Liquibase Continues to Advertise Itself as "open Source" Despite License Switch
Posted3 months agoActive2 months ago
github.comTechstoryHigh profile
heatednegative
Debate
80/100
Open SourceLicensingSoftware Development
Key topics
Open Source
Licensing
Software Development
Liquibase switched from an open-source license to a proprietary one, sparking controversy and discussion about the implications of such a change and potential alternatives.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
1h
Peak period
153
Day 1
Avg / period
53.3
Comment distribution160 data points
Loading chart...
Based on 160 loaded comments
Key moments
- 01Story posted
Oct 16, 2025 at 4:02 AM EDT
3 months ago
Step 01 - 02First comment
Oct 16, 2025 at 5:12 AM EDT
1h after posting
Step 02 - 03Peak activity
153 comments in Day 1
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 28, 2025 at 10:57 PM EDT
2 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45602676Type: storyLast synced: 11/20/2025, 8:18:36 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Paying a license and playing by the rules of a myriad licenses is a chore even for those who can afford it.
Now, of course they should get paid for the work they do, but these sort of "we were FOSS and surprise we're not anymore" are becoming commonplace and are always done hoping no one notices.
Most of us prefer not to bring on a dependency in our project that is primarily designed to extract commercial value from users and is less friendly to contributors than similar open source projects.
It's like me starting the cheese initiative and trying to control what others call cheese, a job that's typically reserved for governments.
I also don't care if somebody in 1975 said "I like to be open, and I'll let anyone look at the source." Old McDonald had a farm before McDonald's was a restaurant, but that doesn't mean that if you open a restaurant called McDonald's that is decorated like a McDonald's, you're not a scammer. I know your plastic fruit is carbon-based, but if you label it as "organic" you're a thief.
If you're not trying to scam people, be creative and make up your own catchphrase for letting people look at your source code - or don't even, because the whole idea of having a branding for allowing people access (and rights to) the source is imitation of the FSF and OSI.
Like I said above, they're as official as the cheese initiative I just made up.
No government has endorsed them, and open source is not a protected name in any country I am aware of.
They're just some arrogant American organisation that expects the entire world to bend to their whim, as usual.
Open Source isn't a brand, it isn't a trademark, it was hijacked by OSI to enforce their specific interpretation of a phrase that was already in use. OSI wasn't founded until 1998, over a decade after the term open source software became popular and was used throughout the unix and linux communities and in businesses such as Caldera. Before OSI came up with the OSD many creators of open source software had non-compete clauses in the licence.
They have successfully convinced a generation of developers that “Open Source” is pure and holy, but a licensee that includes a term that says something like no company making more than $100 million per year can use this software for free is unclean and maybe even evil.
They don’t want alternative licenses to exist because it hurts their bottom line.
Although, on the other hand, "Two years after release, the license for each applicable version of Liquibase Community code reverts to Apache 2.0". So, it's like... eventually open source. Which is still misleading, as it doesn't apply to the current versions.
I think everyone thinks the way they understand open source is the way everyone understands open source. And yet every time an open source project, by any definition, changes their license, people debate what open source really means.
Unlike a term born with a specific definition, like "FOSS", open source doesn't really have a definition. The OSI has a definition that seems to be most popular, but that's not the only understanding of the term that is doing the rounds.
For plenty of people, open source means "source-available software". For others, it's software licensed under a subset of specific licenses (which licenses is also a subject for debate). And for some it means "software developed in a specific way that involves the community", like many Linux adjacent projects are, disqualifying corporate projects licensed under those specific licenses because they can do a Liquibase any time they want and there's very little chance a community large enough to maintain and develop the existing code will stand up when they do.
Liquibase now falls under one of the three definitions I've heard people agree about rather than two.
Funnily enough, the Liquibase project agrees with this sentiment too (or wants to avoid the fallout from open source gatekeepers): https://github.com/liquibase/liquibase/pull/7380
Liquibase and Flyway are the only major frameworks on the JVM which could be embedded into a JVM application to get rid of a sidecar or a startup process which has to run before the actual application could start.
That's exactly why Liquibase turned source-available. These abstractions are leaky, error-prone and are better maintained via the money from support contracts.
"Make problem, they earn money fixing them" is a reasonable modus operandi.
https://en.wikipedia.org/wiki/Business_Source_License
At this point, FSL appears to be more widespread than BSL. Adoption of BSL has waned; even its creators (MariaDB, for their MaxScale proxy product) recently stopped using it.
I stand corrected. I hate license proliferation, but the naming and marketing is better. I hope the other former open-source companies consolidate on something.
> undergoes delayed Open Source publication (DOSP). [1]
and that "DOSP" (Delayed Open Source Publication) is an OSI concept! [2]
But I cannot (yet) find what the timeframe for the DOSP is... because we don't want to wait 90 years for Mickey to be public domain.
[1] https://fair.io/about/
[2] https://opensource.org/delayed-open-source-publication
As for the timeframe, FSL uses a 2 year period.
edit to add: just to be clear, I'm a fan of FSL and Fair Source licensing, and do not consider lack of OSI endorsement to be a problem.
Either just reading the "base" part and plugging some unrelated service, or claiming source available is the same as open source
"Is FSL an open source license?
No."
https://www.liquibase.com/blog/liquibase-community-for-the-f...
The capitalised term indicates it's a license approved by the Open Source Initiative, which is commonly used as the basis of "actual open source"
(I do agree that this gets a little murky, especially with folks who don't understand the nuance, which is a large percentage of folks talking about this)
I do agree that not calling something even "open source" if it's under a license like the FSL is best
Liquibase has only itself to blame.
Or "open source when obsolete" because that's what it is, fundamentally. Of course, it sells less and makes it way more obvious what these delayed open source licenses are at their core: "we'd like to make people believe we respect their freedom, but are not actually convinced with giving them that".
There is this blind trust in open source model taken to a unhealthy or misguided extreme in a lot of online discussion.
A two year delay is pretty reasonable and liberal. It allow costumers that dont want to accept the new licence able to continue as-is by simply following an older version.
In my case, it's not about any open source model, it's about software freedom.
What's unhealthy is non-free software, and there's nothing extreme in having this opinion.
If you base your opinions on pure black and white tests without considering the actual tradeoffs of the license then that's blindness.
What do we do now?
> It's free for humans and 99.999% of businesses
Nope. "Free" has specific meaning in this context, this qualifier doesn't apply here. It's the whole point. If you believe it applies, you've fundamentally misunderstood the free software definition and what's at stake for the free software movement.
More specifically, the qualifier is not relative to a specific entity and what freedom it actually needs / uses at some given point in time.
I'm certainly for fundamental freedoms like the freedom of the press, even if I'm not myself a journalist.
To go further with the comparison, there's nothing in being against compromising on the freedom of the press that's blindness or being black and white (or maybe it's being black and white, but I can't see how it would be wrong).
> I'm certainly for fundamental freedoms like the freedom of the press, even if I'm not myself a journalist.
Freedom of the press has more restrictions. In particular violating an NDA in your press activities is somewhat similar in how it affects few people and is time-limited.
GPL and MIT fully fulfill the exigences of the free software definition, there's no compromise here.
Choosing between GPL and MIT may involve compromises, but we are talking about something else, you are moving the goalposts here.
(note: I kept updating my previous comment, probably while you were writing this, sorry for this)
(edit: ah, you noticed)
> Freedom of the press has more restrictions. In particular violating an NDA in your press activities is somewhat similar in how it affects few people and is time-limited.
Violating an NDA is a matter of law and contracts that can equally apply to software, it's not at the level of the fundamental right or at the level of the license.
If you are speaking about protecting one's source, then it's orthogonal (and probably also an important mechanism for) freedom of the press.
> it's not at the level of the fundamental right or at the level of the license.
I would say the ability to run a competing business within two years is less fundamental than the ability to talk about what you saw at your former job.
Also what are you saying about "not at the level"? It overrides the fundamental right, but people accept that.
No. Someone can use some MIT licensed software for any purpose and can strictly do anything with it that the GPL would allow.
Just as free.
However, I do agree that permissive licenses like the MIT allows someone to build proprietary software with the code, and the users won't enjoy software freedom with that result. That would be the reason why I wouldn't license my software under permissive license except for specific cases.
One could argue the MIT actually gives more freedom to the user: they can, with a MIT source code, build and distribute a proprietary derivative. Of course, this doesn't mean this additional freedom is desirable.
> Also what are you saying about "not at the level"? It overrides the fundamental right, but people accept that.
Yeah, just like laws limit your freedom to run free software for any purpose. You, for instance, can't legally take /bin/ls with you to go kill someone even if its license itself doesn't explicitly forbid it. I'm pretty fine with this.
I have some feeling we do agree that freedom is never absolute and kinda argue past each others.
That's the part I was talking about.
So I don't know why you started your post with "No."
> I'm pretty fine with this.
Cool. And I'm fine with some other restrictions. So we're agreeing that being fine with a restriction doesn't necessarily mean anyone has "lost the direction" of free software? And instead we can talk about the specific dangers of a restriction without reflexive rejection?
It's not a hard thought experiment. Just imagine this license applied to whatever database you're used to spinning up in the cloud on whatever provider you want. If that one provider doesn't have the plan you're looking for, you're forced to take on the work of hosting it yourself because no one is allowed to do that for you and let you pay them because the license forbids it.
https://www.gnu.org/philosophy/free-software-even-more-impor...
That license restricts what you can do with the software due to a business interest of the author. Therefore, it's non-free or proprietary.
> That license restricts what you can do with the software due to a business interest of the author.
Yes, it restricts you from offering a competing hosted service. Do you offer a competing hosted service to Liquibase using Liquibase's source code? Is this something you ever would conceivably do? If not, how does this restriction affect your life in any way?
> Therefore, it's non-free or proprietary.
I never claimed it was Free Software.
That's exactly what my comment is addressing! People advocating for Free Software don't usually advocate that _only_ the software they use should be free; they advocate for the freedom of all users.
> I never claimed it was Free Software.
You did not, indeed. Sorry if my wording gave the impression I was trying to put claims in your post. That phrase is an answer to this question from you:
> Why do you object to FSL for this specific type of software
We object to it because it makes the software proprietary rather than free.
Personally I call that something other than promoting freedom. Quite the opposite.
Free software encurrage interoperability to a degree, but interoperability and free software are very separate things.
And hosting providers are not evil or bad for making highly coupled systems. Its a valuable service companies gladly pay for, and a compromise developers need to calculate in their plans.
And competitors can still host a mildly older version freely, so that prevents long term lock-in even if I ignore self hosting.
So the main company still has to compete to keep business, which is good for everyone, but they keep some control over the hosting business, which means they're less likely to get crushed and stop updating. I think it sounds good overall.
Isn't two years of security patch lag a big deal?
Your phrasing is malicious. It waves off a 40 year fight from many reasonable people as extreme and ridiculous, or as religious-like.
Did you expect me to answer "no, nothing else than puritanism" to your question?
Well, I won't.
That's like saying that although I could, I won't vote for candidate C who is against the freedom of the press when candidate C would prevent awful newspaper N from publishing its horrible bullshit.
I'd prefer newspaper N not to publish bullshit, or even to not exist at all, but I wouldn't want this to cost the freedom of the press.
AWS doing terrible things shouldn't cost us user software freedom.
Yes, indeed, there's stuff that I will do or won't do out of principles, of course! Even if it would be convenient to do otherwise! Is this an alien concept?
How is this difficult to understand that someone doesn't want compromises on rights that ought to be fundamental?
I've written about this in other comments, but this happened to me in 2015 hosting Elasticsearch and the official Elasticsearch hosting offering just didn't support CPU configurations that were proper for geohashing heavy workloads. I had to switch to AWS to get that. They even talked to the head of sales, and they said, yeah, we're working on it, but right now your best bet is to switch. Under a license like this, that wouldn't be possible.
Being stuck between "host it yourself" or "don't have the latest features" is pretty far from a rock and hard place.
Also I feel like "obsolete" is the wrong word for that.
Company personhood and its implications and restrictions differ from jurisdiction to jurisdiction, and in countries like the USA the exact definition is still a matter up for debate.
Businesses are precisely and exactly people.
Yes a business is made out of people, but that's a very different thing from what I was talking about.
(And please don't mention sole proprietorships, what I meant should be plenty clear now.)
We're talking about freedoms, not the ability to interact with the legal system.
I wonder if a project which uses Liquibase can be included in Debian, Fedora, etc.? Since these projects also have requirements on OSS licenses for the software they distribute.
[1] https://github.com/keycloak/keycloak/issues/43391
Cannot be included in the main repositories, but nothing stops them from being part of other repositories (custom, or if something like rpm fusion non-free exists for Debian based distros as well).
1. They co-opted the free software movement and made it more business friendly.
2. They convinced people that Open Source is pure and software that isn’t Open Source is unclean.
3. They convinced a bunch of developers that their definition of Open Source that was specifically crafted to protect business interests is canon.
4. They convinced a well meaning subset of those developers to police the other devs and pressure them to release their software under big tech approved licenses.
‘The word "free" in our name does not refer to price; it refers to freedom. First, the freedom to copy a program and redistribute it to your neighbors, so that they can use it as well as you. Second, the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.’
Giant trillion dollar conglomerates repackaging and selling a product backed by free labor without contributing back wasn’t something they were contemplating back then.
I think it's very intentional that a restriction on what you can do with software -- including reselling it -- is a violation of the "four freedoms" -- freedoms for what someone can do with software, including redistribute it or use it for any purpose they want (including reselling it).
These licenses meant to prohibit users from using the software in ways that harm the business interests of the programmers -- I am confident the original creators of free software four freedoms would agree they are not free software. It is very intentional that they were saying the freedom of users to do what they want with software should not be limited for the convenience of the business interests of those who wrote the software.
This license isn’t about users. If you are repackaging and reselling software you are no longer the end user, you are a vendor. Your customers are the end user.
This license in particular isn’t my favorite, but I’m totally fine in theory with licenses that attempt to patch loopholes exploited by bad actors.
> Actually, we encourage people who redistribute free software to charge as much as they wish or can. If a license does not permit users to make copies and sell them, it is a nonfree license.
The whole thing was thought up when residential internet couldn’t be used for much more than email, BBS and Usenet, and it wasn’t viable to use it for downloading a text editor.
It’s not a timeless set of principles to live by forever after, proprietary software —that’s not charged for- dominates everyone’s lives more than ever in the public and private sphere, precisely from companies that benefited from the open source ecosystem of software engineering tools.
> Meanwhile, the users who know nothing about computers need handholding: doing things for them which they could easily do themselves but don't know how.
> Such services could be provided by companies that sell just handholding and repair service. If it is true that users would rather spend money and get a product with service, they will also be willing to buy the service having got the product free. The service companies will compete in quality and price; users will not be tied to any particular one. Meanwhile, those of us who don't need the service should be able to use the program without paying for the service.
"The service companies will compete in quality and price; users will not be tied to any particular one."
In the Free Software community, this line was always blurry, almost non-existent even.
Even if the receiver of the Free Software package is not a programmer by any definition, at worst case, they can ask for a friend to patch something up, and if another friend wanted his patched version, the modified source code has to move with the software package.
Open Source software can block even this simple pathway by not giving back the modified source from friend to the user, creating a dependency. It'd be heartless to do this between two friends, but companies will happily do that.
My most vivid example of this is SDKs for hardware. Half of the API is open, but the patched version of the (open source) libraries cost $2K+, several NDAs and allegiance to company for the rest of your life or you can be sent to a concentration camp operated by an alliance of companies doing the same thing.
...and this is just for a small biometric scanner you happen to find in a piece of 10 year old discarded tech.
The GNU Project and Richard Stallman, who made this statement, would agree that it's not free under even this earliest definition. They in-fact made it even clearer when they defined freedom of "use" as the distinct 0th freedom eventually to make it even clearer that being able to use the software freely is fundamental to their idea of freedom. Again, freedom isn't about price, it's about usage, availability, redistribution and lack of restrictions on this. I cannot freely redistribute FSL licensed code under the original definition of free software.
"Giant trillion dollar conglomerates repackaging and selling a product backed by free labor without contributing back wasn’t something they were contemplating back then."
Yes, the GNU project were acutely aware of this and designed the GPL licenses around such scenarios - they just didn't design it for SaaS businesses, where if you redistribute the built program externally after modifying it but only distributed its responses over a network, you technically weren't obligated to open source that modification. AGPL resolved this issue, and has more case law behind it than this 2 year old license, and has certainly less daunting implications than a not legally well defined 'competing purpose'.
Wrt to the legal concerns with AGPL, they're not actually that it wouldn't provide any protection, but rather that it might offer the originally distributing entity too much power: legal power to declare all software used in the stack to produce a network request MUST be made source available. I have not seen any lawyer concerned with whether or not Amazon would be able to bypass its protections, and the license was made by lawyers to clearly provide protection. Did you create this legal theory yourself? Because I've not seen any writing from a lawyer on the internet that suggests that Amazon could firewall themselves off in a friendly jurisdiction under any reading of the license, and I read a lot of AGPL lawyerblogging.
Sentry, the company who created FSL, even states that this license restricts user freedom explicitly - for the sake of the business interests of the original developer.
So summing up.. Richard Stallman, the FSF, the GNU Project, the OSI, the creators of the FSL, the company now currently using FSL, all agree that this source available license does not meet the definition of "free software". So, whose definition are we using out of thin air?
You’re free to distribute it to your neighbors for free for any purpose. You’re free to distribute it for a fee for almost any purpose save one. You just can’t commercialize it as a competing product.
“Source available” again calling this source available is disingenuous. You’re deliberating using the least free term that is technically accurate.
This isn’t my favorite license, but it provides a lot more freedoms than merely looking at the source code.
With respect to AGPL providing “too much control”. That is a valid and likely reason for courts to find it unenforceable.
So it does not meet the original free software's required freedoms, and is therefore not free software?
>“Source available” again calling this source available is disingenuous. You’re deliberating using the least free term that is technically accurate.
No, the source is available to read and the software is not free based on the historical definitions you're providing, unfortunately. Happy to understand from a different lens, but Stallman specifically meant freedom in the way even FSL writers agreed with.
Also, please refrain to using commonly used terms in the common way as 'disingenuous', it doesn't lead to interesting discussion and is how these threads end up needing to be patrolled by dang: https://news.ycombinator.com/newsguidelines.html
>With respect to AGPL providing “too much control”. That is a valid and likely reason for courts to find it unenforceable.
So, this is a personal non-legal theory that does not have a basis in jurisprudence, then? GPLv3 is proven as enforceable, and is what AGPL is based on. No court in any legal system would throw away a license based on giving "too much control". That's just not how copyright or licensing contracts work. You may want to disclaim conjectures like this with IANAL..
My entire point is how big tech has captured the zeitgeist, so the common use of that term is irrelevant.
>No court in any legal system would throw away a license based on giving "too much control".
You are 100% incorrect. Contracts are frequently found unenforceable for this exact reason.
>So it does not meet the original free software's required freedoms, and is therefore not free software?
The original definition says nothing about a fee or what restrictions may be in place.
It's not dirty, it just doesn't follow the principles the rest of us espouse. We're interested in software that follows these principles via a license like this.
That you're ascribing malice to the entire FOSS community seems a bit strange, when they're the ones who created the free software definition in the first place. The source is available but is not free software even in the original definition.
>Contracts are frequently found unenforceable for this exact reason.
So, personal theory, wrt AGPL. Given you've recently been made aware of the stack of case law for AGPL and that it is largely _just_ GPLv3, I wonder why you think this is a possibility given it is your uninformed non-expert opinion.
>The original definition says nothing about a fee or what restrictions may be in place.
Completely out of context, because even the original definition defines it as "free speech" as in that there are no restrictions on the ways you can freely using it anyway you want, including distributing it.
You're right that a business might offer a fee for free software under this definition, but that's unrelated to it being free to distribute under any clauses.
Given that Stallman is alive and we don't have to do dubious Stallman legal textualism to justify source available licenses, when even source available license writers and users are fine with that distinction, seems a bit strange.
I've been involved in this for decades at this point. Free Software and Open Source folks generally "source available" as a pejorative.
By using a term that implies the lowest level of freedoms possible for software that doesn't restrict access to the source code, you are implying that no freedoms exist beyond reading the source.
>Given you've recently been made aware of the stack of case law for AGPL and that it is largely _just_ GPLv3, I wonder why you think this is a possibility given it is your uninformed non-expert opinion.
AGPL significantly changes GPLv3. If you want to understand how that could cause it to be unenforceable read up on severability and its limitations in various jurisdictions. Courts have wide latitude in most jurisdictions to decide how much of a contract or license (in civil law jurisdictions they are always the same thing) to uphold if certain parts are invalidated.
>Completely out of context, because even the original definition defines it as "free speech" as in that there are no restrictions on the ways you can freely using it anyway you want, including distributing it.
Free speech has restrictions in every jurisdiction in the world. Saying in something is "free as in free speech" has no implication that it is absolutely free from all duties, obligations , or restrictions.
If that is a requirement for free software, the GPL isn't a free software license because it does place obligations on distribution.
>Given that Stallman is alive and we don't have to do dubious Stallman legal textualism to justify source available licenses, when even source available license writers and users are fine with that distinction, seems a bit strange.
I don't care what a single individual says about what he believes now. I'm more interested in what he said in 1985 and what the people who made up the community believed.
Mostly though I only care about any of the past cruft because Open Source and to a lesser extent Free Software has takes the air out of the room in any discussion about software freedoms.
I'm interested in realistic compromises to make more free software more viable in a world where Amazon, Google, and Facebook exist. I'm not interested in ideals about a very specific meaning of absolutely free software.
Okay, I'm confused why you bring free software or the free software definition into this at all then if you're just picking and choosing what parts of the original statement/bulletin you care about and what parts you choose to disregard, on top of disregarding the original movement and organization founded at its inception.
If you're hoping to rebrand source available software, why not call it something other than _free software_ if you want to do a rebranding? You could propose similarly internally consistent principles and attempt to cultivate a community. Call it 'fair source' or 'managed availability' or something. Refer to the 'freedoms' as rights, instead. You'd convince a much larger group and wouldn't have to pretend that principles for commercialization wasn't considered in 1985.
Since, again, from the start there the goal of free software was that no single company was supposed to be the single commercializer of a piece of software. That principles carries to the GPL.
If you're hoping to convince us that source available software is actually free software, you're giving me a great platform to talk to others about the history of actually free software and making yourself appear wrongheaded as if you didn't read the original bulletin or understand the larger software development community, or worse that you're attempting to co-opt our very specific yet widely accepted professional definition of free software.
I agree it doesn't need to be called "source available"; it's just proprietary software.
That's not a bug, that's a feature. Freedom 0 applies to everyone.
Giving a gift does not confer an obligation, and "contributing back" is meaningless in this context. Someone using a gift you gave them to run a business does not harm you in any way whatsoever.
Free software has never been about giving gifts with no obligations.
It's not, it is an exchange.
You gain the ability to use the library or program in exchange for releasing your changes and modifications.
Well, unless it's MIT licensed, in which case you're kind of a sucker and it all but _is_ a gift to Big Tech.
There is plenty of FOSS that is not copyleft.
this is absolutely right, and the OSI has been successfully captured by these companies
would RedHat be able survive to IPO these days? I very much doubt it (see: Oracle Linux)
a new term is needed, "Open Source" is no longer fit for purpose in a world where the hyperscalers exist
"Fair Source"?
Somehow the service+infra is the same cost or cheaper then buying the infra alone and trying to deploy the open source version to it.
Then defend a source available license designed by a company that describes the license as intended for prioritizing business needs over user freedom and used, and is often brought out when businesses decide to switch a more available license to one that restricts commercial activity, co-opting public contributions that would otherwise never happened
INSTEAD of promoting copyleft licenses such as AGPL, seems a bit odd. We care about freedom, in every use case.
AGPL isn’t battle tested enough for me to be confident it will protect against big tech doing big tech things like spinning off a separate company in Ireland to firewall AGPL software.
What does it matter if they do? The point of the AGPL is that if you make a version available to users over the network, either you release the source to your version or you can't use it. That subsidiary could still be made to release the source or stop using it. Wouldn't that be "mission accomplished?"
I don't know if that scheme would work but I think "not battle tested enough" is valid.
Also there's some weirdness in how the availability requirement applies at the time of editing that gives me questions, but I'm far from an expert there.
I think a plain read of the license would make it clear that the "distribution" obligation occurs when you make it available on the network to your users (regardless of whether you modified it yourself or paid a contractor to do so), but I'm not a lawyer, so sometimes what looks like plain text to me can have a specific meaning that doesn't make sense to me.
Starting with no trickery, there's a lot of circumstances where you could buy software from a vendor and confidently declare you didn't modify it. And that should be true even if you ask for certain features just for you. So there's probably a way to make the separation work.
My view is that if Amazon or Apple lawyers thought they could bypass the AGPL that easily, they would've done it already (just look at the stuff NVIDIA does to pretend that it's not flagrantly violating the GPL).
> I suspect a judge would not look kindly on such shenanigans in any case.
I completely agree there, but they still need to find the license clause sufficiently correct and in scope if they want to throw the book at you.
You're also forgetting that even if it was illegal, setting up a shell company in a foreign country means the shell company will be able to get away with a lot of outright illegal stuff.
Chinese tech companies can just take your code with no recourse.
I'm not sure what's bad about 2. What's quite bad however IMHO is the push to use permissive licenses and the anti (A)GPL FUD that these big tech companies spread. Of course it is very convenient to them that every library under the sun is under MIT or BSD, so they can built proprietary software more efficiently.
Note: the OSI recognizes the AGPL as an open source license so at least the set of "big tech approved licenses" is not the same set as the OSI approved licenses.
[1] https://www.gnu.org/philosophy/open-source-misses-the-point....
AGPL hasn’t been thoroughly tested in the courts, so it’s unclear how much protection it offers. It’s not beyond someone like Amazon to setup a new company just firewall off AGPL software.
If I'm not mistaken, Apple would rather avoid touching anything GPLv3 with a ten foot pole. They are among the biggest tech companies in my mind.
Anybody seems fine with GPLv2 though. But GPL is less convenient than permissive licenses.
Of course, you can still indeed build services with GPL software without redistributing the modifications, which is the point of the AGPL.
> It’s not beyond someone like Amazon to setup a new company just firewall off AGPL software.
I suppose so. However, this would work as intended: the Amazon firewall company would need to redistribute the improvements.
Also, do you have examples of this happening? (not arguing, actually genuinely curious)
I think this poster created the legal theory themselves because they were aware of other legal concerns with the AGPL affecting the above scenario. I've read a lot of legalblogging about AGPL, and none bring up this as even a remote possibility, because unless you think GPLv3 case law is somehow irrelevant then you don't think AGPL will be simply bypassed.
One last thing: I'm surprised the poster was concerned about AGPL being untested, despite it using GPLv3, and not that FSL has only existed for 2 years and has 0 case law surrounding.
If I understand correctly what you say, this is one of the main concerns with the SSPL because of the following [1]:
> The SSPL is based on the GNU Affero General Public License (AGPL), with a modified Section 13 that requires that those making SSPL-licensed software available to third-parties (modified or not) as part of a "service" must release the source code for the entirety of the service, including without limitation all "management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available", under the SSPL.
I'm not familiar with this concern for the AGPL itself.
https://en.wikipedia.org/wiki/Server_Side_Public_License
So far this contagion concern hasn't actually played out, and big corporations/hyperscalers are often using AGPL software somewhere in their stack if they're using common Linux distros - and nothing thus far has been compelled to be open sourced that isn't AGPL software.
This might be insightful about the concerns as well as why lawyers still think it's straightforward: https://www.opencoreventures.com/blog/agpl-license-is-a-non-...
https://discuss.logseq.com/t/on-the-agpl-license-and-the-ide...
https://writing.kemitchell.com/2021/01/24/Reading-AGPL
(not a lawyer): https://drewdevault.com/2020/07/27/Anti-AGPL-propaganda.html
Oh yeah, I have encountered this argument before, indeed. Thanks for the pointers btw. I do agree with Drew (your last link) here. I think it's part of the FUD from Google & Co I mentioned in my first comment in this thread. To me, it's even an evidence that the AGPL actually works as intended: it's not convenient for the Big Tech companies who can't reuse the AGPL without having to release their code that's targeted to end users, which they don't want to do.
> big corporations/hyperscalers are often using AGPL software somewhere in their stack if they're using common Linux distros
Do you have specific software in mind? What's AGPL in a common Linux distro? I'm asking because this surprises me. AGPL isn't usually used for something that's not a internet service, I wouldn't expect to find it in Linux distros' basic blocks.
Debian is also the other more common one distros with AGPL software included with it.
Other things like forks of BerkleyDB by hyperscalers have all ended up as FOSS because of AGPL. Presumably this is a better example of where non-AGPL code would have not actually seen the light of day.
Oh I agree! And I think it's straightforward to comply with.
I was just explaining the common legal concerns that pop up with the license, and that too much 'contagion' has historically been a gripe about its lack of case law.
An AGPL enforcement would require the court to interpret its virality which is an open question before even deciding whether a violation occurred.
The potentially overreaching nature of AGPL is one reason it maybe unenforceable. On the other hand if courts lean towards the less viral interpretation Google could get around these issues by modding an AGPL project to run on their proprietary hardware that no one has access to and then simply releasing the modified source code.
In US courts, the case law shows that the "virality" is not really an open question because of GPLv3 case law, and has never been interpreted that way. I'm not sure why you're commenting about this scenario when you're unaware that this has been actually tried in courts.
In fact, we saw that in infamous Neo4j AGPL case, actually. AGPL worked as intended and protected the AGPL software in a similar way to LGPL. The court went on to protect non-GPL compliant additions that Neo4j made as being considered contagious, even, going even further to protect the original licensee than intended with the original unmodified license.
So, just recapping, you've gone from stating that Amazon could firewall off AGPL because it has no case law, and after learning it does has its case law includes GPLv3 that it simply may not be 'viral' enough because that hasn't been tested in court, to now learning it has been tested in court and successfully enforced.
My point is that it doesn’t matter. If it is “viral” to the extent some people are concerned about, Amazon can find ways to firewall it.
If it isn’t, then they it doesn’t really hamper their business model at all.
The Neo4J case was one piece of a longstanding part of GPLv3 caselaw where the virality is clear.
>My point is that it doesn’t matter. If it is “viral” to the extent some people are concerned about, Amazon can find ways to firewall it.
Just a recap of your responses so far:
So AGPL has no case law and might even be unenforceable, so therefore it you should use non-free source available licenses. Oh, it does have case law and hyperscalers have been forced to open source their forks like of BDB?
Well, the virality hasn't been tested and FSL would be an easier case. Oh, it has been tested, multiple times and licensees have had to work out an agreement like in the Neo4j case - such that judges would actually be able to rely on prior art unlike FSL?
Okay, well, even if that's all true - Amazon could just firewall it anyways. How? Well they would simply use vast resources to create proprietary hardware, create a fork for proprietary hardware despite that making it impossible to receive patches from the main fork, and then sell that as a service.
Based on the above, I think you've done what you can to convince me.
There will be case law after appeal - FSF seems too timid to sue Neo4j (which they could do) and save decades of work.
maybe I misunderstood what you were saying…
https://www.fsf.org/news/fsf-submits-amicus-brief-in-neo4j-v...
https://sfconservancy.org/news/2025/jan/13/neo4j-amicus/
Well I guess they could today, I don't see the AGPL preventing them to. As long as the modified source is available under the AGPL I suppose they'd be good to go.
A license that forces someone to release software for specific hardware would be non-free I suppose.
I don't see this being practical though. Running proprietary hardware just for this reason would likely be costly, and not really efficient: someone could restore support for general hardware from upstream / only keep the interesting changes.
Can I catch GPL inadvertently and against my will? No, it is not "contagious".
They adopted the existing Debian Free Software Guidelines as the Open Source Definition. The DFSG are good, actually, and represent an important community consensus outside the FSF.
Also if you read the original DFSG the clause about field of endeavor has been interpreted by OSI differently from the intent.
It was about saying your license can’t prevent an end user of your software from using it for a specific purpose. It really says nothing about restrictions on how you can sell the software.
The problem is OSI is now the sole interpreter of the definition.
— https://www.gnu.org/philosophy/free-sw.en.html
162 more comments available on Hacker News