Maybe it's just time to say "fuck it" and GPL all the things?

I wonder if the community has grounds to sue any of these companies who are ditching the AGPL in favor of proprietary, source-available licenses, especially under “third-party beneficiary contract” legal theories, like @conservancy did in their suit against Vizio.

If the source code originally used AGPL, isn’t it still contractually obligated to ensure those rights to its users, including any new source code added to it?

Wasn’t the whole point of the GPL that there could never be a rug-pull?

It doesn’t matter that you own the copyright on the software, you can’t revoke the rights on the code that was licensed under its terms. Therefore, even the copyright holder is bound by these terms. They can fork their own project, but if they want to relicense it, since the existing source includes these license terms, any new source must also give users the same rights. Right?

That’s the whole point. Right?

@ramsey I've been on the fence about gpl-all-the-things myself. It might indeed be time.

@ramsey @conservancy Why would any new code not under AGPL be covered by it?

@derickr @conservancy Because it’s viral. Any modifications you make to the source code that is licensed under GPL/AGPL must also provide the same rights to users.

@ramsey @conservancy Sure. The original code is still free under AGPL.

But if you relicense the whole source (as say BSL), then new code is no longer AGPL.

@derickr @conservancy How can you relicense the source, if the license is non-revokable?

@ramsey @conservancy The license for what is released under the license is indeed not revokable. That doesn't prevent relicensing under a non copyleft license (as long as you have permission under one form or another).

@ramsey @derickr @conservancy copyright holder of a piece of software always can change the license of NEW code release. But that can only be done if and only if they are the sole copyright holder over the software. That happens because people sign CLAs waving their own rights to code they contribute.

An already released piece of code out there under gpl cannot be changed retroactively to something else.

@ramsey No. Not if you can relicense the whole code base because you have all the rights to it (or get every contributor's permission). For example through CLAs where contributors give you a non exclusive right to do whatever you want with their contribution. Unlikely to happen with GPL, but quite common for companies using the AGPL (like MongoDB did).

@derickr Those contributors would have to completely assign their copyrights, and even then, I’m not convinced that the original owner could technically change the license. I don’t think this argument has ever been made in court.

@ramsey Yes, they have to agree with it in one way or another.

Which is exactly what many companies with AGPL software require: a CLA that reassign copyright, or ones that allow the CLA owner to do whatever they want with a contribution.

@jimw @ramsey Yes, that's exactly how I understand it too.

I did a license change for timelib (PHP to MIT), and tracked down every contributor and asked for their permission. Only one didn't work out (they passed away), but it was trivial piece of which you'd be hard pressed to claim copyright for.

@derickr @ramsey Yeah, I don’t know off the top of my head if this has been legally tested, but certainly very large software organizations have paid lots of lawyers to look at the issue and they seem to believe that relicensing (or dual-licensing, like MySQL) is okay for projects that have something like a CLA in place.

@jimw @derickr IANAL (obviously), but my argument is that the GPL itself prohibits them from changing the terms of the license, due to its viral nature. That is, code under the GPL always carries the rights of the GPL with it, which always infects new code, regardless of what the company who owns the code says they are doing (i.e., relicensing).

This argument is what I’m saying hasn’t been decided by a court yet.

@ramsey @jimw @derickr also not a lawyer - my understanding is that if you fully own the code, you are allowed to provide it under more than one license. I see it as re-publishing the code under a different license and then continuing work only on the version with the different license.

@ramsey @jimw @derickr Certainly not the spirit of the FOSS licences of course.
Morally, I blame the large cloud provider for this. They make the profit from offering these applications "as a service", deprieving the original companies of an important revenue stream. Things like elasticsearch are IMO not primarily a community effort but a company that choose to offer their tool as open source for the convenience of everyone, and got ripped off by azure/google/amazon/...

@ramsey @jimw @derickr Version A still carries the terms, version B might not. This is perfectly legal if you are, or have permission from all copyright holders. The terms of the GPL where never changed, it doesn’t say “and any new additions made in the future”.

@amszmidt @jimw @derickr The GPL includes the statement, “All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met.”

It then describes in section 5 how any modified versions must be licensed under the same license.

My argument is that the owner can’t change the license of version B because it’s a modified form of version A, under which the rights granted are irrevocable.

@ramsey @jimw @derickr The owner is the owner, they can do what they want with any future version. They cannot revoke the terms from a previous version. The "Program" here is that specific version, not all previous or future ones. Your argument is based on a very fundamental misunderstanding of copyright law.

@amszmidt @jimw @derickr What is the fundamental thing I’m misunderstanding?

@ramsey @jimw @derickr That the owner cannot change the license of a future version (B), if the previous version (A) was licensed under some other terms.

They can absolutely do so, they are the owner of the work (I am assuming "they" here means have copyright over the work).

You would be entirely correct _if_ version B was relicensed by someone else who is NOT the copyright owner.

@ramsey @jimw @derickr The short story is that the license one applies does not apply to the person or company applying the license to a work -- they have different legal rights than downstream.

@amszmidt @jimw @derickr Just to be clear: My comments on this aren’t a result of my misunderstanding of copyright and ownership. My comments are wishful thinking and exploring the argument for the inability to change the license, once applied, since the intent was to ensure it remains free (as in freedom).

(Sort of like the idea behind “reader-response” theory in literary criticism, where once the author publishes the work, it’s no longer theirs to interpret.)

@ramsey @derickr Unfortunately contributors completely assigning their copyrights via CLAs is extremely common. But I've been told that even without explicit copyright assignments it is possible for majority maintainers to change a license under some circumstances (I remember this came up in the context of the @htop license, do any of the current maintainers have any more pointers?)

@hisham_hm @derickr @htop Yes. It’s possible to change the license without input from the contributors, as long as you’re not changing any of the end-user rights they implied with their contributions. For example, it might be possible to change from a BSD-like license to an actual BSD license, because the rights granted by each contributor are not changing.

@ramsey @hisham_hm @derickr @htop You can change even more in terms of licenses IFF you have votes of an overwhelming part of contributors (merely 50% does not suffice). Basically everyone has to agree and contributions by people who object have to be removed (or replaced).

Interesting part is when contributors are unreachable or dead. There is legal precedent (German court case I heard of) stating you can overrule copyright holders, IFF you can demonstrate you made proper effort to get a vote.

@ramsey I worked for a company that used GPLv2 with a CLA precisely so they could relicense. It's the "rules for thee, not for me" licensing tactic, used for when startups are concerned about their ability to sell out if all their code is GPL-bound. You basically use your accrued CLA rights to publish a "new" copy that isn't encumbered. I forked a GPLv2 project from that company but I don't have the CLAs so my fork is GPLv2 forever.

@ramsey Basically, you need significant contributions outside the company under the GPL without a CLA for it to "stick" — at least, that's my understanding of prevailing legal theory. I don't think *most* license strategies have been tested in court because they turn into protracted Google v Oracle messes because suddenly the entire industry cares.

@ramsey I'm happy to see you settled on a GNU license

Everything I work on, hardware and software, is GPLv3 (despite the criticisms)

Stallman gets a lot of flak, and some of it is warranted

But as far as important things to come out of the hippies from the 60's I would have to put the open source concept and eventual licenses as one of the greatest achievements of computer science

It wouldn't exist, its that simple

Beyond a shame not in other sciences, closed source firmware on sequencers?

@ramsey If two schools buy two different versions of the same sequencer, but they have firmware differences.

The replication problem plaguing all sciences becomes pretty obvious.

How can you know if your firmware is the same as the other schools? What if it has a bug?

And the cost of the equipment being a fraction of the product is just upsetting. 500k for automated syringe on GCMS? Fucking hell

@ramsey It was a massively bad sign that the biggest opponent of open source software was allowed to buy the biggest repository of open source software.

Everyone who worked, or specifically owned github, and sold it to Microsoft are some of the biggest class traitors to ever exist.

They could have sold it to anyone else, but it shows how either they truly didn't understand their role, or their greed was more important than basics of computer science.

@ekis In the last decade, Microsoft has been releasing a lot of their software under permissive open source licenses.

@ramsey They also ruined the search functionality of Github, you can't get more than a few pages of code based searching (and have to be logged in)

They added a marketplace

And none of their changes have addressed any serious problems with open source communities: like governance

Instead they went the way of trying to collect payments. Which seems premature when the governance system is completely missing

To me what they have done feels like being served red kibble, then tell us its good

@ramsey I don't like being the downer.

I followed Gitlab before it was a website, and was two pieces of software (one being "gitolite")

Then they brought on a CEO who took community features and made them private.

Ever since then their design decisions have been just as absurd.

Admittedly, I'm very disappointed with myself. I owned git.io and planned to setup an alternative but was low on capital and lost the domain.

I wanted to focus on governance and simplifying participation

@ramsey I'm now making all my code some *GPL. Which variant depends on context.

MIT/BSD are "free labor for corporations" licenses, which is why they like it. Screw that.

Anything short of AGPL on the web is an attack on users.

See also: https://youtu.be/sJpXhVD18-c

@Crell @ramsey I think about that now and then, but then chicken out because "nobody will use it anymore, then" :/

@jay @ramsey For a library, LGPLv3 is fine. If someone has an issue with that, I don't want them using my code.

Fpr a full application that you install, AGPLv3 or bust. If someone wants to use my labor for free, they can damned well respect their users. If they don't want to, they don't get to use my work.

@ramsey yes please. gpl and agpl all the things. companies running away scared scared of it and not wanting to touch it is good and on purpose! if they can't play good, they shouldn't play at all.

@ramsey The GPL creates the obligations it does for a very good reason. The primary thing that permissive licenses permit is taking the software proprietary – something most of the contributors to a genuine free/open project probably don't want done with their work.

@ramsey (Personally, I lean towards the AGPL on most things, if there's even a faint possibility it could be serviceified. AFAIK it has no substantial downsides compared to the GPL? You can link GPL and AGPL code together, and of course you can mix in LGPL and permissive code too.)

@alilly @ramsey I've been subconsciously leaning towards this logic too, but I keep wondering if there's some downside I'm not aware of. Can we do this? And if so, why have a non-A GPL at all?

@ramsey

You can find Bruce Perens on mastodon. After cofounding the OSI which created many of the problems we face today, his current big idea is called postopen.

It's like a funhouse mirror of the GPL. Powerful centralized organization with taxation powers, naive worship of small business, payment mechanisms that can be gamed and lead to endless disputes, and worse.

Unrealistically utopian in the very worst sense of the word. I would be frightened to live in a world where it could exist.

@marvin Oh, I know. I’ve been following it, and I don’t think it’s the answer at all.

@ramsey Well #Microsoft owns #GitHub and is a major contributor to the #OSI. #TechRights has a lot of documentation on how big tech companies, led by Microsoft and #Google, pull the strings at OSI and #LinuxFoundation.