Change License to a better alternative like AGPLv3 or even stronger license

[ranjithrajv]

What’s the issue with the MIT license?

The problem with the MIT license is that it didn’t imagine cloud computing and how the cloud would come to dominate the world of software. Cloud companies download open source software, modify it, run it on their servers and resell it as a service.

They’re not actually “distributing” the software because users never have the software installed on their computers. It means that cloud corporations have no obligations to contribute their modifications back to the open source community.

And this is against the spirit of free and open-source software. So there’s a license that considers cloud computing too.

What is the GNU AGPLv3 license?

Copyleft license: “If you make a derivative work of this, and distribute it or run it as a service on a server to others then you have to provide the source code under this license” In the early 2000s, Stallman and others tried to close this cloud computing loophole and protect open source from this abuse by creating a new license. The GNU Affero General Public License (AGPL) was born.

What are the benefits of the AGPLv3?

The AGPL license is identical to the original GPL license with the only additional term being to allow users who interact with the licensed software over a network to receive the source for that program.

AGPL is designed to ensure corporations contribute back to the open-source community even when running the software as a service in the cloud.

If you used AGPL-licensed code in your web service in the cloud, you are required to open source it. It basically prevents corporations that never had any intention to contribute to open source from profiting from the open-source work.

It explicitly prohibits corporations from parasitically competing with an open source project. They won’t be able to take the code, make changes to it and sell it as a competing product without contributing those changes back to the original project.

Here’s that extra paragraph: If you run a modified program on a server and let other users communicate with it there, your server must also allow them to download the source code corresponding to the modified version running there.

What are the restrictions with the AGPLv3?

• A corporation needs to be clear and provide a prominent mention and link to the original project so people that are considering to use their version of software can be aware of the original source
• If a corporation modifies the original software, they need to open source and publish their modifications by for instance contributing back to the original project

So how can a corporation commercialize a FOSS project without open sourcing their modified code? They can purchase a commercial license to remove the copyleft restrictions and in that way support the original project. FSF recommends the AGPLv3 license for projects in the cloud

Free Software Foundation (FSF) and the GNU project state:

We recommend that people consider using the GNU AGPL for any software which will commonly be run over a network.

If it is likely that others will make improved versions of your program to run on servers and not distribute their versions to anyone else, and you’re concerned that this will put your released version at a disadvantage, we recommend the GNU Affero General Public License (AGPL). The AGPL’s terms are almost identical to the GPL’s; the sole substantive difference is that it has an extra condition to ensure that people who use the software over a network will be able to get the source code for it.

[abhibeckert]

this is against the spirit of free and open-source software

It's against the spirit of free software.

Open Source software specifically requires allowing anyone to use the software for any purpose without contributing back in any way. Have a read of https://opensource.org/docs/osd if you don't believe me.

If that's not clear enough, here's a quote from Richard Stallman (edited for brevity, full version here):

open source [...] does not campaign for principles. This is why [The Free Software Foundation] do not agree with open source, and do not use that term.

[richRemer]

Are companies actually modifying this software? Are there any real-world examples of this package's usage in modified form that would be handled differently under AGPLv3 than it would be under MIT?

As an aside, there was no misunderstanding with the MIT license. The MIT license came about in an environment not far removed from time share computers. The license does exactly what it was intended to do in the cloud. Individual users of the license might not understand software licensing, but the ones writing the license absolutely did.

I release all my software under the MIT license. This isn't because I don't understand what it does or because I don't understand free software. Free software to me means that people who get my software have the freedom to use it and alter it to their own needs. This is how software worked before licenses. It's the default license for professionals with a passion for the craft.

[DeadlySurgeon]

The issue with changing the licensing would be that you'd require the major contributors of the project to also allow for their work to be relicensed, as they own their contributions (I don't see any clause in this repo that states otherwise).

Are companies actually modifying this software?

No. It's a library, usually imported from another library, so they are running it. But the idea that companies are profiting by using colored terminals is pretty outrageous, as it's not a hard feature, and what's being done here isn't even that special.

But the idea that an OSS developer would care who uses their software and would be angry because someone managed to profit off of it when they can't spits in the face of real developers who sacrifice their time without the motivation of greed. And to then turn around and choose to act maliciously is beyond crazy. If Marak didn't want to support colors, fine so be it, not that he even was when you look at the contributor graph and see that he didn't even do that much after 2015 outside of a few merges in 2018. Instead, he went to try to cash his repos in, and when that didn't work he decided to harm the community that everyone has built up.

[richRemer]

"the idea that companies are profiting by using colored terminals is pretty outrageous"

Firstly, your idea of outrageous doesn't jive with mine. Secondly, it's that mentality that FOSS was intended to address. Why are we all re-writing the same shit over and over again? It's such a waste of resources. Software that isn't re-used is barely even software; it's just commands you typed into your computer. The whole point of software is the multiplier effect of writing software once, then running it ad infinitum.

That's the beauty of the MIT license. I don't know why anyone would try to monetize an MIT-licensed project. But it's working as advertised.

It's Marak's project. If you don't like it, use any of the other dozens of libraries that do the same thing, but slightly different. If you think it's risky to depend on outside developers, then make your own shit and keep it in house and proprietary. If you want to invite the world into your software developer ecosystem, then you should expect to deal with people who aren't going to do things the way you want.

I don't know what the intentions were, but I hope it was to get junior developers to learn about software licensing, rather than to get companies to pay for terminal colors. The former is a noble and important goal. The latter is the fever dream of a developer having an emotional breakdown.

[abhibeckert]

The issue with changing the licensing would be that you'd require the major contributors of the project to also allow for their work to be relicensed, as they own their contributions (I don't see any clause in this repo that states otherwise).

Contributors also own any derivative of their work. The current project (in its entirety) a derivative of all the work that's ever been done on it.

Which means each contributors (or their employer) owns not just their contribution but effectively the whole project (unless they made very minor contributions).

Changing license is hard. It'd probably be easier to just start a new project from scratch in the new license.

[DeadlySurgeon]

I don't know what the intentions were, but I hope it was to get junior developers to learn about software licensing, rather than to get companies to pay for terminal colors. The former is a noble and important goal. The latter is the fever dream of a developer having an emotional breakdown.

He made it pretty clear it was about the money. He also burned down his place apparently making bombs according to the news, with reports of them being put into fedex boxes. I don't think he is well.

[voliva]

The problem with the MIT license is that it didn’t imagine cloud computing and how the cloud would come to dominate the world of software. Cloud companies download open source software, modify it, run it on their servers and resell it as a service.

Mhh I don't think MIT "didn't imagine cloud computing".

MIT is essentially "you can use this software for anything, even for commercial reasons, you don't even need derived works to be open-sourced with the same license". The only requirement is that the same copyright notice and license must be included.

Probably you meant GPLv3... which yes, they kind of didn't imagine cloud computing back then, so they released AGPLv3 that fixes it. GPLv3 requires you to use the same Open-source license for your derived works you distribute, but there was a loophole with the cloud thing, and so the AGPLv3 was born.

[richRemer]

If there are no known examples of this software being modified by a company in the wild, I would recommend closing this issue or changing it to recommend the GPL. This isn't software that gets run over a network, so the AGPL adds nothing over the standard GPLv3. The AGPL is more for things like network servers.

I'd also be pretty surprised if there are any closed-source projects which currently use this library or any open-source projects that are using it in modified form without releasing changes. If there are, then the GPL would put a stop to that. If the projects that currently rely on this one are open source (for example, if the AWS SDK uses it for terminal colors), then the GPL does nothing because no one is modifying the library.

So, my recommendation would be to simply close this issue or - at the very least - provide some real-world use cases this change is supposed to address.