'Source available' is not open source (and that's okay)

I certainly don't have all the answers here but the entire $300B+ SaaS industry (and a bunch of other stuff that behaves like SaaS) was built in great part on a loophole in the GPL. More precisely, many of the people who licensed their code under GPL were eventually dismayed when they realized you could sell access to whatever you like built on top of that code, over a network, and you wouldn't have to distribute the source. The AGPL was devised to close this loophole.

There are really two dynamics at play, one is that there are people who want to give a gift to the world and promote a culture of sharing, in fact they want to REQUIRE you to pay it forward if you use their stuff. That's the ethos behind GPL and AGPL. It has proven to be way more effective than the bean counters expected!

The other dynamic is the more conventional profit making and taking which has perceived a loophole and used it to make some extra bucks on the backs of the nice sharing guys.

I don't have anything against profits, I like money and I own a business where we choose to keep some code totally closed source because money. But you can't deny that this division exists. And I think this dynamic is what most of the dilemmas in the OSS world really arise from, there is a strain of altruism since the early days of the movement which has been betrayed, for many it feels awful if you've released GPL'ed code and then watched Big Tech promptly pile a bunch of proprietary code on top of it and use the resulting machine to strangle the freedoms of the human race over the Internet. You don't automatically get to squeeze profits from a thing just because it's out there and it's shiny and nice. That may not be why the author built it. It may be a betrayal of their intent if you do.

It is not possible to create a license that would satisfy the Free Software Foundation's "four freedoms" while also solving the issues many of those vendors have with the AGPL. At the same time, the "source available" mindset doesn't have a steward organization like the FSF or OSI.

Source available isn't a license, it is the lack of a license. It's the legal default state for all art.

> Personally I think differentiation between "open source" and "source available" is good

Maybe, but I think that "source available" isn't detailed enough and can mean many many different things.

> Source available means I can basically help debug issues I have...but I expect that a paid licence is required and will have a selection of limitations (number of nodes, etc).

Point in case. For me there is one group, under something like BSL or FSL or SSPL which mostly restricts you from competing with the project's creators (e.g. making your own SaaS out of it), but everything else is fair use, you can use it in prod to make money at any size, etc. And a separate, more restrictive one, which has size, or production restrictions (you can't run the software if you're a commercial entity).

Source available sounds like a good description for the second one, because it's just available, little more. But for the first one where you can do whatever you want with one single exception that doesn't impact 99.9999% of potential users, it's not a good and clear enough description.

"Source Available" means that it can become "Source Unavailable" overnight.

See the "Our Machinery" fiasco.

Yes, Open Source isn't a complete defense against this (especially when there are copyright assignments). However, it sure makes it both a lot harder to pull off and a lot less useful to even try.

> What principles and values of the open source movement are protected by staunchly refusing to allow "source available" to call itself open source?

The part where the license says "Don't run this on your server and charge people money for it, or we will sue you"?

I know that everyone thinks of Big Tech absorbing your project into their SaaS when they do this, but there are other ways (say AGPL) to combat that. O'SaaSy seems to me to be essentially a "give us your code for free, and you can self host it, but don't dare to charge $$ for it or else!" license.

Now you're bringing lawyers into the picture for anyone who's hosting your software on their servers. It's very reasonable for a SaaS company that wants to defend its moat, but it's not Open Source.

(Talking of, I'm actually curious if anyone has seen actual self-hosted Fizzy instances in the wild.)

If something is open source and follows an OSI approved license I don't have to ask a lawyer to review the license before I integrate with that code.

The moment you change a single line of that license I now have to pay extremely close attention to those details again.

This isn't a naive idealism thing - there are very solid, boring, selfish reasons for caring about this.

FOSS was founded on The Four Essential Freedoms: https://en.wikipedia.org/wiki/The_Free_Software_Definition#T... that GPL/LGPL were devised to embody. Shared source licenses don't adhere to freedom 0.

I think it comes to analogies, with open source you have a public park you are free to use. With source available it is public park you are free to look at behind a fence... So not actually public park. Still a fine thing to exist.

As user as well. Difference between I can use this for free and I have to pay to use this. Even if I can see parts inside is significant.

It might not be real principle, but at least it is real difference.

> bickering between people on the same team.

Uh.. are they?

I'm somewhat sympathetic to licenses that will be open source in X years, but the open source ethos is that, with proper attribution, we can do whatever with the code, the only restriction being that for some projects a derivative work needs to also be open source (while others don't care even about that)

If we were to welcome non-open source projects into a larger community, we should probably begin with licenses that forbid the usage of the software in military and things like that. Which fails to be open source for the same reason: it puts limits in how you can use the code

They’re not at all on the same team. “Open source” is given away for free, to do what you want with it. Source available is not. Fundamentally they have nothing in common other than the fact that you are allowed to read the source code.

Not the same team. Open source isn't really about the license, and it's also not even really about the source; open source is a philosophy centering open development and collaboration. Sharing the source is necessary, but not sufficient. Too often, "source available" means you get to see the source, but you are not invited to participate in development, and certainly you're not going to be participating in collaboration.

"Source available" projects want the benefits of being associated with that egalitarian philosophy because it's popular amongst technologists, who are their initial customers. But they don't want to actually practice the philosophy because their core interest is protecting their IP to turn a profit, not open collaboration and development. Outside contributions are considered a liability in many source available projects [1].

This is important because source available projects have in the past resulted in a "rug pull", when the project gets enough airspeed, so they start putting more work into the closed source to placate their investors. Once the technologists are not the primary users, the entire source available charade is done. The available source becomes deprecated, features are moved to the closed source branch, and eventually the available source rots.

One final point: if we call source available "open source", then what are we going to call open source to differentiate it from source available. Because they're actually different things.

[1]: For example, many projects won't even allow outside contributions, but when they do, you'll have to sign some sort of contributor agreement: https://www.scylladb.com/open-source-nosql-database/contribu...

Edit: (this is to the response below me, as I'm rate limited now and I'm going to bed so I'll forget to post this tomorrow)

If anyone tried to do this then the project would be forked immediately. An open source project can go closed source, but as an OSS project, everyone should already have everything the need to keep it going despite that, and that all remains open. That's why we love open source.

Also, it'd be really hard to pull off if they've accepted a lot of outside contributions -- when you submit code to an open source project, you retain the copyright. This is not a problem as long as the project is licensed under the agreement under which they submitted the commit, which only grants rights to redistribute under that license. At least that's how it works with Apache 2.0 (I believe, IANAL). So to go closed source, they'd need agreements from all of their contributors to do so.

Now, it can happen. MongoDB is an example. But as far as I can tell, you'd have a hard time of it if you accepted contributions from people and they.

Some people have internalized the words "open" "source" to mean more than the words, even going so far as to eschew the benefit (which was at the heart of the Stallman problem) because it doesn't fit the desired ethos and license. It's counterproductive, indeed.

> I do think we need more Source Available licenses in the world. Certainly I would greatly appreciate being able to browse the source of the many proprietary software systems I've administered over the years.

Yeah. Releasing a project under a source-available proprietary license and calling it Open Source, or doing a rugpull and changing an established Open Source license to a source-available proprietary license, is the kind of thing that causes the most grief. If you release something under a source-available proprietary license and make no pretenses about it being something else, and the alternative was not releasing it at all, it's a (slight) improvement.

> I do think we need more Source Available licenses in the world. Certainly I would greatly appreciate being able to browse the source of the many proprietary software systems I've administered over the years.

I think we need more differentiation and different terms. Because O'Sassy / FSL / whatever that just forbids other companies from selling the same software as a Service is quite different than just the source being available with no rights at all, or with restrictions on who can use it and when (size of company, for profit or not, production, etc).

> If you don't want start a business and make real money from your software then denying that to others is antithetical to the concept of open source and free software.

What if you do and have done so, yet you're competing with e.g. AWS, GCP, Azure, who can do it for cheaper than you due to scale, and also have a much easier time to sell an extra line item to their existing customers vs you having to go through commercial negotiations and purchase agreements? Cf. Elastic, Redis, etc.

Now it all makes sense, thank you.

> After all, who reads blogs?

I used to read yours, anyway!

If the literal lawyer who specializes in licenses doesn't have a clear point of view on this, what hope do the rest of us have?

> There is another, I think different, form of "source available" that I've seen a bit lately, similarly from corporate/commercial sponsors: the source code is released under an OSI approved license (e.g. BSD, GPL licence) and the owner maintains and develops the code in an ongoing fashion, but there is no way to easily interface with the developers, contribute changes back to the project, nor is there any public facing bug tracker or developer/user community. To me this is just as much "not open source" as a specific no-compete with the primary project sponsor.

No, that's very much open source - in fact, it was the way most big name open source projects were developed back in the early days. See the famous "the cathedral and the bazaar" essay. Public bug trackers and widely soliciting contributions to mainline are relatively new phenomena, but you always had the right to fork and maintain and share your own fork, and that's the part that's essential.

How easy do you have to make it to contribute to be considered “open source”. Obviously, no project accepts every single pull request. Where is the line between “open source” and “no open source” in your definition?

> To me this is just as much "not open source" as a specific no-compete with the primary project sponsor.

I feel like this is a completely different conversation, but this is just as much a misunderstanding of what open source is as DHH's.

As long as the code is under BSD or GPL, you are free to take it as-is and do what you want with it. You could run your commercial service using it. You can certainly write patches and apply them to your own servers. You could even email the maintainers with them -- worst case is that they will ignore the emails!

Open Source does not guarantee that your contributions will be accepted or merged back to the project -- indeed, if you think about it, that would be absurd. I might want some random thing in the Linux kernel, but the maintainers will always have the final word on whether they want my patches or not.

The O'SaaSy license says that (essentially) 37Signals will sue you if you try to host this on your own servers, and try to sell it as a service. That's totally different, and a legal rather than a technical hurdle.

> To me this is just as much "not open source" as a specific no-compete with the primary project sponsor.

It’s massively different from source-available in that anyone can fork it for free and start developing it themselves however they want. Just because one fork of the project (the original one) follows a closed development model doesn’t change anything about the code, what you can do with it, and how others can develop it.