It will stay free and you can read the source code and change it.
BUT: Amazon, Google and Microsoft (et al) will have to pay if they offer Redis as part of their cloud.
Seems fair and any article not giving a voice to those being reported on is trash. Here you go, though: Under the new license, CLOUD SERVICE PROVIDERS hosting Redis offerings will no longer be permitted to use the source code of Redis free of charge. https://redis.com/blog/redis-adopts-dual-source-available-li...
Seems a reasonable place to ask. The Linux kernel is a solid contender for the most valuable software project. The amount of repeat work avoided by building on that is infeasible to estimate. It doesn't appear to be at risk of being suddenly proprietary.
What do we think is the primary reason why it is immune to this failure mode?
My guess leans towards there being a large enough number of corporate interests in play that none can seize control from the others, but that seems likely to be an oversimplification.
Why is Linux not vulnerable in the same way Redis has proven to be, and is that a model that can be copied by other software projects to avoid this failure mode?
Two key differences: Linux is (mostly) licensed under the GPL version 2.0 only, and has diverse copyright ownership. No single person or entity can change the license. That means no one can pull the rug from under the community like the Redis change (and so many other corporate-controlled, copyright-assigned, non-copyleft projects).
(Linux also has a huge pool of users and contributors, which discourages hostile forking, even if the licensing wasn't a factor.)
It is one of the big enough projects that companies actually pay for their own devs to develop it. And they lose little by providing those changes to others. I think reality is that you need that sort of scale for it to work.
> And they lose little by providing those changes to others.
I am unsure about this. Some Linux patches can be of high value, say better TCP congestion control. By releasing such patches, others can get them for free while it took you significant effort.
In practice, due to Linux's lack of internal stable API and fast pace of changes, Linux makes it painful to keep private patches, so there is incentive to contribute upstream. Differently engineered software project can make it easy to keep private patches. In other words, Linux uses technical methods to compel contribution instead of legal methods.
> Some Linux patches can be of high value, say better TCP congestion control.
Every significant piece of code can be high value. But keeping it in the open brings more value to the world at large.
Open source projects do not force you to contribute. You can keep your improvements to yourself if you're so inclined, and patch your copy or products (if the license allows).
I believe the value lies in the developer itself. Not in the code. It's just an instance of development, and if the developer is that brilliant, they can always develop things of same high quality.
IOW. Keeping things to oneself is not meaningful.
You can't redistribute your high tcp Linux kernel without source in GOL license, so it can go back upstream (eventually).
> By releasing such patches, others can get them for free while it took you significant effort
Conversely, you get others’ patches for free without significant effort on your part so it’s still in everyone’s interest to contribute.
It’s GPL and they haven’t made contributors sign a CLA. So if anybody wants to relicense the Linux kernel, they need to get permission from every single copyright holder retroactively. This is infeasible.
CLAs exists to get this permission up front before any code makes it into the project, which is what enables projects like Redis to relicense.
BSD style licenses being more permissive than the GPL also contribute to this; you can incorporate BSD-licensed code into a new non-free version but you can’t do that with GPL-licensed code.
1. It is GPL, so you can't change the license without permission from all contributors 2. It has lots of contributors. And now that I think about it I guess some of those are not even alive anymore to grant any sort of permission
It is also GPL 2 - not "GPL 2 or later" so it can't be relicensed to a future version that has additional or different terms.
Linus on GPL 3: Linus Torvalds says GPL v3 violates everything that GPLv2 stood for https://youtu.be/PaKIZ7gJlRU
> The amount of repeat work avoided by building on that is infeasible to estimate. It doesn't appear to be at risk of being suddenly proprietary.
They may not be as featured, or run everything, but if that were to happen I'm hoping FreeBSD, OpenBSD and NetBSD would step up to the plate - although Linux would certainly be forked as well.
Redis didn’t go “suddenly proprietary”. They switched to a source available license. Cloud providers will need to pay if they’re making money selling redis.
I wouldn't call Redis a failure.
Source available and commercial is a great compromise.
OSS is not a business model and we live in reality.
The less free money goes around, the closer to reality business will be.
All it would take is another license change preventing you from using it.
From using the new version released under a different license, you mean. You’d be able to continue using your existing version or switch to one of the forks.
That was just as true before as it is now.
The real losers here are cloud hosters like AWS and Azure.
They should have used the GPL, but that's the problem with the weak licences. Weak licences rely on trust for no reason.
Or “weak” licenses are used by people that don’t care about the things that the license allows for. Or better yet, actively want that degree of permissiveness.
All this license hubbub is often just people not actually thinking thriving which license they want to use. “MIT sounds like a pretty good university”.
GPL with CLA still allows such stunts.
They should not use CLA then.
This has nothing to do with the license in question per se, and the GPL wouldn't help at all. It has to do with who owns the copyright. The copyright owner can re-license going forward to whatever they want, whenever they want. If you're really concerned about a license change then you need to be wary of projects with sole-ownership, either via CLA or not accepting contributions (it's the project of one person/company that they're putting out as open source for whatever reason, and very much not a community project).
I actually think the descriptive language commonly used here is a little distorting in that regard. A copyright owner does not, and cannot, "take something closed source", it's more that they're forking the project under a new license (which granted is a specific kind of fork only they can do, everyone else has to fork under the same license). Every single bit of code up until that moment remains under the open source license, so if there is interest customers or whomever else can take that and continue the same open source project going forward, and even surpass the original holder's new proprietary effort. As a practical matter that's rare because there has to be serious interest, but it does happen. OpenZFS for example is a wonderful project that has long since eclipsed the Oracle fork of Sun's code.
In turn I also think it is often a little more complex then (from the opinion):
>"switch licenses, leaving their contributors, customers, and partners in the lurch as they try to grab billions"
Let's be serious: rarely are these projects getting more then a token percentage of code from contributors, let alone anything else (though Redis definitely is). It's frequently 90%+ a single-company effort, and indeed this is nearly a truism. Because if the company is only a small component of the effort vs the community it is extremely likely any attempt to do a proprietary fork will fail and the open one comprising the majority of effort will dominate, and by definition there is major interest. This doesn't make it non-irritating, but it's still a net positive, a lot of useful code was contributed open and is a much easier springboard. And it's a much MUCH better situation then the even more common proprietary-all-along-software changing terms which happens all the friggin' time, like going subscription-only. If nothing else you get a much better off ramp.
Companies forking from open source to proprietary with their projects can suck, for sure. But I think in the last year it has started to also get a little overhyped. I'd still rather have years of open source first. And again, everyone can always evaluate who owns the copyrights. Diversity is important for longevity ANYWAY too. Like, if all the effort is happening by a few devs or a single company, what happens if they get hit by a bus? Go bankrupt? Simply get old and tired of it? At some point the community has to step up, or not.
The GPL does not allow derivative works to be relicensed under a more permissive license. If redis were GPL'd then the developer/owner would not have been able to fork the project and do anything moving forward. The project would be stuck as a GPL project because that is the point of the GPL. https://www.gnu.org/philosophy/pragmatic.html . Maybe I am mistaken? If there is some version of licensing that exists that does not allow the developer of the software to fork the software with a new license, then what I'm saying is that is what should be used.
With all respect you are, indeed, completely mistaken. The license is absolutely and 100% irrelevant, wouldn't matter if it was AGPLv3 or full proprietary or BSD or anything else. Like all copyright licenses, the GPL is a creature of copyright law. Copyright governs derivative works by other people. But the owner of the copyright can derive whatever they want from their own IP. A copyright holder choosing to license their IP under the GPL in no way precludes them from switching to licensing under something else, or indeed to licensing under any number of other licenses (including proprietary) at the exact same time ("dual licensing" is indeed one of the various attempted open source business models) to different people.
Again, they can't do so retroactively, so if they begin by offering software under open source license A and later switch to License B, all the code under A up until the moment of switching to B continues to be licensed under A. So someone can take that as a starting point for a different fork under open source license A, or another one that is compatible. But they won't have a right to any new code done under B if it's incompatible.
I found this an interesting comment: https://news.ycombinator.com/item?id=39860078
Inflammatory and factually false article, should be flagged:
> For those of you who aren't open-source licensing experts, this means developers can no longer use Redis' code. Sure, they can look at it, but they can't export, borrow from, or touch it.
How is that inaccurate?
Windows has at a few points in time become 'source available' but nobody (+dog) thinks they can take that code and use it for anything.
People can do whatever they want with the BSD released code but, going forwards, they can't use any newly licenced proprietary code. I'm no legal expert but this seems to include all the code that was previously released as BSD if one were to reference the new and improved 'source available' release. It stands to reason that all the future releases are now off limits even though they contain identical code from the BSD releases.
In best case, the terms "export, borrow from, or touch it" don't make any sense.
In worst case (which I believe it is) they're rethorical terms that translate to development/licensing concepts; in this case, they're false:
- "export/borrow" can refer to the act of distributing; SSPL allows developers to redistribute and use; what SSPL prevents is for cloud companies to use it as backend for their services
- "touch" means to modify the code; this is absolutely possible, as it is for GPL
There are a few articles around that explain the motivation behind SSPL. It isn't far from AGPL in intent, but it's just too fuzzy to be accepted as FOSS.
Off limits for open source puritans perhaps. Everybody else will just keep using it exactly like before, for free (as in beer).
...but they can't export, borrow from, or touch it.
What does ”export” or ”touch” even mean in this context?
How are the OSS contributors, who initially provided IP under the premise of it being open source dealt with in these cases? If I were a major contributor to a package like Elastic or Redis and it was moving to a more commercial model, what stops me from suing Redis or Elastic and going after a share in the profits?
I guess the standard approach here is to release a new version with the new licensing model, and take all of the open source contributions and package them into a new commercial product. And anyone, perhaps even a contributor could do this, but the company is best positioned to do so and extract value from a bunch of free work that was contributed under an entirely different premise. Maybe there's room for a new OSS licensing model that prevents this from ever happening.
If you signed a CLA to contribute, you've granted Redis a broad license to do whatever they want with your contribution. If you contributed to a BSD licensed project, then you contributed to a project who's licensing terms says "do whatever you want, just retain the copyright notice, and this license is not an endorsement".
You basically have no grounds for suing, especially since the re-licensing is not retroactive. The exact contributions that you provided as still available in the exact form and license that you contributed them to.
You need to be much more specific about what you want to prevent.
I think you must transfer copyright for the code to the organization - thus they can change it at will. For example in Linux that is impossible as everyone keeps the copyright claim to the code they contribute.
So what’s better, startups can have a chance at building a truly differentiated cloud service and actually generate revenue to continue to invest in their OSS, or aws/azure just gobble up all the cloud revenue to be had because enterprises will just default to them as it’s easier and they already have contracts in place? That doesn’t seem like a very good future for startups or OSS either.
I think the valuations for software are just insane.
What does it mean that redis is valued at 2 billion $? It means that the investors would pay this much.
But why? How long would it take for redis to bill 2 billion $ to customers? It will probably never happen.
So I think they are overvalued.
Redis is everywhere and a lot of corporations aren’t going to change their short term roadmap to migrate to a fork.
That could be a huge money shot for Redis.
But it’s probably only a one-shot, not a viable business model. Sure the company is going to tank sooner than later, but if founders jumps from the ship at the right time, they may be rich for multiple generations.
How much does the company earn from it being everywhere?
I can tell you my projects amount to millions of downloads, but this doesn't translate into money.
The second you ask for money people move to something else.
FTA: There is a threefold reason these companies did this. First, all of them, at one point or another, mistook "open source" as a business model. It wasn't then, it isn't now, and it never will be.
This is a hit piece on Redis.
I'm surprised so many people in this thread are abandoning the core of what it means to be open source, it's literally the first tenant. Anyone, even your worst enemy or competitor can use the software for any purpose at all. As much as the years where dev spaces were really pro copyleft were kind of insufferable at least the community actually cared about the mission and vision of open source.
It doesn't make any sense at all that Google/AWS "has to pay their fair share," their usage is no different than any other company's getting value and making money from a piece of software. Redis just sees dollar signs because they have deep pockets, it's shameful. It's sketchier than Oracle licensing.
Just the same as OpenTofu and OpenSearch, I'll be switching us over to Valkey. I'll be supporting the big bad cloud providers who are actually embodying the spirit of OSS.
Factually correct. But clearly a road to serfdom for anyone that writes software.
But why? Isn't a bunch of companies who depend on a piece of software internally and make money using it having a vested interest in its improvement and it remaining free basically the ideal case for OSS?
OSS falls down when you want to make money on the software itself, or in Redis's case when you want to make money on hosting but you're bad at hosting.
> OSS falls down when you want to make money on the software itself…
Yes, exactly. As a OSS puritan you can’t participate in the economy on equal terms. Instead you’re relegated to one of many “serf” roles, e.g. being employed by some bigtech company to continue working on it.
I suppose that's fair but to me that's just how OSS happens, you're working somewhere and you realize that there's a need not being filled -- and Redis was one of those. You work on it until it serves your needs and then say, "hey I bet other people would find this useful."
To me the giving it away part is the whole ethos, I'm not some FOSS zealot that believes every piece of software should be GPL or whatever. If you want to make a play at making selling software your business then I think proprietary licensing makes the most sense. And I also think it's a dick move to give a piece of software to the community, collect contributions and integrations from people helping a community effort, and then take it back. It's especially a dick move when it's been OSS for 15 years and Redis Labs isn't even the company that made it.
This is almost never about "cash grabs". If we can't collectively keep some baseline measure of sanity and rationality then I guess it was all pointless anyway.
> A company will make its program using open source, make millions from it, and then — and only then — switch licenses, leaving their contributors, customers, and partners in the lurch as they try to grab billions
This is a wildly delusional take.
Problem is that these companies that do this were never actually making money. They might had revenue, but that is not same as making profit.
The model was fundamentally broken in most cases. You can not expect to give out something for free and the product being free being one of the reasons for picking it up and then at same time make huge amount of money.
We're seeing now constant attacks on companies and developers that want some way to protect what they create from megacorps that use their creations without giving anything back and essentially cutting them off from any way of making money while working on the software they've poured their time and heart into.
Oh no! GigaTechCorp X will have a drop of income from 50 billion to only 49 because they need to buy the commercial licenses and actually pay for what they use! The horror!
Most probably these troll articles and "opinion pieces" will only increase as the moochers will see they cannot take advantage out off people's good will anymore. The original GPL was created long before "the Cloud" and SaaS was a thing to consider and these are simply attempts to make them comply with the original idea. In general if you're making money with OSS you should pay for it in some way or contribute, enough with the leeching.
Okay, will they pay the contributors then?
I think it's because Millenials are starting to think of their retirement. A life of traveling in a rented house with rented income and not a care in the world can't last forever.
I doubt any of the people making these decisions are housing insecure. What’s really changing is that the culture around open source had a lot of inertia from the era where most people ran it on their own servers and maintainers could make money selling support or consulting around that, but now a ton of usage has shifted to cloud providers who are not obligated to share changes with the community or compensate the original developers. People have been talking about that for ages but it was easy to ignore the issue when VC money was flying around to give companies valuations far greater than their revenues would support. What we’re seeing now has been developing for a long time and it’s going to come to a head nor that the finance people are expecting hard revenue.
The people living in a rented house aren’t the one making these decisions.
Redis did not dump open source, the source code will still be available.
"Open source doesn’t just mean access to the source code."
(The Open Source Initiative (OSI) is a California public benefit corporation, with 501(c)3 tax-exempt status, founded in 1998.)
SSPL is not open source, it's source available. Different kettle-o-fish.
So now we're redefining what "open source" means? Does AGPL fit your definition of "open source"?
We are not redefining what it means; that the source is available does not make it Open Source. It's pretty clear, but Google is the SSPL open source and you'll find pages and pages of EFF/FOSS etc articles and explanations why it cannot be open source because section 13. It's AGPL (which is Open Source) with that section added.
https://en.wikipedia.org/wiki/Server_Side_Public_License
From another comment: https://opensource.org/blog/the-sspl-is-not-an-open-source-l...
You're the one trying to redefine open source to something it never meant.
By that definition Windows is open source. The Linux kernel, Vim, and Microsoft Windows are all "open source" because all of them are "source is available" + conditions.
Do you think this is the definition of open source that people use?
> Does AGPL fit your definition of "open source"?
The AGPL was a direct consequence of companies taking FLOSS software and turning it into de facto closed source because they weren't actually 'distributing' anything.
So...they came up with a new licence to force said companies to comply with the spirit of the GPL if they wanted to voluntarily use the software as a part of their business venture.
Yes? AGPL is considered open source by pretty much everyone.
There are a lot of shady people trying to redefine source available proprietary licenses as being Free Software or Open Source, which already had a definition by the people who coined the terms dating back to the 1980s, long before they showed up.
If they were honest, they could come up with their own new acronym and market it as better than OSS but, no, they're trying to hijack the meaning of "FOSS" so they can use it for their marketing. If they're being this blatantly untrustworthy out in the open, we can be sure that more sleazy behavior is to come later.
I find the title and general feeling around this issue a bit exaggerated. SSPL license is indeed more restrictive but as far as I understand still allows internal usage of the software (without providing it externally "as a paid service").
I generally don't think everybody needs to push any point to the extreme (in this case, software licensing). For some a more restrictive license might be required (SSPL) while others can live with more open (BSD).
In the end, I would claim it is not "software vendors" that should drive most development, but rather "hackers" (passionate people that could potentially earn their living in different ways). Expecting "companies" to be the drivers of open source seems a bit idealistic today.
I agree. People seem to be angry that the project which received contributions under BSD changed to the project licensed under SSPL, but this is explicitly what you are doing when you contribute to BSD projects and all contributors should have known so.
If you don't like it never contribute to BSD projects, or projects requiring CLA. Contribute to GPL projects without CLA.
There's a misunderstanding. The main pain point in source available licenses is the conversion of the repository to "for your eyes only", i.e. not being able to take your old contribution (and its newer iterations) and apply it elsewhere.
Using it internally is not problem. Most developers and companies think about usage, but this is not the main point.
In short:
- BSD is about developer freedom.
- GPL is about user freedom.
- Source available is about setting company free while cuffing the user and blocking the developers.
People thought that BSD has the same freedom as GPL when it comes to derivations and openness guarantees, but get visibly upset when they discover that it isn't.
Many people told it over the years. BSD allows tons of shenanigans like this, but developers didn't want to listen, because BSD was more convenient for them on many fronts (i.e. Just grab and go and forget).
I predict most forks will go nowhere because the success of a fork requires developers to contribute to it. In most cases the forks are being driven by people who just want free stuff and are angry they can't be subsidized anymore. They don't want to actually do any work.
Open source is not about just leeching free stuff. It's supposed to be a gift economy where you give back either directly or indirectly by promoting, educating, or donating. The F in FOSS is supposed to stand for Freedom not Free-as-in-beer.
A full revolt is in progress against the entire SaaS enterprise leeching off open source. Larger often business backed projects like this changing to source available licenses is the most visible manifestation, but I also see more and more indie devs using licenses like the AGPL or not open sourcing at all.
Open source will die as anything but a dumping strategy by mega-corps to crush competition if we don't deal with this. The OSI is fully captured by companies that benefit from the status quo, so I don't see them doing anything about it.
That’s the worst case scenario.
That code is now untouchable. Open, I can use it. Now that I can read it but not use it, if I accidentally reproduce it there’s a case for me having stole it. If it were fully closed, there’s no case.
Very little good comes from non-open source you can just happen to read.
> Now that I can read it but not use it, if I accidentally reproduce it there’s a case for me having stole it
In the decades of existence of GPL-ed software has there even been such a case? I see this point regurgitated time and time again but no concrete examples are ever provided. Seems a bit like anti-OSS FUD.
No, but famously early IBM clones had to do clean-room reverse engineering of bootloaders and other ancillary code to produce compatible designs.
IBM was able to legally annihilate anyone who ever saw the source code or read technical documents on these designs, but the people who made sure they didn't were able to defend their designs in court.
If you've worked in IP-heavy fields (my experience is with video codecs) you will also see strict guidance to not read patents in your day-to-day.
My understanding is that it is only true for Redis versions post licence change _and_ produced by Redis the company. The amazons of the world can still take a BSD version of Redis and host it for money, they can even start maintaining forks under BSD or other licenses. The gamble from the Redis Co here is that newer versions provide enough additional value for customers to either pay them directly or amazons to provide it as a service in their clouds and pay money to Redis the company as per the licensing agreements.
Every new open source company should start with these anti-Amazon licenses from day one.
Why work your ass off and have the trillion dollar company get more market share off of your thing than you? Why have them threaten your business?
> Every new open source company should start with these anti-Amazon licenses from day one.
Then it's not open source software. Either your code can be viewed, used, modified, and redistributed by everyone, or it isn't.
Or just make closed source product... Or even source available. If it generates enough value surely people will pay for it.
You or I, the HN readers, may use Redis to power our personal instance of Firefly III or whatever, running in our home lab, but the average _person_ has no need of Redis so for the purposes of this discourse this is a negligible factor.
Typical contributor to the large scale OSS project is not just an individual either, but most likely acting as an employee of a corporation that uses an open source component and needs certain things in it.
There is very limited number of essentially non-commercial licenses. Which makes things hard for this sort of goals. But on other hand some think that such limitations go against open source too...
In my mind there should be no threshold on who should pay for use if they profit. It should not be limited only to mega corporations. You have tens of thousands in revenue, surely you can pay for code you use?
100% this. I see neither legal nor moral problems.
It will still cause financial problems for the user that currently use redis offered by those clous companies as they will 100% increase the prices to cope with the changes and at the same time make more money.
The ceiling is the price it costs a user to install Redis on a VM and use that instead. This seems … fair?
No it isn't, have you met managed cloud services? The price of running it on a VM is the floor.
The price of running it on a VM _including_ your real cost of supporting it is the ceiling.
My point is simply that if a licensing change meant that a cloud provider had to pass on extra costs, there is a natural feedback mechanism.
If AWS ElastiCache prices doubled, a lot of people would be doing the math versus whatever they pay for labor. There’s some room to grow there but it’s not infinite.
Then don't use redis. Lots of other cloud products you can use.
There's no problem with the outlined approach.
To add to this.
If you don't want to pay a premium, there are other projects you can support.
This is the same reason Postgres and Redis became extremely popular in the 2010s was because companies didn't want to pay a premium to Oracle or IBM for their DBMSes.
There are other options that exist today as well.
Non-paying or non-contributing users are not entitled to first class support from contributors.
Similarly, contributors and projects are not entitled to users.
According to this comment[1], redis is mostly contributions from other people. I find it pretty outrageous when I contribute code to something if the end goal is to succeed from contributions like mine in taking away the platform I was using and making a monopoly lock in on my preferred solution to my needs like Oracle.
[1] https://news.ycombinator.com/item?id=39862021
At the top of the software stack it is a horror that everyone bellow you can always choose something else. Stand on your own two feet and achieve nothing or invest knowing your investments may be canceled by politics, monetization, etc.
I.e. if there is too much fragments in redis alternatives, whatever skills or contributions you made you can't use in any organization because they will avoid all redis like solutions.
[dead]
Indeed, I will probably have the choice of a fork made from open source redis, and I will choose to take it.
https://www.linuxfoundation.org/press/linux-foundation-launc...
Go for it! This is how innovation happens!