How it started: "This change has zero effect on the Redis core license, which is and will always be licensed under the 3-Clause-BSD."
How it's going: "Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1)."
I'm glad that the page with all the historical sponsors of Redis will live on in the git repository for redis.io.
Because it's been deleted from the live site.
#FreeSoftware #OpenSource #OSS #FOSS #Redis
https://github.com/redis/redis-doc/commit/69921f506c02f65606498cfb4c083c6d8f91f125#diff-37e42b9ec4444d471df6fb6ecdf749410085a20c7c345f76de31fae9ed69be1f
@msw Curious what AWS's plans are in light of this. (The Redis announcement, I mean - not the Microsoft thingy...)
@theuni
I mean that's literally the point. And Linux is already free software so where would the issue be? (Yes, I realise the issue is companies wanting to keep their proprietary crap to themselves)
The SSPL is not more of a poison pill than GPL (and especially AGPL) already is.
@max But it's not the lingo of the license. I'd be more than happy if this was the case, but it seems risky to positively assume this. So: IANAL and my lawyer points in the opposite direction currently. I agree on the "purpose" thing, but that isn't something I'd go without better understanding/proof.
@theuni Well I agree that it's kinda too ambiguous for most proprietary software companies... (but the same discussions have already been had when MongoDB did it so this isn't really something new?)
Don't get me wrong, I would prefer it if they just used the AGPLv3 (or even a potential GPLv4 with an included fix for this exploit... one can hope )
@max I'm on the fence because I asked those exact questions for clarification to MongoDB with an inside contact and came up with a "no comment" ... which makes me call it a FUD bluff.
@max Do you have a pointer to those discussions? I never stumbled over them whenever I researched this ... <3
@theuni Well the stuff I remember is mostly based on stuff discussed/shared in IRC&co back then but I can try to find something mor tangible.
@max That would be appreciated. If it *really* holds I would be more than happy to make it easier to find in the future and as we're currently getting professional advice anyway I'd be more than happy to make those findings assessments available as well. I *wish* MongoDB (and the others) would go on record to confirm license compatibility.
@gianarb @jzb @msw or just garnet: https://github.com/microsoft/garnet
@msw lol
what was I thinking?
@msw yup, asked a few minor pointed questions this weekend of them with those banners adorning their booth...
Nobody knew nuttin'.
No clue on any of the developer-pertinent questions at a heavily developer conference.
Guess we now know the people #Microsoft sends out to dev conferences are just poor mushrooms who can't be relied on for the information they convey there
@msw Wow, they really do. <3 They're clearly *funding developers building the open source products they use* instead of other companies which will probably announce a fork to avoid paying for anything like bathroom breaks for drivers.
Huge respect to Microsoft for this one.
@ocdtrekkie you lost me when you bring non sequiturs about bathroom breaks for drivers into my mentions.
In any case, AWS has payed developers to work on the core Redis engine for many many years now. You can read more about some of their work here: https://aws.amazon.com/blogs/opensource/behind-the-scenes-on-aws-contributions-to-open-source-databases/
@msw I literally noticed I was replying to an Amazon employee after I posted. But it is not lost on me the loudest complaints about this are all coming from the only company who is causing infrastructure to shift away from open source licensing.
@ocdtrekkie @msw no, they are funding developers who are building the source-available products they are reselling. these licenses are proprietary and exploitative, designed to shake down consumers while appearing to be “open source,” and describing them as open source allows them to continue with this fraud.
@ariadne@social.treehouse.systems @ocdtrekkie@mastodon.social @msw@mstdn.social I thought sspl only restricted direct resale of the software, as a service?
none of this matters. SSPL is not an OSI-approved license, so it is by definition NOT open source.
if you want to deal with projects that do not produce free software, then that is your business, but the software freedom guaranteed by the open source definition matters.
@ariadne @scott @msw If the OSI wanted to support open source, it would've worked with companies like Elastic, Mongo, and Redis to approve licenses which enabled open source companies to thrive. Instead it's primary role in the past few years is protecting a proprietary SaaS platform from having to pay for stuff.
The OSI is really not very supportive of open source software at the end of the day.
cool.
let me know when private individuals not backed by venture capital are using the SSPL.
let me know when the FSF says it is OK to use it.
neither of these things have happened, because the license is designed for and by parties funded by venture capital (to protect frankly nonviable business strategies under capitalism) and is not relevant to anyone else verses normal AGPL.
that is the problem with SSPL. it is not about copyleft, it is about trying to protect nonviable business strategies.
bluntly -- if you need a poison pill license to "win" then you need to rethink your business strategy, because AWS can just put a team of engineers on cloning your SaaS offering without using your code.
commons clause and SSPL are both perversions of copyleft and software freedom pushed by venture capital to try to attain vendor lock-in for services. it's disgusting.
(if you actually care about copyleft, then the correct answer is AGPL without CLA. then all players are locked into following the same rules.)
@ariadne @scott @msw I *do* feel like AGPL should be radioactive enough to companies to do the same as SSPL but I wonder if that isn't well court-tested enough to risk going up against Amazon's lawyers.
I personally prefer BSL over SSPL so code eventually falls into being less protected, but there's some dangers for computer security if people have reasons to use old code.
@ocdtrekkie The AGPL isn’t as broad as the SSPL. AGPL focuses on the service the user interacts with, which leaves out quite a bit.
BSL and SSPL are interesting experiments. I’d like to see something similar which is anti-corporate rather than pro corporate like those two.
@ariadne @scott @msw The FSF is categorically unable to not give voting board rights to a guy who constantly and frequently speaks in favor of pedophiles. Also not exactly an organization which is a good role model. We should pick better heroes in our community.
It is indeed possible SSPL protects nonviable business models, but if open source companies are non-viable, we should fix that. The competitive edge Amazon has is "proprietary software".
bringing up stallman's misconduct (which I agree with you on!) does not address the point I am making -- that projects outside of the VC-funded ones are not using SSPL, because there is no point in using it.
in this case, Amazon's competitive edge is not proprietary software, it is their workforce of hundreds of thousands of engineers.
SSPL does not protect you from Amazon, in reality all it does is cause you to be locked into a single vendor's proprietary cloud service, because that vendor will *always* require a CLA for third-party contributions, and that vendor will *always* grant themselves an exemption from the SSPL.
being locked into Elastic or MongoDB instead of AWS is not enhancing my software freedom in any way. it just means that i have two vendors who do not care about my software freedom instead of one, but that other vendor is happily gaslighting me about freedom.
@ariadne @scott @msw
> in this case, Amazon's competitive edge is not proprietary software, it is their workforce of hundreds of thousands of engineers.
I strongly disagree with this. Amazon has two advantages:
- They provide a one-stop shop to get Elastic, Mongo, or Redis bundled with their proprietary products on one proprietary management platform.
- They can offer it at more competitive prices because they can extract value from the same companies via pricing on those proprietary products.
so what? those software packages went SSPL, and Amazon just cloned the API surfaces of those packages and kept running their services.
so, we get locked into Elastic/MongoDB/Redis cloud offering, or we get locked into AWS's clone of it.
either way, *users* lose. and that is the point, really.
(my larger point is that if you care about freedom, you should be rejecting all of these anyway, but sadly the people who care about freedom aren't the ones driving IT purchasing decisions usually)
@ocdtrekkie @ariadne @scott @msw "as an industry" is a key phrase there; "I want to create open source software" and "I want to make money" are different objectives with different obligations, and with FAANG sucking all the air out of the room, it's nearly impossible to optimize for one without compromising the other. If you leave anything on the table, a dragon is going to come gobble it up, be it money or be it rights. Either you become a dragon yourself, or you put dragon poison in everything, the middle ground is now scorched earth.
@ariadne @ocdtrekkie @scott @msw I'd argue that there's often less lock-in with AWS, because (for example) the Elastic fork they use to provide their service (OpenSearch) has remained open source.
@mathew @ocdtrekkie @scott @msw OpenSearch is the exception — instead of just duplicating the API surface, they forked Elastic and kept it under Apache license.
In the case of MongoDB, they just created their own proprietary reimplementation which cloned the API surfaces. this is normally what they do.
@ocdtrekkie @ariadne @scott @msw Open source companies being non-viable is not something we can fix with licensing. It was, at one point, actually possible to build an open source company and make good money at it (re: Red Hat before 2019) but investors and executives reject these models these days because they're not maximally exploitive. The possibility of being able to make even more money and increase lock-in is too attractive.
TLDR, RCA: capitalism
@ariadne @ocdtrekkie @scott @msw And also, put bluntly, neither Fedora nor Debian will accept anything SSPL because they don't comply with OSD, FSF-Free, nor DFSG. Both distribution organizations more or less require a license to fit among at least one of these and provide their own lists with justifications when they make their own decisions.
e.g. Fedora: https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
@ocdtrekkie @ariadne @scott @msw OSI in not opposing copyleft. The SSPL has not been evaluated, its review was suspended by the license steward
@ocdtrekkie @scott @ariadne @msw I mean, as someone who pays for software as a service, I don't particularly like that one company has monopoly on providing that service. So I wouldn't say it's "harmless"
@wwahammy @scott @ariadne @msw But that's what Amazon gets, effectively. It's impossible for an open source company to compete when it has to both pay the developers and it's competitor can subsidize with proprietary code.
Anyone can compete with a SSPL code developer without paying anything... provided they are also an open source company. Amazon isn't that. We should definitely have licenses that give open source companies advantages over proprietary ones.
@ocdtrekkie @wwahammy @scott @msw
SSPL companies are NOT open source companies, they are just companies.
do you understand?
there is NO interest in software freedom by venture capitalists. they see all of us as *annoying*.
@ocdtrekkie @wwahammy @scott @msw
(and, no, that's not what Amazon gets. if I want to cut ties with AWS, and go to another cloud vendor, I can do that today. but with SSPL, there is only one vendor that I can use.)
@ariadne @wwahammy @scott @msw Saying it's not open source because the Amazon-backed corporate shill outlet says it's not is a tautology. We can fix that by throwing out the OSI.
And a company which releases all of their code under GPL or MIT can use SSPL code for free. It's literally a license that promotes open source.
@ocdtrekkie oh my sweet summer child… @ariadne @wwahammy @scott @msw
@mawhrin @ocdtrekkie @ariadne @wwahammy @scott @msw
«our long-standing partnership with Microsoft will continue to support organizations...»
So... I'm not up to speed. Do MS and Redis have an explicit (formal) side agreement that has MS shipping $$ to Redis and Redis declining to sue under SSPL? (Like, "Redis licenses Redis to MS under these specific terms, etc. etc.")
Because, otherwise, wouldn't SSPL also apply to MS?
And if I, as pee-wee cloud services offerer, use Redis, am I SOL...
1/
@tarheel @mawhrin @ariadne @wwahammy @scott @msw I would assume Microsoft pays for use of the code under another license. But the alternative to that would be "open source your entire platform" which is something I think we should wholeheartedly support.
There should be advantages to being an open source company, IMHO.
@ocdtrekkie SSPL & co. are neither open source nor free software licenses; they're proprietary licenses wchich regulate what you can with the executable product of the source code (specifically: not to compete with the company owning the source code) while allowing to look at the source; we've been through that dance a number of times in the last thirty years, did we forget everything? @tarheel @ariadne @wwahammy @scott @msw