I understand the goal, and the perceived abuse of the Core edition. But the problem with the Enterprise edition is that it's quite expensive, "contact us" salesy, and it feels like taking a bite of this edition is possibly getting into bed with a future Oracle/landlord type of relationship where you end up squeezed by your database vendor.
The Core offering made this palatable, one could fallback to Core features if the relationship with Cockroach Labs degraded, which made it possible to entertain the Enterprise license since there's was a way to walk back from it. But now there's no such mitigation available. By using non-PG native features, users of the Enterprise edition are accepting to get in bed with Cockroach Labs for effectively forever (databases), a single provider that has no competition.
I think this may backfire, as it now seems imprudent to go all in on Cockroach Labs. They may be nice folks today, but who knows who will run the place in 5y when the next round of squeeze comes?
I wish them the best, they're a great team and I always liked the project and toyed with it for years, and currently am involved with a paid Enterprise license. But this change in the dynamics is really giving me pause.
Getting in bed with a single vendor for an incredibly sticky tool comes with a _lot_ of risk. It took at least 17y for Amazon to get rid of its last Oracle database: https://aws.amazon.com/blogs/aws/migration-complete-amazons-...
It seems that whenever an open source project is run by a VC-backed company, it sooner or later ends up like this. Increasingly it seems that "open source" is just the teaser to get people interested and then when investors want revenue growth, the rug gets pulled.
IMO, it's not really open source if its run by a company that will eventually use its position to squeeze its users for cash.
Old(?) school open source with GPL licenses doesn't seem to suffer from this, on a first glance. Maybe Stallman was right. Would love to hear from someone more knowledgeable on this. I'm not trying to troll.
GPL is actually a great license for this scenario. The software advances to a particular level of development, inertia, market penetration - then the company that owns the software dual licenses with GPLv3 - which no company can risk to have on their premise, distribute, or use/touch, etc... - ergo you then have to pay for a commercial license to avoid the GPLv3 taint.
Why can companies not use GPL3 software? I cannot see how its so different from GPL 2 for companies that are users.
I can see it has some disadvantages for companies incorporating GPL software in their products, but none for companies merely using GPL 3 software.
I can't say for certain why they can't use GPLv3 - just that no company I've ever worked for (n=4 since GPLv3 came out) - will allow it on premise. It's probably why Apple stopped updating all their GNU binaries, and you have to sideload stuff with brew to use anything released in the last 10 years.
If I had to guess - The patent rights clause weirds out a lot of lawyers. Obviously anyone who works with hardware doesn't like the anti-tivoization clause. Another possibility is the AGPL (which IS lethal for obvious reasons) is often conflated with GPLv3.
All I know is GPLv2 is fine, GPLv3 is usually not, and AGPL is never possible in corporations that I've worked for.
A small refinement here, your statements are largely my experience dealing with people linking against gpl3 software because of the vitality and the patent exemptions. Most places run gpl3 stuff just fine. The one organizations won’t touch with a ten foot pole, even to run it, is AGPL.
I feel out of touch
Why?>
The AGPL has a significantly stronger viral clause than the plain GPL. You must offer the source code to anyone who connects to the AGPL-covered code via a network connection (i.e. must open source the entire server if it is using any AGPL code)
Releasing the whole server sounds more like the Commons Clause or the SSPL. AGPL requires you only to provide the source code of your fork to its users.
In the context of the thread (the claim GPL 3 provides more of a motive for people to by paid licences for dual licensed software) I think that "small refinement" covers most of what we are talking about though.
I remember that Neo4j Enterprise used to be available under AGPL. They pulled it and now it's available only under a commercial license.
AGPL is not a problem for server-side software if you don't need to modify it. Your application (talking to the server) doesn't become infected by AGPL.
I can see it makes sense for Apple (anti-tivoization is something they do not want).
So they do not allow the use of things like Bash or GNU coreutils? That seems quite restrictive and difficult.
They often use older version of things like Bash and Coreutils, or equivalents from other ecosystems (i.e. Apple ships the BSD versions thereof)
So, for example, if they use RHEL version 6 or later they will install it without the default shell?
Apple is different as they produce their own OS. I am asking about non-software companies avoiding GPL3 which would be necessary for (as the comment I responded to earlier in the tread claims) the use of GPL3 providing a motive to pay for licenses for dual licensed software in a way GPL2 does not.
My limited experience with IP lawyers at big software companies is that they have zero understanding of software licensing and patent law. They just seem to parrot some line they learned in college 10 years ago, even when the plain text of the license or law sitting in front of them proves them wrong. It's honestly baffling how they get these jobs.
Old school open source projects don't seem particularly profitable. The projects themselves might thrive, but that seem to rely on altruistic developers with other sources of income.
Richard Stallman himself doesn't seem to make money from any software he made directly, but from various grants and such, for example:
https://web.archive.org/web/20220123032418/http://tech.mit.e...
I thought he was on the payroll for FSF, but his reportable compensation has been zero from 2002 to 2022 according to:
https://www.fsf.org/about/financial
You are correct, but there is also an interesting phenomenon going on here: old school open source projects last longer. They end up being more reliable in the long term. It's kind of weird that the unprofitable option is the stable one.
It's almost like capitalism is a destructive force and a poor way to organise a society.
Capitalism works fine under certain conditions: free markets, which implies competition.
The problem is that these conditions do not always prevail.
I used to think this was fixable: https://pietersz.co.uk/2009/11/fix-capitalism
I now think it is more complex and we need a mixed economy.
you're just seeing survivorship bias.
Plenty of them would've also disappeared, because their core contributor no longer wanted to give out free labour and moved on.
You're kinda saying the same thing there.
As a developer, I don't want to rely on code from a project that "seems particularly profitable", because one day it's 100% certain they're going to start making their profit off me.
I'm _extremely_ wary of any "open source" projects that're VC funded, because the entire VC industry exists to make rich people richer at everybody else's expense, throwing a few bones at a few of the founders and a vanishingly small portion of the startup employees. As soon as they think that can get away with it because they have enough "free" open source users locked, they're gonna turn all the screws to chase the "100x or bust" exit strategy the VCs rely on. At the expense of everybody who foolishly built something on to of that project without an easy way to replace it.
I am saying that old school projects aren't paying the developers' bills because they aren't profitable. The developers realize this too, there is only so much altruism to go around but you got mouths to feed and rents to pay.
As an alternative to working on a second job to fund their passion, we are seeing developers trying various things to make their one passion job pay, such as licensing tweaks or VC funding. These don't seem to work out very well, I think it's best explained here:
https://apenwarr.ca/log/20211229
And is also subject to survivorship bias. For every OSS project that makes it, tens of thousands do not.
He resigned in 2019 following allegations of inappropriate behavior towards women (https://news.ycombinator.com/item?id=20990583).
Maybe? Every day it seems clearer that Stallman is right. Mouse subscription? Windows displaying ads in start menu and recording everything you do? How many devices have become useless when the servers shot down, or games became unplayable? How many times books or songs or movies have disappeared from "online collections" after being paid for? "The right to read" seems more and more realistic as time passes.
In my opinion, Stallman has been proven right many times over.
Well what do you expect to maintain the mouse’s cloud servers, if not subscription revenue? The greed here!
1. Create a mouse that needs Cloud services.
2. Need revenue to pay for the Cloud services.
3, Charge mouse users for the Cloud services.
It's the (stupid) circle of life.
if the server was integral to the running of the service then yes, it makes sense to discontinue it when there's no more profit to be made.
However, increasingly more and more services which could've been an on-premises deployment become SAAS. This includes games (live services they call it). It is _designed_ to end, and designed to not be able to run locally.
Tell me who's the greedy one.
Was he though? If we didn't have GPL perhaps at least our software and data would've still been on our computers instead of a privately owned cloud...
MongoDB switched from AGPL to their own license when they couldn't compete with others offering their software as SaaS, so I don't think the GPL is any kind of protection from this. It's just that the GPL is less popular than alternatives for this type of business model.
That's a very good counter example. Although, I'd imagine, the latest AGPL version will be useful for a long time and any further progress in the code base would also be under AGPL, which would not be under risk of becoming an open core project.
FSF requires signing of a CLA. A CLA would let them change the license to whatever they want, just like these companies. Some people were not happy with GPL3 yet that didn't stop the FSF from changing the licenses on their software.
The FSF does not require a CLA.
What is the GPL-licensed product that is comparable in functionality and scalability to CockroachDB? If there is one, you're free to use it.
Like other folks have said, anytime you see a CLA, you see the true intentions of the project. A project that will always be FOSS won't have a need for a CLA.
This is not necessarily true. Sometimes it's needed to pivot to a better/different open source license without going through the pain of contacting every contributor ever. I have seen that pain in some projects that want to go from LGPL to MIT or something.
For many contributors, they're ok giving full ownership of their contributions to a project owner on the owner's terms. Some contributors may not be ok with that of course, but it doesn't mean that every project owner has nefarious plans with said code ownership.
And that's why "open source" is a really bad term that no one should use unironically, unless they want to confuse the hell out of people.
There are protective (copyleft) licenses, and there are permissive licenses - and they're very different beasts. And it's, like, software licensing 101.
I find this extremely weird.
In a sane world, picking a copyleft license must mean that you care about user freedoms and want to make sure they're respected no matter what happens. Because that's the whole point of picking a copyleft license - not about letting people peek or tweak some code, not about social brownie points, and most certainly not about marketing campaigns - but about granting users their freedoms.
Either people get confused about "open source" and pick... I don't know, whatever looks cool, without even understanding what they're doing; or they're giving up on their principles when they smell the money.
I can understand wanting to go from, say, GPL to AGPL, or GPLv2 to GPLv3[+] - it would make sense, as it all goes in line of protecting freedoms. But LGPL to MIT is truly a weird one.
This is a personal bias and disregards others' definition of true do-whatever-you-want freedom. Different project owners may think differently on what free means and alter the license to respect their principles (and may consider copyleft to be the restrictive/anti-free mistake made early on based on these same kinds of personal biases).
And many contributors don't really care what the project owner does with their code and the CLA lets them delegate responsibility.
It's been popular in the last decade and a half to think that freedom is when everyone, including massive corporations, can do anything they want with your software, including closing it and taking away everyone else's freedom. Don't people think it would be better if they couldn't do that?
People who value attention over principles are known as "pick mes" apparently.
unless the corp owns the rights, they cannot "close it", nor take away everyone else's freedom. The old version that was open source licensed is always going to be available.
Unless you're talking about the additions these corporations made, which they keep closed, and charge you for it. But if they are able to charge for it, they deserve it.
This is an extremely black-and-white view. If I make a competing product to you and it’s superior to yours, then yes, I deserve profits (though of course consumers may still choose yours for a litany of other reasons). If a trillion-dollar corporation becomes a competitor, that’s not exactly fair. They can, if they want, spin up an entire team dedicated to the product, and by sheer numbers, they will win. Is it legal? Yes. Is it ethical? That’s subjective.
Embrace, extend, extinguish - AGPL makes it harder and SSPL even harder still.
(L)GPL to MIT is a choice many projects made when they decided they cared more about their code being used than about it staying free.
Copyleft licenses were the default choice at some point in time, but then in the '10s most big projects seemed to pick a permissive license, and many switched.
Yea, and the point is that they really should not have picked LGPL in the first place. If you pick a copyleft license, please don't do it because it's cool - do it if and because you care for what it stands for.
However, I thought about it and I think I can get the cases where monetary opportunities started to outweigh what's essentially are political ideals. Happens all the time, heh. I guess I can imagine person not being honest with themselves until the temptation really comes. Especially if it's about casual developers trying to have some money to live comfortably (as opposed to lowering their standards of living), rather than getting rich.
I can only hope it's that and not a simple ignorance.
That example is exactly why many people will not want to sign a CLA.
Someone who is has a strong preference for copyleft licences may not want to contribute to a project with a permissive license.
The intent may not be for the project owners to use the code in proprietary software, but it would be to allow someone to do so.
Sure, and I think the CLA is a good signal to those that care about how their contribution is used to stay away. But for everyone else that's not concerned with that, the CLA is not inherently evil.
I wonder... if you do something with AGPL that requires releasing the changes back ... you don't need to sign a CLA to do that.
However that would also mean that the core project couldn't accept your changes without the CLA since that would also bind them to never switching the license or relicensing your contributions for an enterprise license.
... I think. My head hurts when trying to consider the implications for CLAs and AGPL and the endless debates that lawyers could have over this.
The ASF requires a CLA for all regular contributors or large contributions, so I don’t think this is a particularly good barometer.
That's a good point. The ASF's FAQ [1] states that "All software developed by all projects of The Apache Software Foundation is freely available without charge" and that it "is specified in the Foundation's Articles of Incorporation [2]", however I see no such specification in the linked incorporation. Is there some actual legal guarantee there?
[1]: https://www.apache.org/foundation/license-faq.html#IsItFree
[2]: https://www.apache.org/foundation/records/incorporator.html
I think it's mentioned in this document: https://www.apache.org/foundation/records/certificate.html
Thanks!
It seems a little short of the claim in their FAQ though, but it's something:
I don't think that falls short.
The reason for the "any lawful act" language is to allow the ASF to do things like run a conference, accept donations, sell t-shirts and other activities. If the statement was only "develop open-source software" there are all kinds of important activities that support open source development that would be impossible.
The fact is, however, that certificates can be changed by the people who can vote. IN the case of the ASF, the members are the ones who vote. Getting those ~800 members to radically trash the traditional goal of the foundation is not going to be possible as long as the current membership is active.
What I mean is that, if they made some software non-free alongside some free ones (to make money to finance the free ones, for example), that still seems valid as to the current certificate of incorporation.
Their FAQ says "all software free no exception" and this document says something weaker.
Look up who is the foundation's secretary and their Mastodon page (their new one, not infosec.exchange) and look for any post about Israel or Gaza. I'm not sure what power a secretary has, but this is concerning.
The difference with the ASF/FSF is that they are non-profits with a mission statement (and, if we don't trust that enough--due to OpenAI, as I don't entirely understand what happened there--with clearly-mission-aligned board leadership) that prevent them from pulling the rug out from under their license. (...and, right as I pushed this comment, I see that someone else looked into it, and maybe the ASF fails to have such a clause anywhere ;P but hopefully it is there and just a bit hidden.)
Sure, but that contradicts the statement made in the comment they are replying to:
If there are conditions to the statement, it isn't "anytime you see a CLA".
Sure, but now we would need to find another epicycle for why giving a for-profit corporation this dangerous power over its licensees is safe/benign. There is, at times, some logic to "the exception that proves the rule".
For those of us not in-the-know about licensing acronyms.
CLA = Contributor License Agreement
I think that's a bit reductive. It's possible to have a CLA because you want to sell a non-GPL version of your app to some corporation that's worried about the legalities of the license. This is an additional revenue stream that open-source projects make use of, and it's not fair to say "any project with a CLA is selling out."
There's this balance between being a project forever run out of someone's garage and actually growing into a larger and more used system. I'd say the line is dilineated by many factors: who is the project's primary user? Enterprise? Devs? How much money is changing hands? What's the business model? Is there investment involved? How restrictive is the primary license? How restrictive is the CLA?
I think any open-source project that has aspirations to actually make money for the creators is shooting themselves in the foot without a CLA. And it's fine to judge them for this, but we live in a system where people have to extract value out of this shit even if it's against their ethos.
If people truly and ultimately believe in open-source, then the most logical conclusion is that capitalism does not allow for open source and that must be changed. Fighting things at the license level can only delay the inevitable. But people want to have their cake and eat it too: "I want the system to stay the same AND I want open-source creators to keep pumping out stuff for free forever."
This is not true. Many companies want a CLA because their lawyers are worried about unclear patent law. They don't want someone to contribute some code, and then later claim the contributed code violates their patents.
Good examples are React from Facebook, and TypeScript from Microsoft. Both require a CLA. But these projects are never going to go closed-source. They are complements to the companies' core business strategies.
It depends on the CLA. In some countries, you cannot not have a CLA because there's always an implied contract.
Many CLAs are just a hassle (basically, DCO that has to be reviewed by the legal department). But a lot are asymmetrical in a substantial way and the original developer gets to play by different rules than the rest. CLAs in the second category tend to be problematic.
Even that is not a completely clear indicator because in some cases, the asymmetry is only intended to help with potential future relicensing in alignment with the project's goals, and not to enable commercialization (either today or at some point in the future). Some organizations have resisted direct commercialization of the code they have been entrusted with for decades, so that can happen even with an asymmetrical CLA.
I know it's not as popular or sexy as it used to be, but the whole point of a foundation like Apache was to avoid these situations, even more than the way the Linux Foundation is setup. Apache _explicitly_ manages projects to avoid these downsides.
- Single corporation ownership. Projects cannot get out of the Incubator unless they demonstrate a diverse and healthy community. That doesn't mean popular, it doesn't necessarily mean best-in-class, but it means that there shouldn't be just one entity backing a project.
- Membership in Apache is _personal_ not a seat for a given company. If you're a committer on an Apache project and you move jobs, you're _still_ a committer on that project
- The Foundation owns the trademarks. There have been fights about this in the past, but the whole idea is that the _community_ owns the name, so some corporation can't claim to be the sole or official owner by naming their company or product after the open source product.
The core premise of the Apache Software Foundation is community over code, that healthy, diverse communities have a better chance of standing the test of time than open source projects backed by a single individual or company. That's the thesis at least.
The is starkly different from several other foundations, notably the Linux Foundation or Eclipse Foundation which are modeled more around industry consortiums.
Both models have their place, but I believe Apache better models the core values many of us feel strongly about when it comes to free and open source software.
What is more popular than the Apache Foundation? I thought Apache was top... Is there a cooler/better Apache? If so, please let me know.
And when was Apache more popular? I thought it was the uncool place where stuff was written in Java, that became popular because people's conception of Java (and the language/ecosystem itself) changed.
Apache is both popular and “the place where projects go to die”. They have many, many projects that see limited development activity and aren’t well-known (how many projects in https://projects.apache.org/projects.html?name do you even vaguely know of what they’re about?)
I also think the popularity of the Apache license is part of what makes Apache popular.
They have lots of projects running on the JVM, but “written in Java” isn’t a requirement, nor is “running on the JVM”. See https://projects.apache.org/projects.html?language
EDIT: wrote something stupid here before my morning coffee
This is an Eclipse foundation project, not an Apache Software Foundation (ASF) project?
it's all volunteers/open source, but this isn't an ASF project.
I'm sorry, I hadn't finished my coffee yet.
I'm gonna go embarrasingly delete this thread tail between my legs...
I think CNCF is home to most of the big projects I’ve been contributing to or using lately.
CNCF is a project of the Linux Foundation - which has become absolutely massive: https://www.linuxfoundation.org/projects
Apache isn't a silver bullet... there are plenty of Apache projects where the individuals are compromised mostly from one company and hide behind the veneer of the ASF... where they are working on the projects per their employment. Gerrymandering is definitely possible and has happened in the past, that's why you have to look at governance and ownership of the marks/build systems etc: https://www.aniszczyk.org/2019/10/08/open-source-gerrymander...
I actually prefer the approach of LF, EF or CNCF where it's transparent where folks work for and your affiliation is disclosed upfront. In the CNCF for example, we separate out technical project decisions (maintainers) from funding decisions (members). That is healthier than blending it all in one at the ASF imho and having no idea where person is working for imho.
Agreed. Red Hat isn't perfect, but when I worked there we had a few products that were CNCF under my umbrella, including a few incubator projects. Even though we had several developers working full or part time on those projects, it was always something I was meaningful of, not stacking the project board Red Hat-heavy, to not make it a defacto RH project.
After the RedHat/Hyprland fiasco, it feels like RedHat is corrupt with SJW that are focused more on polics than on actual code
Opensource is opensource: CockroachDB Core up until Nov 24, 2024 is, and not afterward. Anyone who wants to fork it can do so. Mind you this will be a hard fork as there's no way to keep in sync with their enterprise product.
What you say is true in that you shouldn't view a VC backed opensource offering as 'permanently' opensource by the same group.
Kind of... Certain extensions such as basic backups are closed source and have never been in the OSS version.
Many things would have to be re-added from scratch in a fork.
I'm having trouble parsing/making sense of this. Was basic backup in Core? If you were running anything more than Core you weren't running an OSS version and had already crossed that line before this announcement. If you were running an OSS version there's nothing to add, just fork, no?
Core only has the "full backup". Incremental and other types are available to enterprise. I run the Core edition (with full backups) for my personal projects.
CockroachDB Core uses 3 licenses: CCL, BSL, Apache
CCL, BSL = "source available"
Apache = open source
Parts of CockroachDB under CCL that do NOT transition to Apache OSS: https://github.com/cockroachdb/cockroach/tree/master/pkg/ccl
https://github.com/cockroachdb/cockroach/discussions/127140#..."Basic" (i.e. full) backups have been included in the OSS version since its November 2020 release (20.2): https://www.cockroachlabs.com/blog/backup-restore/
They are still pretty limited compared to what's in the enterprise version, but it's not right to say basic backups are closed source and have never been there.
CockroachDB Core uses 3 licenses: CCL, BSL, Apache
CCL, BSL = "source available"
Apache = open source
Parts of CockroachDB under CCL that do NOT transition to Apache OSS: https://github.com/cockroachdb/cockroach/tree/master/pkg/ccl
https://github.com/cockroachdb/cockroach/discussions/127140#...CockroachDB Core has not been offered under an OSI (i.e. Open Source) license since 2019 - everything subsequently has either been under Business Source License or the Cockroach Community License.
I searched github and thought this[0] was it.
Is the caveat in this part (that I didn't catch before)? "Source code in a given file is licensed under the BSL and ..." That is sucky.
[0] https://github.com/cockroachdb/cockroach?tab=License-1-ov-fi...
What happens the day where the only way to fork it realistically is to pay people. And I mean good people to even keep up? And what if on top of that the bests in the game are already in the corporations that you want to fork from?
Yep! I actually far prefer closed source software, made by non-VC funded companies, where there business is to create good software that actually adds value for the license I'm paying for. Something like Sublime Text or JetBrains.
Sure <VC funded editor company> can have people spend years of their life working on something, but release it as open source because VCs are paying for it, and that leads to more mindshare, but it leaves a bad taste in my mouth. Similar reasons to not use VSCode (commoditizing the complement by using billions of dollars from other products).
The "must be open source (I think they actually mean free as in $$) at all costs" crowd baffles me because the money to support the humans creating the software in the real world doesn't just magically appear.
I'm imagining that those closed source softwares wouldn't be possible without open source libraries and tools...
In the sense that most modern programming languages and compilers are open-source, sure, nothing outside the embedded world can truly be built without relying on open source.
There are still native shops that rely on very little open source, though at this point probably only in niches like gamedev or defence.
Correct. This is what makes me feel guilty about releasing a closed-source product, or even one with a non-OSI license. It’s irrational, but I feel like I’ve benefited so massively from FOSS that I owe it to the community to contribute back.
EDIT: as another commenter wrote below, OSI is driven by massive cloud vendors, who have a vested interest in having their freedoms to take projects and monetize them. Perhaps a somewhat restrictive license isn’t a bad thing.
Open source as a byproduct of a company absolutely works - it's been proven by tons of tech companies.
But if you open source your revenue-generating parts, and only charge for support/managed version/enterprisey features you'll end up with quite weird incentives, particularly with infrastructure tools, in which the big cloud providers will happily compete with you, using the version you open sourced and providing and ecosystem to their customers that one simply cannot compete with
I would imagine there is a lot on Windows possibly macOS.
Many c/C++ libraries are not open source - even more .Net ones
Maybe we will have to replace "open source" with "spec driven". As you point out, open source can be just as bad as closed source, given future changes in direction by the project team. But "spec driven" means that anybody can come along and compete, and you can switch to them, regardless of how the original developers feel about it.
Is it not more about who does the development?
If cone entity does the development, they can change direction or licensing and it is hard for anyone to fork.
If you have more of a bazaar form of development with many contributors neither is as easy (even less so if you do not have a CLA). Even if you have a small core team of developers, a really bad direction is likely to lead to a split.
I think you are right to think of it in terms of who is doing development. The plus of a non open-source license is well-funded development. The downside is fewer outside contributions. In this specific instance, I think Cockroach was BSL? So, it can be forked into a community project where new contributions are open-source. Another corporation just wouldn't be able to profiteer off the fork directly until the changeover date.
start open/source available has become a trend among yc-backed startups lately. one wonders how long before a “well, actually, we need a business-y license.”
Lately? This was cool like 12 years ago. Then you turn commercial once you get enough users. It’s the open source chameleon model.
Open source and profit go together like oil and water
Open source works great for for-profit companies. Take a look at RedHat.
EEE all over again.
This is one reason to avoid any company run software that requires a CLA to contribute. No CLA makes it a lot harder to do this, at least if they have very much in the way of community contributions. Distributed ownership would keep them honest.
Slightly off-topic but:
I don't think I've ever heard Oracle's business model described so accurately.
it's the classic vendor lock-in, it's the feudal serfdom model.
https://www.reddit.com/r/AskHistorians/comments/weva2v/did_p...
we can see that as long as there were "expoitable resources" competition led to "good times".
as long as "software lordships" are competing for users, users tend to enjoy "lots of rights".
There is no abuse here. They released software under a specific license (BSL at that, plenty of opportunities to restrict).
It can be construed as "abuse" if another commercial entity is deriving value from the core license while Cockroach Labs doesn't get to enjoy a "fair" share of this created value, while pouring its own resources into a product that enables this value creation.
I think CR Labs needs to make money from their activities. However they do it, should be in a way that incentivizes a win-win for them and their customers. Right now I think they attempted to "correct" for the uncaptured value, but the game theory switched toward discouraging adoption (in my perspective). I may be wrong, probably am.
Seems to me that it's still free for development, and small business use. If you're over $10M in revenue, with a business or product built on CockroachDB, they want a share of what they made possible. That seems totally reasonable to me.
You'd be a fool to put all your eggs in this basket:
The same idea applies to political questions. A politician I like is proposing a policy I approve of. Great! Now what happens in the next election cycle, when a politician I don't like gets to use that same power to do something I don't approve of? Woops.
We can vote for different politicians after a few years. The politicians can vote to remove laws that were problems. There’s a straight-forward solution to that.
Building critical features on a single, closed-standard database means you can’t leave unless you rewrite all code that relied on it. The new code must integrate in the system well. The change must also happen without taking down the business.
For these reasons, politicians and laws change regularly but companies rarely escape database lockin.
You have nailed their issues - packaging and their revenue model. If you align this well with your target audience the license would have not been a problem for them. Wrote about this a bit here: https://cra.mr/open-source-is-not-a-business-model/
Very much this sentiment. While these sort of licenses and business relationships might make sense for high-margin industries that have specific needs, as somebody who has been doing consultancy for the last x years, I tend to advise most companies against the use of software with vendor or data lock-in, and I'm always sad and weary when this happens to interesting long-term projects where such business decisions get made which erode the trust in a healthy future [for smaller companies and more general purposes].
I'm not criticising a company's business decisions here, it might make sense for CockroachDB's business and profit goals; but such decisions also impact the decisions of dependent users, and I've been too long in this to recommend products and services with increasingly restrictive licensing or technical features that create unhealthy dependencies.
Since the AWSification of software licenses, I'm seeing more and more projects where a company is trying to get out of product/service X or license Y because they're unhappy or pivoting and the license or tech just doesn't fit the purpose any more, at high cost, occasionally even taking down the company.
I guess it's not trivial to balance abusive practices from big players that don't contribute much back with necessary freedom for smaller customers to experiment and freely move between technical solutions.
Well named! It is like a roach motel - once in, you can never leave.
this is from CockroachDB license, pretty much straight out of Oracle's playbook:
This is one of the reasons people should hold the line for open source licensing for any infrastructure software: Any licensing scheme that forces a relationship with a single entity / doesn't allow for forking is open to abuse of users and customers at some point.
They don't say that this was the reason for the change. What makes you presume it was "perceived" if they had said it was a reason for the change? I think it's the opposite: Too few used the open core edition, as it is quite limited. They want to increase the overall usage. They want to get growing companies using it. I think it's a fair move: Use it for free as long as you grow. You benefit. When you're large, pay us back. We benefit.
That's about the strongest negative allegation one could come up with. Unobjective content and wording. There're thousands of software vendors or service providers out there (DB and not) that are competitive (they all are) but fair. Every of our much liked startups like Supabase, Neon, Vercel makes the entry very cheap or free and compensates for that with larger fees from the larger customers. There's nothing shady about it.
As I said, your post has to much negative bias in content and esp. wording. I don't see that. Factually, there's not risk at all. Every company (see Redis) can change their license of their future work. So you never have any guarantees. With or without a core edition.
If you want "true" open source, you can't choose a software developed by a company. The goal of a company is to make money. That should not be surprising.
Agreed. I talked with them in the past and the pricing was far too expensive to make it worth it.
As always: “If you have to ask, you can’t afford it.”