Language Selection

English French German Italian Portuguese Spanish

Legal

MongoDB Becomes Less Affero GPL-Like

Filed under
Server
OSS
Legal
  • Fed up with cloud giants ripping off its database, MongoDB forks new open-source license

    After Redis Labs relicensed the modules it developed to complement its open-source database, from AGPL to Apache v2.0 with a Commons Clause, the free-software community expressed dismay.

    And, inevitably, some responded by forking the affected code.

    Today, the maker of another open source database, MongoDB, plans to introduce a license of its own to deal with the issue cited by Redis: cloud service providers that sell hosted versions of open-source programs – such as Redis and MongoDB database servers – without offering anything in return.

    "Once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community," said Dev Ittycheria, CEO of MongoDB, in a phone interview with The Register.

    Ittycheria pointed to cloud service providers such as Alibaba, Tencent, and Yandex. Those companies, he claims, are testing the boundaries of the AGPL by benefiting from the work of others while failing to share their code.

  • MongoDB switches up its open-source license

    MongoDB is a bit miffed that some cloud providers — especially in Asia — are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. To combat this, MongoDB today announced it has issued a new software license, the Server Side Public License (SSPL), that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions.

    Previously, MongoDB used the GNU AGPLv3 license, but it has now submitted the SSPL for approval from the Open Source Initiative.

  • MongoDB license could push open source deeper into cloud: Is this what industry needs?

    Things just got serious in open source land. Despite the occasional Commons Clause or Fair Source licensing attempt to change the meaning of the words "open source" to include "the right for a private company to make money from its open source efforts," we've stuck to the Open Source Definition, and it has served us well. Open source communities have become the center of the innovation universe, giving us exceptional code like Linux, Kubernetes, Apache Kafka, and more.

  • It's MongoDB's turn to change its open source license

    The old maxim that the nice thing about standards is that there are so many to choose from could well apply to open source licensing. While now nearing a couple years old, the last WhiteSource Software survey of the top 10 open source licenses found close competition between the GPL, MIT, and Apache licenses. While the commercial-friendly Apache license has dominated the world of big data platforms and AI frameworks, MIT and GPL (which has "copyleft" provisions requiring developers to contribute back all modifications and enhancements) continues to be popular. GPL and variants such as the AGPL have been popular amongst vendors that seek to control their own open source projects, like MongoDB.

  • Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License

    MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

    "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

    “Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available."

    MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:"We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI."

    At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

New Paper From Mark Shuttleworth and Eben Moglen

Filed under
Ubuntu
Legal
  • Automotive Software Governance and Copyleft

    The Software Freedom Law Center is proud to make available a whitepaper by Mark Shuttleworth, CEO of Canonical, Ltd., and Eben Moglen, Founding Director of the Software Freedom Law Center and Professor of Law at Columbia Law School. The whitepaper shows how new capabilities in the free and open source software stack enable highly regulated and sensitive industrial concerns to take advantage of the full spectrum of modern copyleft software.

    Software embedded in physical devices now determines how almost everything – from coffee pots and rice cookers to oil tankers and passenger airplanes – works. Safety and security, efficiency and repairability, fitness for purpose and adaptability to new conditions of all the physical products that we make and use now depend on our methods for developing, debugging, maintaining, securing and servicing the software embedded in them.

  • SFLC: Automotive Software Governance and Copyleft

    The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.

Open Invention Network is a Proponent of Software Patents -- Just Like Microsoft -- and Microsoft Keeps Patents It Uses to Blackmail Linux Vendors

Filed under
Linux
Microsoft
Legal

OIN loves Microsoft; OIN loves software patents as well. So Microsoft’s membership in OIN is hardly a surprise and it’s not solving the main issue either, as Microsoft can indirectly sue and “Microsoft has not included any patents they might hold on exfat into the patent non-aggression pact,” according to Bradley M. Kuhn

Read more

​Redis Labs and Common Clause attacked where it hurts: With open-source code

Filed under
OSS
Legal

After Redis Labs added a new license clause, Commons Clause, on top of popular open-source, in-memory data structure store Redis, open-source developers were mad as hell. Now, instead of just ranting about it, some have counterattacked by starting a project, GoodFORM, to fork the code in question.

Read more

Vember Audio’s Surge Plug-in Liberated Under GNU GPLv3

Filed under
GNU
OSS
Legal
  • Surge Synth Set Free

    Vember Audio tells us that, as of 21th September 2018, Surge stopped being a commerical product and became an open-source project released under the GNU GPL v3 license. They say that, for the existing users, this will allow the community to make sure that it remains compatible as plug-in standards and Operating Systems evolve and, for everyone else, it is an exiting new free synth to use, hack, port, improve or do whatever you want with.

  • Vember Audio’s Surge synth plugin is now free and open-source

    Reviewing Vember Audio’s Surge synth over a decade ago, we said: “This is a big, beautiful-sounding instrument. It's not cheap, but few plugins of this quality are.” Well, the sound hasn’t changed, but the price has; in fact, Surge has just been made free and open-source.

    Thanks to its wavetable oscillators and FM-style algorithms, Surge is capable of creating some pretty sparkling sounds, but it also has analogue-style functions that make it suitable for producing vintage keyboard tones.

    Vember Audio says that it’s been set free so that it can continue to be developed by the community and remain compatible with current standards and operating systems.

The Software Freedom Conservancy on GPLv2 irrevocability

Filed under
GNU
Linux
Legal

For anybody who has been concerned by the talk from a few outsiders about revoking GPL licensing, this new section in the Software Freedom Conservancy's copyleft guide is worth a read.

Read more

My code of conduct

Filed under
Linux
Legal

There are many “code of conduct” documents. Often they differ a lot. I have my own and it is probably the shortest one:

Do not be an asshole. Respect the others.

Simple. I do not care which gender people have when I speak with them (ok, may stare at your boobs or butt once) nor their sexual preferences. Colour of the skin does not matter as most of my friends I first met online without knowing anything about them. Political stuff? As long as we can be friends and do not discuss it I am fine. Etc etc.

It works on conferences. And in projects where I am/was involved.

Someone may say that part of it was shaped by working for corporation (is Red Hat corpo?) due to all those no harassment regulations and trainings. I prefer to think that it is more of how I was raised by parents, family and society.

Read more

FOSS, standard essential patents and FRAND in the European Union

Filed under
OSS
Legal

As part of the research project on “The Interaction between Open Source Software and FRAND licensing in Standardisation”, a workshop was organised by the European Commission, Joint Research Centre (JRC) in collaboration with Directorate General Communications Networks, Content and Technology (CONNECT) to present and discuss the intermediate results to date. The workshop took place in Brussels on September 18, 2018. I presented a set of observations from the research on the case studies performed as part of the project that are outlined below. Other speakers where Catharina Maracke on the issue of legal compliance between Open Source and FRAND licenses, Bruce Perens on “Community Dynamics in Open Source”, and Andy Updegrove on “Dynamics in Standardisation”.

You may ask what the relevance of this debate is for the wider Free and Open Source Software community. The obvious answer is that to distribute software “without restriction”, the user needs all the usage rights associated with the program. While most FOSS contributors assume that this is naturally the central motivation for anybody to contribute in the first place, there is a long history of attempts to maintain some sort of exclusive control over a piece of FOSS code, possibly using other rights than copyright.

Read more

The Commons Clause causes open-source disruption

Filed under
OSS
Legal

Redis Labs tried to legally stop cloud providers from abusing its trademark, but found it difficult because of the legal resources and budgets these giant companies have.

So the company took another route and decided to change the licenses of certain open-source Redis add-ons with the Commons Clause. This change sparked huge controversy within the community with many stating that Redis was no longer open source.

“We were the first significant company to adopt this and announce it in such a way that we got most of the heat from the community on this one,” said Bengal.

The reason for the uproar is because the Commons Clause is meant to add “restrictions” that limit or prevent the selling of open-source software to the Open Source Initiative’s approved open-source licenses.

“ … ‘Sell’ means practicing any or all of the rights granted to you under the License to provide to third parties, for a fee or other consideration (including without limitation fees for hosting or consulting/ support services related to the Software), a product or service whose value derives, entirely or substantially, from the functionality of the Software. Any license notice or attribution required by the License must also include this Commons Clause License Condition notice,” the Commons Clause website states.

According to the OSI, this directly violates item six of its open-source definition in which it states no discrimination against fields of endeavor. “The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research,” the definition explains.

Read more

Is the ‘commons clause’ a threat to open source?

Filed under
OSS
Legal

There are discussions on various forums regarding this clause with conflicting views. So, I will try to give my views on this.

Opposers of the clause believe a software becomes propriety on applying commons clause. This means that any service created from the original software remains the intellectual property of the original company to sell.

The fear is that this would discourage the community from contributing to open-source projects with a commons clause attached since the new products made will remain with the company. Only they will be able to monetize it if they choose to do so.

On the one hand, companies that make millions of dollars from open source software and giving anything back is not in line with the ethos of open source software. But on the other hand, smaller startups and individual contributors get penalized by this clause too.

What if small companies contribute to a large open source project and want to use the derived product for their growth? They can’t anymore if the commons clause is applied to the project they contributed to. It is also not right to think that a contributor deserves 50% of the profits if a company makes millions of dollars using their open source project.

Read more

Syndicate content

More in Tux Machines

Programming: CI/CD and 'DevRel'

  • CloudBees and Google Cloud Partner to Accelerate Application Development on Anthos

    Respective leaders in DevOps and cloud computing are partnering to provide end-to-end application development automation from source to production...

  • Codefresh’s More Robust, Open Source Marketplace Makes Coding Easier, Faster, More Secure

    First deployed in December 2018, the Codefresh Marketplace makes it easier for code developers to find commands without having to learn a proprietary API – every step, browsable in the pipeline builder, is a simple Docker image. The Marketplace contains a more robust set of pipeline steps provided both by Codefresh and partners, such as Blue-Green and Canary deployment steps for Kubernetes, Aqua security scanning, and Helm package and deployment. All plugins are open source and users can contribute to the collection by creating a new plugin.

  • Codefresh freshens produce at the Kubernetes code marketplace

    Codefresh is the first Kubernetes-native CI/CD technology, with CI denoting Continuous Integration and CD denoting Continuous Delivery, obviously. The organisation has this month worked to improve its open source marketplace with features that focus on faster code deployment. First deployed in December 2018, the Codefresh Marketplace [kind of like an app store] allows developers to find commands without having to learn a proprietary API — this is because every step, which is browsable in the pipeline builder, is a simple Docker image.

  • DevOps World | Jenkins World: CircleCI orbs, DevOps Institute’s Ambassador Program, and Codefresh Marketplace

    DevOps and Jenkins is on full display this week at CloudBees’ DevOps World | Jenkins World taking place in San Francisco. In addition to the DevOps thought leaders and community members coming together to learn, explore and help shape the next generation of Jenkins and DevOps, a number of organizations took the opportunity to reveal new products. [...] SmartBear revealed TestEngine, a new solution designed to automate test execution in CI/CD environments. In addition, the company announced ReadyAPI 2.8 to accelerate functional, security and load testing of RESTful, SOAP, GraphQL and other web services. The new tools are aimed at accelerating API delivery. Users can now execute ReadyAPI, SoapUI Pro and SoapUI Open Source tests simultaneously on a central source that’s integrated into their development processes. This tackles the challenges that Agile and DevOps teams have such as complex deployments, large regression suites, and global development teams, according to SmartBear in a post.

  • What Is Developer Relations?

    Matthew Broberg, Advocate and Editor at opensource.com says that in practice the implementation of DevRel has been far from consistent. "DevRel, in theory, is the intersection of three disciplines: engineering, marketing, and community management," he says. "In practice, DevRel applies to a wildly popular set of job titles with wildly different expectations across different organizations." [...] Rebecca Fitzhugh, Principal Technologist at Rubrik agrees. "While there is certainly a marketing component when representing the company to the customer and community, it's equally about representing the customer to the company," she says. "Our DevRel team brings feedback from our customers to the product and engineering team in order to drive a better developer experience against our product's APIs."

Network transparency with Wayland: Final report.

The goal of this 2019 Google Summer of Code project is to develop a tool with which to transparently proxy applications that use the Wayland protocol to be displayed by compositors. Unlike the original X protocol, only part of the data needed to display an application is transferred over the application's connection to the compositor; instead, large information transfers are made by sharing file descriptors over the (Unix socket) connection, and updating the resources associated with the file descriptors. Converting this side channel information to something that can be sent over a single data stream is the core of this work. The proxy program I have developed for the project is called Waypipe. It can currently be found at gitlab.freedesktop.org/mstoeckl/waypipe. (I am currently looking for a better stable path at which to place the project; the preceding URL will be updated once this is done.) A few distributions have already packaged the program; see here; alternatively, to build and run the project, follow the instructions in the README and the man page. My work is clearly identified by the commit logs, and amounts to roughly ten thousand lines of C code, and a few hundred of Python. Read more Also: Vulkan 1.1.120 Released As The Newest Maintenance Release

The ClockworkPi GameShell is a super fun DIY spin on portable gaming

Portable consoles are hardly new, and thanks to the Switch, they’re basically the most popular gaming devices in the world. But ClockworkPi’s GameShell is something totally unique, and entirely refreshing when it comes to gaming on the go. This clever DIY console kit provides everything you need to assemble your own pocket gaming machine at home, running Linux-based open-source software and using an open-source hardware design that welcomes future customization. The GameShell is the result of a successful Kickstarter campaign, which began shipping to its backers last year and is now available to buy either direct from the company or from Amazon. The $159.99 ( on sale for $139.99 as of this writing) includes everything you need to build the console, like the ClockworkPi quad-core Cortex A7 motherboard with integrated Wi-Fi, Bluetooth and 1GB of DDR3 RAM — but it comes unassembled. Read more

KNOPPIX 8.6.0 Public Release

Version 8.6 basiert auf → Debian/stable (buster), mit einzelnen Paketen aus Debian/testing und unstable (sid) (v.a. Grafiktreiber und aktuelle Productivity-Software) und verwendet → Linux Kernel 5.2.5 sowie Xorg 7.7 (core 1.20.4) zur Unterstützung aktueller Computer-Hardware. Read more English: Knoppix 8.6 new public version is finally out !