of the period in the 90s where a lot of open source developers were concerned about being able to use their software at work. The GPL’s virality features prominently in that since there were some people warning businesses about possible broad disaster scenarios where they’d make a mistake and be forced to release their proprietary code.
If this didn't happen in the 90s, it's never going to happen.
Just to throw something out there: most of the things in the web ecosystem use MIT license, and we have seen both open source communities and commercial companies benefitting from and contributing to this ecosystem. It is a very vibrant community. Separately, projects like Go, Rust all use permissive licenses compared to GPL licensed gcc. For good reasons. The era of GPL or alike are long gone.
And yet, whenever an organization exercises the rights that a permissive license gives them there is a big outcry ([1], [2] are just two examples, you can easily find a ton) that they are doing something bad[3].
I say to my developer brothers and sisters, don't throw stones living in a glass house. If you contribute to projects under MIT, that's fine, I did it myself, but don't complain if the license is used in its intended way.
If not, well, the GPL is there for you since the 90s...
[3] Where "something bad" is usually a wild mix of supposed moral or wrongly assumed legal obligations.
EDIT: As chungy correctly pointed out below, my first example does not really support my claim. Thanks, and my bad. I think the point still stands and the second example supports it. Finding more examples is left as an excercise for the reader.
> whenever an organization exercises the rights that a permissive license gives them there is s big outcry ([1], [2] are just two examples
Both examples you cited are not related to exercising rights given under a permissive license: instead they are the upstream maintainers deciding to change the terms of future releases.
Probably the only major notable example is how Apple used some of FreeBSD's code in Mac OS X, and even that was kind of just a minute insignificant portion of it. If you notice, FreeBSD was neither threatened nor killed by the act.
"Both examples you cited are not related to exercising rights given under a permissive license: instead they are the upstream maintainers deciding to change the terms of future releases."
But that is exactly what the permissive license made possible!
It could never ever happen to, say the Linux kernal, because of the GPL (plus a wide distribution of Copright to many people, which is not important here, because it is no different't from MongoDB or Redis).
> But that is exactly what the permissive license made possible!
No, it's what being the legal owner of a work makes possible. If MongoDB were GPL-licensed, the exact same scenario could have played out. Licenses for licensees do not apply to the licensor.
> It could never ever happen to, say the Linux kernal, because of the GPL
Linux never required a CLA; thousands of people own the code. If, instead, copyright were assigned to Linus Torvalds or The Linux Foundation, it would be entirely possible and feasible.
"If MongoDB were GPL-licensed, the exact same scenario could have played out. Licenses for licensees do not apply to the licensor"
Actually MongoDB was AGPL before, so it was a terrible example for the point about permissive licenses and excellently illustrates your point.
"Linux never required a CLA;"
And so neither did Redis and it still went the same route as MongoDB. The BSD license facilitated it.
"thousands of people own the code. If, instead, copyright were assigned to Linus Torvalds or The Linux Foundation, it would be entirely possible and feasible."
True, but it isn't and it would not have to be to go the same route as Redis if it had a permissive license.
The moral of the story is: If you value your freedoms don't contribute to permissively licensed projects and never ever assign your right, title or interest in any copyright you have.
This person's entire argument is that the (A)GPL is "viral", and therefore companies have no right to relicense the software they own the copyright for, and they should be sued.
He doesn't quote any specific part of the (A)GPL that supports his argument (frankly, I doubt he's ever read it), he just keeps throwing out the buzzword "viral" as if it means anything. He clearly doesn't understand the concept of CLAs and copyright law in general.
This is a very bad post, and I'm surprised it made the front page.
"If the source code originally used AGPL, isn’t it still contractually obligated to ensure those rights to its users, including any new source code added to it?"
The answer is clearly no. The GPL is not a contract NOR does it contain any such obligation.
"It doesn’t matter that you own the copyright on the software, you can’t revoke the rights on the code that was licensed under its terms."
You cannot revoke the license, but if you hold the copyright to code you can dual license or license modifications under a different license.
"This is a very bad post, and I'm surprised it made the front page. "
An illustration of how little copyright law is understood by developers. I have seen lots similar things in the past. A bit unfair to pick on old stuff that the author probably knows better about by now, but this always stood out as a good example: https://jacobian.org/2009/jul/13/gpl-questions/ - twenty questions, the answers to most of which are fairly obvious or easy to find out.
"Viral" is the word Steve Ballmer used to describe the GPL as a negative thing.
It remains that the owner of the copyright can release the software under any terms they deem fit. Including changing their mind about what license to use for future versions. The license is, well, a license for anyone that's not the copyright owner; it's absolutely non-binding on the copyright owner themselves.
I also don't think "this is a license for anyone not the copyright holder" is accurate. The license specifically prohibits removal of the license you can't "dual license" GPL code.
You can license code under GPL, and you can license the same initial code under a second license, but going forward those two pieces of code are forked. You can't then ship GPL modifications to the other license simply because you have the copyright ownership of the modifications, well, in fact you can, but that requires the GPL license to infect the other source code. You being the sole developer in all of this is irrelevant.
I think this comes down to the answer of this question:
Can you rescind a GPL license?
If not, even as the copyright holder, then no, you as the copyright holder don't have rights over the code moving forward.
That was part of the purpose and intention behind this license.
> You being the sole developer in all of this is irrelevant.
It's the fundamental point.
If you own the copyright to project A and you own the copyright of some patches to project B then you can combine them however you like and distribute them under whatever licences you like.
GPL governs distribution. As the copyright owner you aren't "distributing" those patches to yourself, so the GPL doesn't apply.
> I also don't think "this is a license for anyone not the copyright holder" is accurate. The license specifically prohibits removal of the license you can't "dual license" GPL code.
The terms in the GPL applies only to the licensee. Unsurprisingly the copyright holder still holds the copyright and is not bound to the term of the license.
> Can you rescind a GPL license?
Nobody is rescinding the license here. Whoever got the source code under the GPL license will keep having the rights to _that_ source code. What you call rescind, is in fact licensing the existing code _also_ under different terms, _and_ new modifications only under the new terms.
That's not a very charitable take for a message on a short form platform. A company like Terraform may have had to make harder decisions or never be able to do a rug pull if more of the community refused to submit code under CLA or non-GPL style licenses.
It seems like a fair take to me. Certainly plenty of companies, HashiCorp included, would have fewer choices about how to license future code if they made different decisions regarding contributions. But something like:
> I wonder if the community has grounds to sue any of these companies who are ditching the AGPL in favor of proprietary, source-available licenses, especially under “third-party beneficiary contract” legal theories, like @conservancy did in their suit against Vizio.
> If the source code originally used AGPL, isn’t it still contractually obligated to ensure those rights to its users, including any new source code added to it?
seems to indicate rather strongly that the original poster doesn't understand the AGPL terms, CLAs, or the nuances of contract litigation. At least OP recognises that at least enough to ask a question about it, but I don't think "random questions I thought up about reasonably well-settled law in Twitter thread form" makes a good post.
It seems like a perfectly good topic to me (and I'm not sure why we would expect more in an OP than in a ask HN topic).
The OP may not understand why but it is very common to have gaps when relicensing because collecting CLAs, etc, is often allowed to slip to the minimum for the current license terms.
> Wasn’t the whole point of the GPL that there could never be a rug-pull?
This single statement seems to show a few separate misunderstandings. We'll start with the point of GPL: users having enduring and unalienable rights to run, inspect, change and share the code running on their computer.
But you cannot remove somebody's existing right to code under MIT/etc. You make it closed source, I still have yesterday's branch and every right to it I had then.
You can change the license for the project (by CLA or getting every contributors permission, or excising contributions) and that's true even in [A]GPL projects. Again, this only affects code going forward. Everyone who had the code, still has all their rights to it.
So moving to GPL fixes very little with rug-pulls. It will stop another developer making closed source versions of your code. They don't have to contribute their changes upstream (only to their users).
And GPL scares closed-source developers; AGPL terrifies them. They have their purposes but you have to be real with how they're going to be —rightly or wrongly— interpreted. MIT's prevalence is reciprocal convenience.
Any project owner can decide to be arseholes and change their licenses but the community just routes around. Valkey is a great recent example of that. Never touching Redis again.
MySQL is GPL and this does not prevent Amazon having commercial Modified MySQL called Aurora and does not share it as they do not distribute software.
In my opinion you should Open Source something if you're OK with unrestricted use of it... including your competition. If you want to control who is using it and on what conditions, there is already solution for that called proprietary license.
I'm not saying it doesn't, but a (in my opinion) strong point against this argument is that MongoDB switched away from AGPL to their own license specifically made to solve the cloud problem. Why would they have put in all the effort if the AGPL was working for them?
I like to think of it like this: The AGPL is about freedom, and that it hurts the cloud providers is just a side effect, whereas the SSPL and its brethren is specifically made to sting the cloud providers.
MongoDB did never care about Open Source (as a movement) - their CEO was always very open - they used Open Source as a freemium strategy (or cheap marketing) so there is no surprise they moved to proprietary license once they achieved substantial market position
I think, regardless what their CEO said or not, what counts at the end of the day is what is in the license. The SSPL is literally AGPL + poisonous pill for cloud providers. Characterizing it as proprietary is neither really true nor helpful in my opinion.
What I hope we can agree on is that the SSPL (and the other similar licenses) don't focus on the users freedoms and compromise it in a way to reach their objectives. If more people understood this and chose to put their projects under AGPL I'd be more than happy, but I'm also glad licenses like the SSPL exist as an option for people and organizations that want it.
Only some of it. AGPL would prevented Aurora but not RDS MySQL where the core database is not changed... and AGPL does not require control plane to be open sourced
Aurora vs RDS MySQL is a really good and illustrative example!
I just like to add that this is not a flaw, but AGPL working in its intended way. It was never meant to prevent the cloud use case (neither Aurora nor RDS MySQL) but to force beneficiaries to give back. That they often deem this price too high is what effectively would have prevented Aurora.
> If the source code originally used AGPL, isn’t it still contractually obligated to ensure those rights to its users, including any new source code added to it?
This guy really has no idea how copyright and licensing work. The AGPL places no obligation on the one distributing the original source code, it only places obligations on those who want to use or re-distirbute the code. There are no ifs, ands, or buts about this.
If you don't understand such a fundamental point about licensing, you really really shouldn't be making a fool of yourself speaking about it in public.
Yes, exactly. As a free software developer and freelancer, I can release my stuff to the public under GPL, and a company who wants proprietary customizations can still negotiate with me to secure a different license just for them.
This post was absolutely cringe. There's a difference between "IANAL" and "I just never even bothered trying to understand."
If adobe accidentally publishes the photoshop source code unde GPL and later realizes the mistake and removes it, can it "retract" previously published GPL code?
If it's truly accidental (as in a rogue employee or a script that f'd up), they probably have a legal basis to break the contract/license terms and retract it. Just as stores are not required to honor misprinted price tags. There will likely be a court case if someone believes they legitimately received a GPL-licensed version of the code and wants to use that code in another project (or pass it on to others). Like I said, I think Adobe has a good case to win that here.
If it's "accidental", and they're just trying to walk it back, there would definitely be a court case. Whether they'd win or lose would be very up in the air, and probably depend on the jurisdiction's friendliness to businesses.
And if it was completely deliberate but they simply regretted the decision, then they would not be able to revoke the licenses they'd already given out, i.e. that version would be essentially out in the wild and under GPL forever. But future versions could be closed-source again, assuming Adobe retained all the copyright to their code.
Tangential note: nobody is required to accept the terms GPL, so inclusion of some GPL code doesn't automatically force projects to release their source code.
Without accepting the GPL, use of GPL code is generally a copyright violation, but it can be litigated as software piracy, which may have various outcomes based on how serious that is.
I don't believe so (although this is probably fact-specific about what "accidentally" means), at least with regards to retracting the licence. The GPL is an irrevocable licence.
They could choose not to continue to distribute the code though (but good luck clawing back the GPL licenced copies).
The point is pure psychology: The internet and other advanced "communication" technologies has caused a loneliness in people due to the lack of genuine human interaction, which is partly due to its inherent nature and partly due to the intense commodification of everything on it from large corporations such as Google.
The result is that systems are designed more and more to appeal to the need of the person to gain attention. Twitter itself is much more of a platform where people fight to gain attention for themselves because it is the single aspect of human interaction that has been "gamified" in order to keep these platforms running in exchange for ad views. It is a pathological nature of human interaction that has become a sort of mental drug for users.
The final result is that people have a knee-jerk response to continue these systems because they have become psychologically addicted to seeing their own little posts as encapsulations of their voices, with all the upvotes and views satisfying a single component in their minds of human interaction -- a component that is meant to be part of a much larger complex of behaviours that constitute real, genuine human interaction, and which no longer exist due to our collective support of a consumerist system that places no value on the essence of humanity.
There's also a benefit for things that are meant to start discussions. You can respond to a given fragment without workarounds like a partial "> quote" at the beginning of your message.
Some people amplify that by splitting the messages at logical boundaries rather than just when the space runs out.
Slight nitpick, longer posts require a simple server code modification. Most clients handle longer posts just fine (at least I haven't come across one that doesn't), because servers with longer character limits are common in the Fediverse.
GPL is dead. Companies like the not-at-all-evil-any-more Microsoft copied it all into a state machine, put some AI branding on it, and now it's available in your text editor with some errors to splice into commercial applications, license free.
I don't think there's any point to marking code with GPL at this point. I'd rather people use code as-is than route it through some LLM obfuscation and then use a buggy derivative. Either someone sues Microsoft and wins, which seems numerically infeasible, or we should relicense everything MIT and have done with it.
You make no sense, by your logic everyone should unlicense or https://de.wikipedia.org/wiki/WTFPL everything. Basically just give up on any serious license because AI is going to steal it anyway. MIT makes no sense for what you describe.
People have funny ideas about unknown or missing licenses. MIT is widely recognised and understood. It means people who want to follow the license can use your work, as opposed to only people who are happy to ignore the license.
I think his "war" is actually on MIT/BSD licensing, but it just kind of comes out of nowhere? Who is this guy, what problems has he had or observed?