VC backed companies love AGPL because it’s basically a poison pill that still makes them look OSS good. The entire blog post can be summarized as “we ticked all the boxes on paper, now pay us for looking good”. People, however, usually pay for good software instead of good virtue signaling.
I actually agree with this in practice. OSS purists might argue that AGPL and non-compete source-available licenses are fundamentally different, with the former being OSI-approved, but in reality -- at least in business -- they're used to serve the same purpose: to give the author an unfair advantage. And that's totally fine -- I'm all for unfair advantages in business. But the distinction between these licenses is blurrier than the OSI would like to admit, yet they insist it's a crystal clear line. /rant
As an open source advocate, I'm fine with source-available licenses. They've been around forever!
What ticks me off is freeloading on the goodwill generated by open source, for instance, by calling your license "Apache License Version 2 with the Commons Clause" or by insisting that "source available" is actually "open source". In other words, what you're trying to do here. That goodwill doesn't belong to you. Don't try to steal it, and don't be surprised when those who are invested in open source push back hard when you do.
> The AGPL isn't used to uphold OSS values, it's used as a defense against competition.
It's only a defense against competitors who want to use it and not give back -- just like the original GPL. If you prefer the BSD ethos, that's fine, but just say "I disagree with the copyleft philosophy", not "AGPL doesn't uphold OSS values".
I think my point was more that the author is the only one who can legally make closed-source modifications, i.e. their open core business model, giving them an unfair advantage. Also, the FUD surrounding AGPL. I guess I'm trying to point out that there's an obvious reason every open source business uses AGPL... and it's not that they want competitors to contribute back.
If they accepted contributions without a CLA, then no they can't make closed-source modifications (without some major surgery to get rid of the code not owned by them). If they wrote all the code in the first place, then that's hardly an "unfair advantage".
The only way to accept contributions and then make closed-source modifications is with a CLA; in which case it's the CLA, not the AGPL that you're really complaining about.
ETA: OK, so what if a company start out being AGPL, never accepts any contributions, and then when they become established, stop publishing new code as AGPL and takes everything proprietary? Isn't that just "open-washing", taking advantage of all the community good-will and hype around open source?
I don't think so; consider four possible scenarios:
1. They keep everything proprietary from the beginning.
1a. They become established, making decent money, serving some customer needs. Everything is still proprietary
1b. They fail. Good luck talking their VCs at that point into open-sourcing their code (or even getting it into any kind of shape that anyone could use). All their customers are stuck without any options but to stop using the software.
2. They start by making things AGPL.
2a. They become established, making decent money; eventually they take the product closed-source, doing one final release. Their customers continue to be served, but everything is now proprietary.
2b. They fail. The code is already AGPL, so nothing any of their owners or creditors can do to claw it back.
Large companies that have come to depend on their software can take their code and continue to use it and develop it on their own if they want. If there's enough of the right kind of people, a community can form around the releases and the project can live on in a pure open-source form.
2a is better than 1a, because at least there was a time when things were AGPL; the AGPL code can still be forked off and maintained if there's a big enough community.
2b is way better than 1b. In fact, 2b can hopefully make 2a more likely, since it's lower risk for people to build their infrastructure on a start-up.
Yeah, I think you're spot on with the whole CLA thing. This is why I added the badly-emphasized caveat "in business", which ime typically use CLAs. Outside of startup-land, AGPL is a fine license. I just don't think it's used honestly in startup-land, that's all. We all know the real reason OSS startups use the AGPL: to push competitors and enterprises to purchase a MAY-issue commercial license through FUD; yet we still praise them for being Open Source. Yay. But imo, in startup-land, it feels like a non-compete masquerading as Open Source, even though I know it isn't.
I'd rather OSS startups be more honest and use something like Fair Source. Bonus is that everything would eventually be OSS, unlike the typical Open Core model.
Fair source is worse than the AGPL though, sure it's "eventually open source" but what good is 2 year old code for anyone? How do you add improvements/security fixes to the codebase without the developer saying you didn't clean room the implementation?
I think you're coming at this from the wrong angle, but the 2-year delay is really only applicable to users that want to compete, or in cases where the startup goes under or in a bad direction. For most users, the freedoms under Fair Source align pretty closely to Open Source, e.g. read, fork, modify, redistribute, etc. with the non-compete caveat. Users can absolutely use the latest version -- unless they're competing, but most users aren't competing and don't plan on competing.
The difference is that all users also eventually get the proprietary features, unlike an Open Core project under AGPL + commercial terms. I do think Fair Source is a better model than Open Core, at least in most cases, because of this alone. So I guess, would you rather: 1) never have the proprietary features, or 2) have 2-year old proprietary features? I know what I'd prefer, and from a simple continuity perspective, I know which is preferred by users.
Like I said, I'm not saying AGPL is bad. I just don't like how it's used in startup-land and I think there are better, more honest, options now.
The 2-year delay applies to all of the codebase in my experience, not just the proprietary features. Users potentially have to delay security fixes for 2 years to avoid copying non-OSS code.
Fair source is a poison pill masquerading as OSS-friendly, just like BSL and friends. It's not useful in practice, and I don't think there are any examples of folks successfully using/forking BSL/fair-source code that is now OSS. That's by design.
I think you're missing my main point: the only users who should need the OSS version would be those competing, because FSS offers the same freedoms as OSS to users who aren't competing. I don't see how this is a poison-pill, or how it's masquerading as anything malicious. I think it's pretty honest i.r.t. intent.
Re: forking FSS. Check out what Oxide is doing with CockroachDB -- there's your BUSL example.
Competitors likely have the resources to figure out how to be compliant (with or without giving back), so that's not really it. And as far as I understand the startup situation, most struggle to attract paying customers at all. If you are in a situation that someone is competing against you using your own codebase, you have already gotten very, very far.
I believe the usual AGPL idea is that it generates sufficient FUD for regular customers so that they don't want to run the free (AGPL) version in production. Instead, they feel compelled to cut a separate, commercial licensing deal. A project/product is likely to follow thus model if the nominally AGPLed project has a contributor licensing agreement that involves an asymmetric copyright grant (i.e., contributions are under a very permissive license, but you only get the aggregate of all contributions under the AGPL).
If they are looking to invest in a company when they do technical due diligence and bring in a source code auditing company like Synopsis Black Duck any AGPL you're using is so problematic for them it can be a deal breaker. At a minimum it's such a major sticking point it can be one of the most significant things to hold up a transaction as you try to explain why it isn't as problematic as they think.
Having been through that process a couple of times I won't touch AGPL because it's such a PIA - your poison pill.
On the flip side, if they have or are investing in you and and you've made some aspect of your solution open source under AGPL they know any competitor using it is going to have challenges getting VC investment (see point above).
It's the free users who want open source virtue signaling. Then hopefully you convert some of them to paying customers because the software is so good.
> we have already made a compromise in not open-sourcing the whole codebase, so I thought it would be fair to pick the "freest" license of them all.
I died laughing at his comment later in the article. I still don’t know what his product is but to have such a broken misconception of free and open source, I really don’t want to know what he’s trying to sell.
In practice there is because the copyright holder will retain the exclusive rights (via CLA or else) to distribute the product under preferable and AGPL incompatible terms. This is not an “everybody is equal” situation.
Bill Gates from the 1990's called, he wants his FUD back.
To be more specific: What arguments can be used to show that the AGPL is a "poison pill" in the SaaS space, which couldn't have been used by Microsoft back in the 90's and early 2000's to show that GPL was a "poison pill" in the distributed software space?
There's pretty widespread agreement that the GPL doesn't "infect" beyond the same process, but there's no such understanding about AGPL. COSS companies are exploiting that ambiguity to say "AGPL infects everything, pay us or die, and if you disagree we may sue you and we may win". And 90% of lawyers say "don't take the chance; just pay them".
Microsoft was consistently and openly opposed to open source back in the day. Now we have startups that are simultaneously claiming to be open source while using FUD to advance an essentially non-commercial interpretation of open source. It's not the same situation.
