1171
submitted 1 year ago by dingus@lemmy.ml to c/memes@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] grue@lemmy.world 16 points 1 year ago* (last edited 1 year ago)

SSPL

TIL what that is.

... and [whistles], that's a doozy!

From https://en.wikipedia.org/wiki/Server_Side_Public_License:

[the SSPL] primarily replaces [the AGPL v3's] section 13 "Remote Network Interaction; Use with the GNU General Public License." with a new section that requires that anyone who offers the functionality of SSPL-licensed software to third-parties as a service must release the entirety of their source code, including all software, APIs, and other software that would be required for a user to run an instance of the service themselves, under the SSPL. In contrast, the AGPL v3's section 13 covers only the program itself (the copyrightable work licensed under AGPL v3).

I get what they're going for and I sympathize with the goal, but I'm not sure there's any software in the world that could comply with that license because it would have to release an entire container or disc image with nothing but SSPL software from the kernel on up. Does a SSPL-licensed kernel or httpd even exist?

[-] Valmond@lemmy.mindoki.com 1 points 1 year ago

They gotta want to do it I guess, lots of companies use like GPL code but don't tell anyone.

[-] grue@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

Even if they want to do it, can they? The Wikipedia article claims that every piece of software necessary to run the service would have to be licensed as SSPL. Not just to have its source code released in compliance with whatever other copyleft or permissive license it was under, but relicensed as SSPL. That means (assuming the Wikipedia article is accurate, anyway) you can't even run it on top of Linux and be in compliance with the license! You'd have to write your SSPL service for the bare metal hardware, or write an entire new SSPL-licensed OS for it.

[-] JackbyDev@programming.dev 1 points 1 year ago

So, without getting too into the specifics about SSPL because you and many of the critics of it I agree with in that it seems poorly thought out or too aggressive, I do think AGPL fails in some ways. Mongo and (I think) Elastic were both licensed under AGPL but made/changed to SSPL because of a perceived abuse by cloud services like Amazon. As for what exactly the cloud providers were doing that they perceived as wrong and what the best solution is I'm not too sure. It could be that Elastic's own managed version of its product wasn't getting any use because Amazon's was benefiting from economy of scale and vendor lock in ("hey, we already have everything on AWS, let's use AWS's Elastic offering") and if that's the case then it's not really a failing of software licenses and just a shitty and unfortunate situation.

One of the things libre software is trying to accomplish is letting anyone use it for anything and allowing competitors to monetize it is a valid use. It seems like Elastic and Mongo may have been trying to have a primary revenue stream be money from offering their own managed service and cloud providers were out competing with them. It's hard to not see this as them being a parasite that will take over the host and eventually kill them both because the devs of the product will stop getting compensation.

Some products (I think QT is another example) offer a GPL/AGPL version but for a fee will give you a more traditional license (non copy left) and this allows users to have a way to keep their own code closed source while providing revenue for the creators. Win win. AGPL was made to fix a loophole of putting a GPLed product behind a web interface and then saying "hey I'm not technically distributing anything so I don't have to release my source code." You'd think that most enterprise folks would pay but it seems like the cloud providers didn't need to because they found ways around AGPL or just didn't modify anything.

Like I said in another comment, no matter how you look at the situation, open source devs are getting taken advantage of. Enterprise customers should set the example and monetarily support the devs of open source software they use. While they do sometimes it's not the norm. Even within the same company you see mixed behaviors. Microsoft has been contributing code back to git and adding new features but also "stole" AppGet. They even interviewed the dev and asked specific questions about it. It's just scummy. It's a reminder that something being legal isn't automatically ethical or moral.

this post was submitted on 15 Sep 2023
1171 points (92.5% liked)

Memes

45546 readers
1295 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS