Our great sponsors
-
flowfuse
Build bespoke, flexible, and resilient manufacturing low-code applications with FlowFuse and Node-RED
-
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
Consider this statement my own, but look at my profile for bias.
I think you might be misunderstanding. Look at the companies there now:
https://github.com/flowforge/flowforge - The CTO is the creator.
https://www.mermaidchart.com/about-us/ - Knut Sveidqvist is the creator.
https://github.com/koor-tech - Rook business, from a Rook Maintainer
https://fleetdm.com/ - Long time contributor is CTO.
"Recruit" meaning see if the creator is interested in being CEO/CTO. And if they are one, find the other co-founder.
OCV is trying to throw money at OSS maintainers and help them make a business with his connections, capital and experience.
I literally watched him do it with DZ. I don't expect that to change with this new venture. But I am biased.
The current system is broken. I don't think I agree with everything in the post, but I'm excited to see movement in this space given that this is a space I spend a lot of time thinking about. (I'll expand on that below)
Even if I disagree with parts of this, this is still one of the most interesting things that I've read around OSS licensing in a minute! Having actual VC money behind this movement is awesome.
For context: I run an Open Source company that's YC + VC-backed. We use are using a hybrid of Apache and Business Source License (BSL, a "non-compete" license that converts to Apache in 2-3 years). Our license file[0] has context about my thought process around this, but I still am not totally happy with it. (BSL isn't an "OSI-Compatible", even if it does feel like the "best" license currently.)
To come to that conclusion, I've read both Heather Meeker's book, "Open (Source) for Business"[1], multiple times now and I've also blogged about this topic[2] before.
All of that is to say, it's complicated and there are some perverse incentives that can prevent you from always "doing the right thing".
Problem #1: You lose control. You may begin with Apache but, as OP states, you eventually end up with the incentive to "rug pull" by switching the license because of market forces/VC influence. (I'm the founder of my company and I would resist it, but eventually our investors might control the board and make that happen anyway by replacing me.)
Problem #2: The hardest part of building a company is getting traction. Just getting anybody to care about you takes a ton of effort and having a permissive license makes it way easier to get that early adoption. And, by the time you have adoption and you decide to go raise VC money, you now end up with Problem #1.
Problem #3: If you start with a copyleft license like GPL/AGPL, then you make Problem #2 harder. Many companies simply won't adopt your software if you're using that. (Linux is a notable exception here, but even companies using AGPL like MongoDB have switched away from copyleft.)
We are using BSL because it feels like the best compromise (it becomes Apache 2.0 eventually). I do still think a lot about switching to Apache though. I just really hate the idea of "rug pulling" and I'd rather be honest from the beginning with a license like BSL, even if it is more difficult to get that initial momentum.
Does anybody else have thoughts to share about this?
0: https://github.com/lunasec-io/lunasec/blob/master/LICENSE.md
1: Open (Source) for Business: A Practical Guide to Open Source Software Licensing - Third Edition https://a.co/8SLjVZI
2: https://www.lunasec.io/docs/blog/how-to-build-an-open-source...
Because its made to stop people from using the code without contributing, which is exactly what you want to do.
Also the biggest on-prem cloud system Nextcloud is under the AGPL, which has its own commercial company Nextcloud GmbH.
https://github.com/nextcloud/server