How's that open source licensing coming along? That well, huh?
- Reference: 1740395293
- News link: https://www.theregister.co.uk/2025/02/24/open_source_licensing/
- Source link:
Dr Dawn Foster, director of data science at the CHAOSS Project, presented research at this month's State Of Open Con '25 in London, showing what had happened to three projects – HashiCorp's Terraform, Redis, and Elasticsearch – after their licenses were changed. All three made the tweaks due to what Foster called "pressure from investors to increase profitability."
In all three cases, the license changes led to forks in the code. Terraform begat [1]OpenTofu ; a fork of Elasticsearch became [2]OpenSearch ; and from Redis came the [3]Valkey fork .
A 'victim of its own success'
The Register spoke to the founder and former CEO of Percona, Peter Zaitsev, about the licensing issue.
According to Zaitsev, the definition of open source was being eroded in pursuit of monetization. "Open source became big, and now in a lot of cases, it's a victim of its own success," he said.
Zaitsev foresees increased polarization of open source. "I think people understand that the open source license is not enough."
Zaitsev also highlighted the need for contributions to a given project to be from multiple sources, to ensure that if one group did not wish to contribute anymore, the health of the project would be assured: "The project is much stronger than any company."
The [4]CHAOSS project is all about better understanding open source community health and, in the three examples of forks arising from license changes, Foster's research looked initially at repo activity: commits, additions, deletions, contributors, and so on. Foster noted that more metrics could be used, but "this is really just a start."
However, it also shows what can happen when a vendor changes a license, particularly if that vendor is relying on community contributions.
[5]
In the case of Elasticsearch and HashiCorp, relicensing didn't dramatically impact contributors since most of the contributions were internal – neither had much of a community contributing to the core product.
[6]
[7]
However, according to Foster, "there was a pretty big impact on some users of Elasticsearch, who had to decide whether they could use it." One result of the decision to adopt a more restrictive license was Amazon [8]forking the project in the form of [9]OpenSearch .
Foster compared Elasticsearch from a year before the relicense to a year after. The result? Not a lot of change in contributions, since more than 90 percent of contributors were Elasticsearch employees. Similarly, Amazon's fork was mainly worked on by Amazon employees until the project was brought under the umbrella of the Linux Foundation. The move has resulted in more non-Amazon employees contributing.
[10]
Terraform was similar to Elasticsearch in that the vast majority of contributions to the project came from one company: HashiCorp. However, unlike OpenSearch, the fork of Terraform – [11]OpenTofu – was under a foundation from the start rather than a company, meaning that contributors came from a diverse range of companies, including Red Hat, from the beginning.
Foster noted that none of OpenTofu's contributors had previously contributed to Terraform.
This was not the case with [12]Valkey , a fork of the Redis project where a significant number of contributors had also contributed to Redis. After the Redis license change, many switched to Valkey with the result that contributions from non-employees dwindled.
[13]As Amazon takes over the Bond franchise, we submit our scripts for the next flick
[14]Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable
[15]Check out this free automated tool that hunts for exposed AWS secrets in public repos
[16]Loken: An easy interactive way to better looking websites
The takeaway is that forks from relicensing tend to have more organizational diversity than the original projects. In addition, projects that lean on a community of contributors run the risk of that community going elsewhere when relicensing occurs.
"Projects with greater organizational diversity tend to be more sustainable over time," Foster said. As time passes, the impact of the license changes will become clearer. Foster concluded: "It remains to be seen over the longer term if these types of forks might actually become more sustainable than the original projects if any of these vendors continue to struggle to meet the expectations of their investors." ®
Get our [17]Tech Resources
[1] https://www.theregister.com/2024/10/18/hashicorp_hashiconf_terraform_updates/
[2] https://www.theregister.com/2022/02/17/elastic_amazon_trademark/
[3] https://www.theregister.com/2024/09/20/redis_users_considering_alternatives/
[4] https://chaoss.community/
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z7ylsnKFsntpXb-3spyf_AAAAMs&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z7ylsnKFsntpXb-3spyf_AAAAMs&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z7ylsnKFsntpXb-3spyf_AAAAMs&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2021/01/22/aws_elastic_fork/
[9] https://www.theregister.com/2021/04/13/aws_renames_elasticsearch_fork_opensearch/
[10] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z7ylsnKFsntpXb-3spyf_AAAAMs&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[11] https://www.theregister.com/2024/04/04/opentofu_on_forking_terraform/
[12] https://www.theregister.com/2024/04/03/open_source_redis_alternative/
[13] https://www.theregister.com/2025/02/21/amazon_bond_franchise_sold/
[14] https://www.theregister.com/2025/02/21/linux_c_rust_debate_continues/
[15] https://www.theregister.com/2025/02/19/automated_tool_scans_public_repos/
[16] https://www.theregister.com/2025/02/17/loken_css_synthesizer/
[17] https://whitepapers.theregister.com/
Re: Working as Designed?
What article did you read? This one is based on studies of 3 projects that changed their licenses and for 2 of them it made fuck all difference.
Where did you get "loss of reputation and efficiency" from?
Re: Working as Designed?
> for 2 of them it made fuck all difference.
Only in the context of source code contributions. That people left to create forks demonstrates a loss of trust and reputation, and that the forks continue to endure indicates similar work is likely being done across the original and the fork - a loss of efficiency in the sense of duplicate development effort.
A significant factor could be whether the non-comapny contributions involved an assignment of copyright. If the original contributors retained copyright then it would be legally tricky to change the licence although it might simply be a case of big corp vs small contributor.
If you choose the right FOSS license, and extra terms from the onset, all is well with the world.
So many companies choose the GPLv2/3 because it is "trendy" .
but if your company is contributing 90% of the code. Maybe a permissive license (MIT/BSD/APACHE) is better suited.
Or, a GPLv2, but you only pull commits if license ownership is transferred to the organization.
Anywho, only tiime will tell with these 3 projects
Simple explanation to low contributor count
One reason to explain the low contributions, to Terraform at least, is that the repository that was forked is for the core Terraform binary/language. That doesn't really change all that often.
What _does_ change often are the individual providers, for things such as AWS, etc. which are in separate repositories and are (currently) still licensed under the MPL or similar, so they haven't had a need to fork those yet.
This sort of thing isn't new; there have been many examples over the years of what happens when you change the licence on your software and piss off a substantial fraction of your contributors. OpenSSH has its origins in changes to the SSH licence; Xorg replaced XFree86 due to licence changes in XFree86 4.0. Who now uses SSH or XFree86? Sometimes you don't even have to change the licencing if you can find another way to piss off your user base; ZIP files exist because SEA sued PKWARE over PKARC and SEA/ARC are now effectively dead.
Do the people who try to monetise other people's work not read any history?
Working as Designed?
Attempt to create walled garden causes perpetrator to suffer loss of reputation and efficiency; isn't that what the Founders of Open Source hoped would happen?