[HN Gopher] HashiCorp Did It Backwards
___________________________________________________________________
HashiCorp Did It Backwards
Author : galenmarchetti
Score : 32 points
Date : 2023-09-05 21:50 UTC (1 hours ago)
(HTM) web link (galenmarchetti.substack.com)
(TXT) w3m dump (galenmarchetti.substack.com)
| pacifika wrote:
| One is best not to make any decisions on how something will be in
| the future. This goes for pre ordering games, to buying software
| licenses, to opensource contributions.
|
| People contributed to the software as it was licensed then, and
| this software is still available under the open source license
| and can't be taken away. Unfortunately that gives no guarantees
| about future versions or versions that never got made.
| galenmarchetti wrote:
| 100% agreed with you...would be safest for everyone to take
| this stance going forward. I do think, and I could be wrong,
| that not everyone realized that the licensing worked this way.
| Or had their guard up when contributing. I think that's the
| issue...perhaps their fault, perhaps not, but I see the issue.
|
| I wonder if this will be an example moving forward that people
| keep in mind when contributing to any OSS project
| elashri wrote:
| Doesn't this mean that people will be more cautious and less
| likely to contribute on the long run? I mean that feels like
| it is against the spirit of open source movement. And yes I
| realize that this is idealistic position and the legal
| aspects gets the upper hand at the end. I just wish things
| didn't go this way.
| wbl wrote:
| Well it does if your contributions are made under the GPL and
| not transfered via a CLA.
| JonChesterfield wrote:
| If they started out openly proprietary, they wouldn't have got
| the same level of contributions from people outside the
| organisation, and wouldn't have reached the current popularity.
|
| Hashicorp did it the right way round. Open source, friendly, rug
| pull, profit, obsolete, forgotten.
| galenmarchetti wrote:
| haha...fair point!
|
| One thing that I've been curious to see, and not sure if anyone
| has done it yet, is a quantification of contribution to
| Terraform, comparing amount of work done from external
| contributors to the work done by Hashicorp-internal
| contributors.
|
| I know it's hard to make the comparison of what is "harder"
| work or "more" work in a software project from looking at
| commits alone, but would be interesting to see nonetheless.
| tux1968 wrote:
| It's not just the work donated via the open source channel,
| it's also the associated credibility, enthusiastic coverage
| and referrals, and general good will, that accrues to such a
| project. None of which they would have enjoyed had they been
| a private project.
| galenmarchetti wrote:
| definitely...and they get to keep that credibility and
| coverage. at least, as long as this move didn't totally
| alienate the folks that got on terraform back then
| eatonphil wrote:
| Well they didn't do it backwards compared to at least some subset
| of peers. Cockroach: Apache -> BSL
| https://www.cockroachlabs.com/blog/oss-relicensing-cockroachdb/
| Mongo: AGPLv3 -> SSPL https://techcrunch.com/2018/10/16/mongodb-
| switches-up-its-open-source-license/ Elasticsearch:
| Apache -> SSPL https://www.elastic.co/blog/licensing-change
| MariaDB (I think): ? -> BSL https://mariadb.com/bsl-faq-mariadb/
|
| I am sure there are more I'm forgetting.
| galenmarchetti wrote:
| this is a great point...further down the comments, an OpenTF
| maintainer made a great point that all of these services are
| "backend hostable" services. Terraform doesn't even have a
| backend service component...Terraform Cloud does, but not
| Terraform itself.
|
| I didn't contemplate this when writing the article but it seems
| like this might be a pretty big factor in the reaction to the
| change. At least to my memory, I don't remember as strong as a
| pushback from any of these companies changing their licenses
| eatonphil wrote:
| > I don't remember as strong as a pushback from any of these
| companies changing their licenses
|
| The Elasticsearch backlash was big for what it's worth, both
| privately inside companies and publicly (AWS forked it).
| galenmarchetti wrote:
| ah wow...I guess that begs the question, "will this just
| blow over". As far as I can tell Elasticsearch continues to
| do well and is more or less in the clear (could be wrong)
| gobins wrote:
| This is probably going to get a lot flake but what did we expect
| when big tech started eating up open source solutions and
| competing with the companies who started the work . MongoDB and
| AWS is a good example. Hashicorp probably realised that they
| should preemptively change the licensing before bigger players
| started using the products to directly compete with them.
|
| I want Hashicorp to survive and be profitable. Fact is, for the
| majority of the users who use terraform, the change in licensing
| does not impact them.
| galenmarchetti wrote:
| True...it's just difficult to draft a license that says
| something along the lines of "If you're Big Tech, we have the
| right to go after you, if you're small startup, you're safe".
|
| I think there's a swath of Terraform users (likely minority)
| who find themselves in a legal gray area, or a legal black-and-
| white area, where they're directly at risk. Even if Hashicorp
| never intended to target small startups with this, the wording
| of the license unfortunately applies and is enough to make
| anyone nervous.
|
| I think MongoDB had a similar issue when they went source-
| available, they seemed to intend to only protect themselves
| from big tech but unfortunately a lot of smaller players got
| spooked. I think (?) it's fine now though
| woah wrote:
| yea, that makes all the difference. If it was almost all
| Hashicorp, the open source was a marketing gimmick and I
| don't blame them for not risking the entire business on it.
| If there was heavy involvement from external contributors,
| then removing open source is more of a rug pull.
| solomatov wrote:
| > True...it's just difficult to draft a license that says
| something along the lines of "If you're Big Tech, we have the
| right to go after you, if you're small startup, you're safe".
|
| Take a look at the license of LLAMA2 by FB. It has a clause
| just like this. I.e. limit by number of users.
| galenmarchetti wrote:
| wow, didn't know about this. very cool + would be
| interesting to see this in more places. Just checked it
| out. for those lazy:
|
| "If, on the Llama 2 version release date, the monthly
| active users of the products or services made available by
| or for Licensee, or Licensee's affiliates, is greater than
| 700 million monthly active users in the preceding calendar
| month, you must request a license from Meta, which Meta may
| grant to you in its sole discretion, and you are not
| authorized to exercise any of the rights under this
| Agreement unless or until Meta otherwise expressly grants
| you such rights."
| arianvanp wrote:
| AGPL it.
|
| Big tech hates it and bans it outright. Which means it's the
| correct choice.
| Znafon wrote:
| It's not just big tech that hates AGPL. If Terraform was
| under AGPL a lot of companies might have to release their
| source code as AGPL too because of its virality. Where it
| stops is not exactly clear from the license.
| jen20 wrote:
| Where AGPL stops is actually very well defined.
| firesteelrain wrote:
| I don't really care what license they use. It gets the job done.
| izalutski wrote:
| Yep, backwards they did
|
| (Disclosure: I'm from Digger and OpenTF so am biased)
|
| Hashi's biggest miscalculation is that they put Terraform (an
| open language / ecosystem) into the same bucket as Vault and
| Consul, which are hostable backend applications.
|
| BSL makes sense for Vault, just like it does for MongoDB. It is
| reasonable to prevent others from charging for hosting your code.
|
| But with Terraform, the backend part (TF Cloud) was never even
| open source. And it's not required for Terraform to work.
|
| Hashi shot themselves in the foot. Unlike with Vault or Consul,
| there is enormous vested interest in the community to keep
| Terraform truly open. Hashi trying to enforce everyone to use
| their non-oss backend with it will only result in Hashi losing
| the privileged (and well deserved) position among providers of
| commercial products in the Terraform ecosystem.
| galenmarchetti wrote:
| this is a great point. I've been following your work decently
| closely but this is the first time I thought about the
| "hostable" vs "non-hostable" differentiation. And thinking more
| deeply on it, of course it matters. There's a pretty big
| distinction and, naively, perhaps their attempt to protect TF
| Cloud with this doesn't even accomplish what they intended for
| it to accomplish. If the backend part is the thing...that was
| never even in contention, anyway. If this is the case, they
| only managed to hurt the community.
| wmf wrote:
| 1. The elephant in the room here is VCs that pushed unsustainable
| pure open source or open core business models during ZIRP. You
| can't do it right from day one if your investors are pushing you
| the opposite direction.
|
| 2. People keep talking about community contributions but hasn't
| Hashicorp rejected all contributions for years?
| galenmarchetti wrote:
| would love to know a definitive/quantitative answer for #2, for
| sure. I do think it makes a difference when it comes to the
| "backstabbing" implications of the change
___________________________________________________________________
(page generated 2023-09-05 23:00 UTC)