Two computer screens used for coding

Photo credit: Fotis Fotopoulos (Unsplash license)

Introduction about open source

Open source software is everywhere. Linux, Git, LibreOffice and many others. Many companies adopted the open source software with their business model. But it did not work out very well for some companies. In this article, we would take a brief look on open source software and its recent movement.

I am not a lawyer and this article is not legal advice of any kind. Always check with lawyers if you have questions or legal aspects about software licensing.

Common types of open source licenses

Most common open source license are MIT, Apache 2.0, BSD 2 or 3 clause license GPLv2 and GPLv3. The main difference is that MIT, Apache 2.0 and BSD 2 or 3 clause license are permissive. They do not require the developers to publish the changes of the modified software or derivative work to the public. These licenses are perfect for companies that they may change their business from open source model to close source in the future. Notable mention: Apache HTTP server released in Apache 2.0 license. According to survey, Apache HTTP server is estimated to have about 30% of the total market share for web servers.

GNU General Public License v2.0 and v3.0 (GPLv2 and GPLv3) are more restrictive. They require the developers to publish their derivative work. GPLv2 is a very popular open source license in the 1990's and 2000's. The Linux kernel mainly uses GPLv2 (with some parts using other open source licenses). Products that based on Linux kernel like Red Hat Enterprise Linux or Oracle Linux are required to publish their modified source code to the public.

GPLv3 is not completely different from GPLv2. Because the software development landscape is changing. GPLv3 tries to clarify what where missing in GPLv2 (which was released in the 90's). Unfortunately, GPLv3 has slow adoption rate.

A Quick Guide to GPLv3 is worth to check out. Notable changes for GPLv3 are terms related to software patents, free software license compatibility and prevention of tivoization. GPLv3 stated explicitly that it is not allowed to link with proprietary library. Check out Lesser GPL for those use cases.

There is a license called Affero General Public License version 3 (AGPLv3). It is very similar to GPLv3 except it aimed to close the 'SaaS loophole'. AGPLv3 had one major difference to GPLv3. It's the T&C number 13: Remote Network Interaction. To quote:

Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the work with which it is combined will remain governed by version 3 of the GNU General Public License.

This leads to so many confusion and questions. Some people interpreted that T&C differently. Some people think that if they use a software in AGPLv3 and use it as a web service or SaaS, they are required to open source all the infrastructure that is related to the software. Some companies or projects prohibited using AGPLv3 at all, like Google AGPL Policy and Balosie. Personally, I think FSF (Free Software Foundation) should further explain this particular T&C. They could give examples or provide additional information that how deep the infrastructure or what specific level needs to be open source.

New types of licenses in recent years

With the introduction of cloud computing and XaaS, the software development landscape changed rapidly in recent years. If a software company releases open source software, another company could take it and use it to provide services. Sometimes it hurts the original company in terms of revenue. Here's some examples of new types of software licensing.

  • MongoDB
    • It replaced the original GNU Affero GPL license to Server Side Public License (SSPL) in 2018.
  • Sentry
    • It re-licensed the original BSD license to Business Source License (BSL).
  • Certain modules created by Redis Labs (e.g. RediSearch, Redis Graph, ReJSON, Redis-ML, Rebloom) are licensed Apache 2.0 modified with Commons Clause.
    • The Commons Clause license is not an open source license. It prohibited companies or service providers to sell software released in Common Clause license. Also, it places restriction on other software that derives, depend entirely or substantially on the software released in Common Clause license. The restriction would require those software to be placed in Common Clause license too. Here's the Related article.

Note not all these software licensing models are considered as open source license.

MongoDB and SSPL

MongoDB was originally released in the GNU Affero GPL. But in 2018, it was changed to release in Server Side Public License (SSPL). SSPL is similar to AGPL, but it had added new rules. One of the most important change is targeted at service providers. In SSPL, any service providers that provide services that entirely or primarily based on MongoDB (including it's modified version), then the service providers need to release the entire related source code. Clearly, it is targeted at service provides like Amazon. Amazon forked the MongoDB from a version before it is changed to SSPL and is called DocumentDB. Many open source Linux distributions had dropped shipping MongoDB since the licensing change.

Business Source License

Some software development companies want an open source approach, but they do not want competitors or service providers to take their software and cause direct competition. Recently there is a type of license called Business Source License (BSL). For software licensed in BSL, it usually involves in two stages. In the first stage, the software is usually free to use. In this stage, some companies restriction that the software may not be used to provide commercial version of the software (Sentry) or there is a limit on maximum instances that user could install (Maria Maxscale with BSL 1.0 in the past).

Usually after a duration, say two or three years, the software would be released in the second stage and released in a more permissive license. The date when the software could be relicensed is also called 'the Change Date'. It would be usually free to use or deploy without restriction. In this way, it prevents direct competition from competitors and service providers.

Finally, check out the 'further reading' section for details and history about different licenses.

Further reading

Share this post on: TwitterRedditEmailHackerNewsLinkedInFacebookIndienews