By Steven J. Vaughan-Nichols
Computerworld | Mar 28, 2024 3:00 am PDT
Essentially, all software is built using open source. By Synopsys' count, 96% of all codebases contain open-source software.
Lately, though, there's been a very disturbing trend. A company will make its program using open source, make millions from it, and then — and only then — switch licenses, leaving their contributors, customers, and partners in the lurch as they try to grab billions. I'm sick of it.
The latest IT melodrama baddie is Redis. Its program, which goes by the same name, is an extremely popular in-memory database. (Unless you're a developer, chances are you've never heard of it.) One recent valuation shows Redis to be worth about $2 billion — even without an AI play! That, anyone can understand.
What did it do? To quote Redis: "Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD)."
For those of you who aren't open-source licensing experts, this means developers can no longer use Redis' code. Sure, they can look at it, but they can't export, borrow from, or touch it.
Redis pulled this same kind of trick in 2018 with some of its subsidiary code. Now it’s done so with the company’s crown jewels.
Redis is far from the only company to make such a move. Last year, HashiCorp dumped its main program Terraform's Mozilla Public License (MPL) for the Business Source License (BSL) 1.1. Here, the name of the new license game is to prevent anyone from competing with Terraform.
Would it surprise you to learn that not long after this, HashiCorp started shopping itself around for a buyer? It didn't surprise me.
Before this latest round of license changes, MongoDB and Elastic made similar shifts. Again, you might never have heard of these companies or their programs, but each is worth, at a minimum, hundreds of millions of dollars. And, while you might not know it, if your company uses cloud services behind the scenes, chances are you're using one or more of their programs,
There is a threefold reason these companies did this. First, all of them, at one point or another, mistook "open source" as a business model. It wasn't then, it isn't now, and it never will be.
Second, having made that first mistake, they discovered the hard way that while they could make millions, other companies, usually the hyper-cloud providers such as Amazon Web Services (AWS), were making just as much, if not more, from their programs. They did it by providing their software as a service to businesses.
It's a matter of scale. People want to use the software as a service, not as a one-off they need to work on themselves.
Finally, hidden behind the financial curtain, venture capitalists don't want hugely successful companies; they want unicorns. If a business isn't worth a billion dollars before its initial public offering (IPO), it's not a winner in their books.
Welcome to life in Silicon Valley,
So, what's the simplest way to do this — besides firing employees to replace them with insufficiently ready AI bots? Drop the open-source license. They've developed their program with the help of others; they got their customers thanks to open-source assurance; why let anyone else get a share of the pie?
Software companies are ticked off. At least two Linux distros, Fedora and openSUSE, are considering getting rid of the Redis program. If they do, you can expect their big commercial brothers, Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES) to follow suit.
Who's really furious about this, though, are developers. It's their work, after all, that's disappearing into semi-proprietary vaults, never to be touched by them again.
So, as they've done before and they'll do again, at least two sets of programmers are forking it. First off the mark was Drew DeVault, founder and CEO of SourceHut, with Redict. He was quickly followed by Madelyn Olson, principal engineer at Amazon ElastiCache, itself an open-source fork of Elastic. However, as Olson observed, this as-yet-unnamed Redis fork is not an AWS project. AWS is working on its own response.
They can do this because while Redis has changed its license going forward, they can't take back the code they'd licensed under the previous code. You can still do whatever you want, according to the terms of the old license, with earlier versions of the code.
This is a big deal in open-source and high-end IT circles, but it also matters to everyone who uses software. Remember, I just pointed out how important open source is to software development. Suppose programmers get sick and tired of companies taking their donated code and decide they won't put up with this anymore.
Some businesses making the license shift say they're doing it to pay the developers what they're worth. I'm all in favor of open-source programmers making more money. But I can assure you that even the very best developers won't be the ones making the real cash from these proposals. It's the venture capitalists, private equity groups, and top brass who will get serious coin.
This is not what open source is all about. Making money, sure. Even Richard M. Stallman, Free Software's founder, said, "There is nothing wrong with wanting pay for work, or seeking to maximize one's income, as long as one does not use means that are destructive. [But] extracting money from users of a program by restricting their use of it is destructive."
For once, Stallman and I agree.
