• snaggen@programming.dev
    link
    fedilink
    arrow-up
    146
    arrow-down
    6
    ·
    edit-2
    9 months ago

    Didn’t they switch to a license with stronger mechanisms to keep the source available? SSPL, is basically AGPL but have even stronger protection from large corperations to use the code in their data centers without contributing the changes back. This is basically a move to prevent AWS/Google/Microsoft/et al, from leaching on the contributors work without giving anything back.

    Or am I reading this wrong?

    EDIT: Note, that the Mastodon account is to an AWS employee… so for him, this might be bad, since it no longer allows them to have their own internal fork without contributing back. Now, they will need to use a real for and maintain that them selves without leaching on the redis contributors.

    • snaggen@programming.dev
      link
      fedilink
      arrow-up
      93
      arrow-down
      10
      ·
      9 months ago

      I suggest an alternative title to this post: AWS employee is mad since Redis change license to prevent them from leaching

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      44
      arrow-down
      3
      ·
      9 months ago

      The restriction doesn’t only apply to large corporations, it applies to everybody. It restricts what you can do with it so it breaks the fundamental freedoms that make up “FOSS”. As an immediate result it will be removed from Fedora and Debian because they don’t consider SSPL/RSAL to be FOSS:

      https://gitlab.com/fedora/legal/fedora-license-data/-/issues/497

      https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915537#15

      • rbits@lemm.ee
        link
        fedilink
        arrow-up
        8
        arrow-down
        1
        ·
        9 months ago

        it breaks the fundamental freedoms that make up “FOSS”

        Why? All the license says is that if you provide it as a service you must release the source code.

        • lemmyvore@feddit.nl
          link
          fedilink
          English
          arrow-up
          5
          ·
          9 months ago

          It says that you must release all your source code, even the stuff that isn’t covered by the license. From Wikipedia:

          anyone who offers the functionality of SSPL-licensed software to third-parties as a service must release the entirety of their source code, including all software, APIs, and other software that would be required for a user to run an instance of the service themselves,

      • matcha_addict@lemy.lol
        link
        fedilink
        arrow-up
        7
        arrow-down
        15
        ·
        9 months ago

        Fedora and debian support the corporate definitions of FOSS, so their opinions do not matter here.

        it applies to everybody

        I don’t think most of us want to offer services by hosting a service without contributing back the code. If they do, I am happy that it is a requirement that they give back. Only for-profit companies will have an issue with this.

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      arrow-up
      31
      arrow-down
      1
      ·
      9 months ago

      They could just use AGPL. Amazon would need to contribute back, but with no restrictions on who and how can run it. Current licence has a clause that prevents any providing of the software on the network.

      • yildolw@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        9 months ago

        Does that prevent my managed Mastodon instance host from providing Redis over the network to my Mastodon, or does that count as them providing Redis to themselves and then providing Mastodon to me?

        • xthexder@l.sw0.com
          link
          fedilink
          arrow-up
          11
          ·
          9 months ago

          The wording says “third-parties as a service”, so as long as Redis isn’t accessible by people outside your organization, it’s fine. But paid Redis hosting wouldn’t be allowed on the new license.

          • rbits@lemm.ee
            link
            fedilink
            arrow-up
            2
            ·
            9 months ago

            But paid Redis hosting wouldn’t be allowed on the new license.

            Where does it say this? I can’t see that in the SSPL

            • xthexder@l.sw0.com
              link
              fedilink
              arrow-up
              3
              ·
              9 months ago

              It’s in the RSALv2:

              You may not make the functionality of the Software or a Modified version available to third parties as a service

              • rbits@lemm.ee
                link
                fedilink
                arrow-up
                4
                ·
                edit-2
                9 months ago

                Ah right. You could do a paid Redis service if you use the SSPL license though, right?

                • xthexder@l.sw0.com
                  link
                  fedilink
                  arrow-up
                  4
                  ·
                  9 months ago

                  That does seem to be the case. As long as any modifications to the source are publicly available. Which is pretty reasonable.

    • Faresh@lemmy.ml
      link
      fedilink
      English
      arrow-up
      27
      arrow-down
      1
      ·
      edit-2
      9 months ago

      Weirdly OSI doesn’t classify the SSPL as an open-source license because it doesn’t guarantee “the right to make use of the program for any field of endeavor”, calling it a fauxpen license. I don’t think the FSF has commented on the license, though I would be curious what they say about it.

      I imagine they consider it to not give the right to make use of the program for any field of endeavor, because providing the source of the entire stack needed to run the service you provide makes it impossible for users to host their service on stuff like AWS, since it is proprietary.

  • mholiv@lemmy.world
    link
    fedilink
    arrow-up
    120
    arrow-down
    10
    ·
    9 months ago

    For the record. The SSPL that Redis switched to while technically not recognized by the OSI really isn’t bad at all.

    It’s exactly like the AGPL except even more “powerful”. Under the SSPL if you host redis as a paid service you would have to open source the tooling you use to manage those hosted instances of redis.

    I don’t see why anyone but hyper scalers would object. It’s a shame that the OSI didn’t adopt it.

    • baatliwala@lemmy.world
      link
      fedilink
      arrow-up
      47
      arrow-down
      3
      ·
      9 months ago

      From what I’ve understood SSPL is a ridiculously ambiguous license, it’s extreme copyleft. It’s not just “open source the tooling you use to host the software”, it can also be interpreted to mean “open source all the hardware and firmware you use to host the software”. No one wants to risk going to court for that so corporate wants to use SSPL licensed software.

      AGPL is the best license you can go for IMO.

      • mholiv@lemmy.world
        link
        fedilink
        arrow-up
        38
        arrow-down
        2
        ·
        edit-2
        9 months ago

        The ambiguity is a valid concern. Hopefully the next version addresses this a bit better. This being said mega corps will call anything they can’t abuse for profit “extreme”. So if they think it’s extreme that just means we are on the right track.

        • anti-idpol action@programming.dev
          link
          fedilink
          arrow-up
          10
          arrow-down
          4
          ·
          9 months ago

          lmao imagine allowing to run your software only on RISC-V boxes basically, pretty based but also a shoot in the foot in terms of acquiring any major funding

          • mholiv@lemmy.world
            link
            fedilink
            arrow-up
            17
            arrow-down
            1
            ·
            9 months ago

            To be fair the license is not meant to cause this and has never been enforced like this. The license was written for software tooling.

      • fruitycoder@sh.itjust.works
        link
        fedilink
        arrow-up
        4
        ·
        9 months ago

        Huh I interpreted it as “everything involved with deployment” so connecting services, scripts, parts the OS that touch it, and an configurations.

        I guess that is the ambiguity you mentioned

      • JackbyDev@programming.dev
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        6
        ·
        9 months ago

        Regardless of whether it is too strong or too ambiguous, it is absolutely an open source license regardless of whether the OSI and/or FSF approve of it.

    • slacktoid@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      9 months ago

      I wonder who all are sponsoring OSI for them to not recognize SSPL.

  • Dark Arc@social.packetloss.gg
    link
    fedilink
    English
    arrow-up
    71
    arrow-down
    4
    ·
    9 months ago

    https://redis.com/blog/redis-adopts-dual-source-available-licensing/

    This is the announcement.

    This is a disappointing outcome but one that I think has been coming for a while. Amazon has profited off of Redis without giving much back for quite a while (at least I recall this being a complaint of the Redis folks, perhaps others have evidence to the contrary).

    This is pretty clearly an effort to bring AWS to the table for negotiations.

    • lysdexic@programming.dev
      link
      fedilink
      English
      arrow-up
      36
      arrow-down
      20
      ·
      9 months ago

      ${CORPORATION} has profited off of Redis without giving much back (…)

      I don’t understand this blend of comment.

      If you purposely release your work as something anyone in the world is free to use and change to adapt to their own personal needs without any expectation of retribution or compensation, why are you complaining that people are using your work without any retribution or compensation?

      More to the point, why are you singling out specific adopters while leaving out the bulk of your community?

      It makes absolutely no sense at all.

      • Dark Arc@social.packetloss.gg
        link
        fedilink
        English
        arrow-up
        52
        arrow-down
        4
        ·
        9 months ago

        There’s generally an understanding (the GPL folks think it’s naive – and this makes their case) that if you use open source software you should give back to it.

          • alr@programming.dev
            link
            fedilink
            arrow-up
            20
            ·
            9 months ago

            If you’re random Joe Schmoe who happens to need a database, I don’t expect you to contribute. But when you’re of the largest tech firms in the world…

          • silasmariner@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            Absolutely not true. I know this is just my experience, but I’ve worked with plenty of devs who’ve contributed prs and/or donations back to OSS projects in the past, and all my former employers have opensourced at least some of their software

          • Dark Arc@social.packetloss.gg
            link
            fedilink
            English
            arrow-up
            8
            arrow-down
            1
            ·
            9 months ago

            It does, AGPL for servers, GPL for applications… If you make changes they have to be made available or you’re breaking the law.

            • matcha_addict@lemy.lol
              link
              fedilink
              arrow-up
              1
              ·
              9 months ago

              You only have to give back if yours literally redistributing a modified version of the thing.

              If you use the software without modifying it directly (such as building on top of it, or building something that uses it), then that’s allowed.

              Also if you make use of the software commercially, without necessarily distributing it, then that’s also allowed. For example, Google could (I think they actually already do) modify the Linux kernel, and use it all across their company internally. They don’t have to give back, since they don’t distribute it.

              And last, if you don’t modify the software but charge people using it, that’s completely allowed.

              • Dark Arc@social.packetloss.gg
                link
                fedilink
                English
                arrow-up
                2
                ·
                edit-2
                9 months ago

                If you use the software without modifying it directly (such as building on top of it, or building something that uses it), then that’s allowed.

                (IANAL)

                Not in the case of AGPL (use over the network and IPC counts as distribution – presumably proxying the request is insufficient to disable this clause) and even in the case of GPL that’s a very problematic position to put yourself on. You’re basically talking about invoking a foreign process from your primary process to avoid licensing constraints and that comes with a lot of limitations as to what you can do.

                You can modify the GPL program to support more things via IPC but then if that program needs to touch a customer’s computer, you have to contribute at the very least those notifications and any related improvements you made to make that possible or any new feature which makes more sense to be in the tool you’re calling than your tool building on top.

                And last, if you don’t modify the software but charge people using it, that’s completely allowed.

                Yes, but who’s paying for that? If it’s a server hosting company, they’ll pay the hardware rental fee, fair enough. However, you can’t reasonably sell that software itself, people will just build it themselves.

      • brbposting@sh.itjust.works
        link
        fedilink
        arrow-up
        7
        arrow-down
        2
        ·
        9 months ago

        without any expectation requirement of retribution or compensation

        I won’t require you to upvote my excellent comment, but I sure expect it!

        Paragraph three is solid on Wiki: reciprocity - we needs it!

      • merthyr1831@lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        9 months ago

        can guarantee that if redis was closed source from the beginning, Amazon would’ve just made their own clone internally just to avoid paying someone else.

    • Olap@lemmy.world
      link
      fedilink
      arrow-up
      11
      arrow-down
      8
      ·
      9 months ago

      ElasticSearch tried this and lost hard already. OpenSearch has already out paced it in features and performance and ES is effectively dead. Such a braindead exercise to see Redis follow suit

      • MalReynolds@slrpnk.net
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        Generally appropriate response to this sort of thing. Best of luck, consider bringing a boatload of goodwill to the table. I doubt I’m alone…

      • lysdexic@programming.dev
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        11
        ·
        9 months ago

        Such a braindead exercise to see Redis follow suit

        I agree, this sounds like a desperate cash grab.

        I mean, cloud providers who are already using Redis will continue to do so without paying anything at all, as they’re using stable versions of a software project already released under a permissive license. That ship has sailed.

        Major cloud providers can certainly afford developing their own services. If Amazon can afford S3 and DynamoDB, they can certainly develop from the ground up their own Redis-like memory cache. In fact, Microsoft already announced Garnet, which apparently outperforms Redis in no small way.

        So who exactly is expected to pay for this?

        • snaggen@programming.dev
          link
          fedilink
          arrow-up
          20
          ·
          9 months ago

          Can someone explain the benefit of letting AWS use your product, then throw resources at it to improve it to get and advantage over your product, basically providing a much better product to their users than you would be able to. But they do it without any need to contribute back. I don’t see the benefit of this to the opensource community at all, but people here seems to be quite passionate about it so you must see this differently than I do. So, please explain your view on how such a situation is beneficial to the OpenSource community.

          • WhatAmLemmy@lemmy.world
            link
            fedilink
            arrow-up
            10
            ·
            9 months ago

            FOSS has spent the last few decades operating under the assumption that companies would give back for the greater good if they found value and grew dependent on a project. What they didn’t understand is that corporations are parasites who only care about immediate profits, and are more than happy to abuse the honor system indefinitely. There isn’t any benefit to FOSS to continue operating under this model, which is why FOSS is shifting away from licenses that permit leeching for profit.

            It’s no different to how corporations have worked to destroy the social contract, and do everything imaginable to evade taxes, offshore labor, corrupt our political systems, and not give back to the economies that incubated them and enabled their success — at some point you have to tell them to get fucked, stop being a fucking parasite, and pay their fair share… If they don’t give back and improve things for the majority, they don’t deserve to profit from it.

          • Carighan Maconar@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            5
            ·
            9 months ago

            The idea behind making your software fully open source is that you don’t care either way. And everyone is free to do as they please.

            • snaggen@programming.dev
              link
              fedilink
              arrow-up
              6
              arrow-down
              1
              ·
              9 months ago

              No, that is not all the idea. You might have that idea, but it is not a basic idea at all. To keep something open (as in open source), you must put restrictions that prevents it from closing.

              A government is not more free just because it lacks any restrictions, about becoming a dictatorship. It is just less restricted at this point in time. To ensure a free society, there needs to be restrictions in place that ensures it stays free. The same applies to software.

              Many seems to believe that less restrictions means more free or open, that is not true. It is just less restricted.

              • Carighan Maconar@lemmy.world
                link
                fedilink
                arrow-up
                2
                arrow-down
                1
                ·
                9 months ago

                Oh no,sorry,that’s sorry of what I meant: if you desire additional restrictions you’ll need a license for that - as the redis devs are doing now, in fact.

                Which is fair. Quite fair. But if you do something less restrictive, you quite intentionally go the “dont care” route.

  • snaggen@programming.dev
    link
    fedilink
    arrow-up
    44
    arrow-down
    3
    ·
    edit-2
    9 months ago

    If you think this is bad, then you should make sure to use copyleft licenses.

    EDIT: Just read the details, and it seems that this is just what they did. SSPL is like AGPL with a stronger SAAS is distribution claus. That might not be valid, according to the OpenSource definition, but unless you are planning to modify the code and provide it as SAAS I think this is no a problem.

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      arrow-up
      4
      arrow-down
      2
      ·
      9 months ago

      This is not as bad as they didn’t make the whole thing totally proprietary. But FOSS community definetly would have to seek for alternarives unfortunetly.

  • smileyhead@discuss.tchncs.de
    link
    fedilink
    arrow-up
    28
    arrow-down
    1
    ·
    9 months ago

    You may not make the functionality of the Software or a Modified version available to third parties as a service or distribute the Software or a Modified version in a manner that makes the functionality of the Software available to third parties.

    🫡

    • kureta@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      9 months ago

      x = “make the functionality of the Software or a Modified version available to third parties as a service”

      y = “distribute the Software or a Modified version”

      You may not X, or (Y in a manner that X)

      Perfectly normal legalese. Just like “included but not limited to…” it sets a condition and adds a more specific version of that condition, which seems redundant but helps during actual litigation.

      • xthexder@l.sw0.com
        link
        fedilink
        arrow-up
        6
        arrow-down
        2
        ·
        9 months ago

        I don’t see anything wrong with the quote? Other than the policy itself being a ridiculous change, the wording is pretty standard legal speak. Not sure why you’re jumping to “ChatGPT Lawyer”

        • matcha_addict@lemy.lol
          link
          fedilink
          arrow-up
          2
          arrow-down
          3
          ·
          9 months ago

          You may not X in a way that X

          Definitely reads weird to me. It should suffice to say “you may not X”.

          • xthexder@l.sw0.com
            link
            fedilink
            arrow-up
            5
            ·
            edit-2
            9 months ago

            You may not X in a way that Y implies that You may X in a way that does not Y, and is more specific (and changes the meaning of the license) vs You may not X

            The legal distinction in this case allows for distributing the software for example as source code, but not as a service.

  • Ananace@lemmy.ananace.dev
    link
    fedilink
    arrow-up
    14
    ·
    9 months ago

    Been using the KeyDB fork for ages anyway, mainly because it supports running in a multi-master / active-active setup, so it scales and clusters without the ridiculousness that is HA Redis.

  • matcha_addict@lemy.lol
    link
    fedilink
    arrow-up
    12
    arrow-down
    1
    ·
    9 months ago

    RSAL seems weird and I need to research it more. But I don’t mind SSPL at all. It only hurts companies who hope to use open source without wanting to give back. From my perspective that’s good.

  • Faresh@lemmy.ml
    link
    fedilink
    English
    arrow-up
    6
    ·
    9 months ago

    On another note, what other licenses do you lemmings know that impose more restrictions to prevent your software from being used for evil?

  • C.Ezra.M@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    9 months ago

    I do not understand why would a developer (or development team) change the licensing terms of their software for something stricter, like Redis did. Could someone tell me what the factors are?

    • learningduck@programming.dev
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      I guess it’s things like AWS Elasticahe that made them want to provide their own service without sharing the code with their soon to be competitors.