Open Source Undefined to the Point

Reflecting on the issue for a few weeks, my conclusion boils down to a few simple guidelines.

  • Arguing about the “true definition” of “Open Source” is futile. It’s a waste of your and other’s time. Avoid it.
  • “OSI-compliant” is a useful, precise term. If you value OSI compliance, use that.
  • Always do your homework.
  • We can learn something from Creative Commons.

Let’s dig into these ideas into a bit more detail

Do your homework

If you are interested in using, modifying or redistributing a software product and Open Source is relevant to your adoption/purchasing decision, then you should always do your homework and find out:

  • What is the license on the software?
  • What is the license on the code?
  • Are there additional contracts to sign which may override certain liberties granted in the code license?
  • Is there a piece of the product that is derived from proprietary code? What is the license on that? And how substantial or relevant is that code?

These are the questions that actually matter, not “is it Open Source?”, because 1) that term is incredibly ambiguous, 2) and you can meet even the strictest definitions of Open Source while still obviously circumventing them. For example:

  • Open Core companies claiming they are “open source” but base a large part of their product on proprietary, closed and heavily restricted code.
  • Imposing additional restrictions via customer contracts (effectively closing the code - e.g. RedHat does this - or adding other restrictions such as commercial ones - e.g. Commons Clause does this)

Software that is on the surface, not “Open Source” or “OSI-compliant” may in fact be more liberal and permissive (e.g. Fair Source). We tend to get stuck at the superficial Open Source definition debates instead of looking into the actually relevant licensing/contractual specifics.

  • is the vendor reasonably transparent ore more deceptive? In my experience, some people just don’t really care, and that’s fine. Some companies are transparant and are rewarded with appreciation, others are more sneaky, and are able to trap customers. Not my place to say what’s right / wrong

governance model/trademark

  • Talk about OSs like aopi . Specific output. Tolerant input. Always deep understanding anyway. Caise term has always been extremely broad and almost meaningless
  • OSI has long list. I have long list
  • Both are meaningless
  • Part of the problem is trying to bundle different licenses into categories. If we just had a handful of licenses we could just read the license and no extra term
  • But also for that , ship has sailed
  • better way to phrase it: - Needless license abstraction layer. Want to minimize proliferation anyway. Just permissive Mit / Apache , and copyledt anyway

Conclusion:

be conservative in what you send, be liberal in what you accept

Source https://en.wikipedia.org/wiki/Robustness_principle

Add comment