fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

11K
active users

Excellent article: I am NOT A SUPPLIER!
softwaremaxims.com/blog/not-a-

You are all on the hobbiest maintainers turf now
softwaremaxims.com/blog/open-s

This guy nails it. If you want me to be your supplier then pay me. Period. Most of this comes from a pathological corporate mindset where sociopathic greed is considered normal. Plus a failure to read the licenses in first place: : software supplied with no warranty of fitness, not even implicit.

Focus more on and less on Open.

Musings about software · I am not a supplierFor the past few years, we have seen a lot of discussions around the concept of the Software Supply Chain. These discussions started around the time of LeftPad and escalated with multiple incidents in the past few years. The problem of all the work in this domain is that it forgets a fundamental point.
NiceMicro

@smxi if at least developers used / , the corporations at least were forced to contribute back in one way or an other, but due to the rampant use of MIT and BSD licenses, they can literally get away without doing anything beneficial for the wider ecosystem while using other people's code (those other people let them do it).

I think the proliferation of MIT and BSD licenses really made the free rider problem much worse than it should be.

@nicemicro valid use cases for bsd type licenses: single project (apache,nginx,openssh) where priority is get that tech into everything. Outside those you are working for free for corporations who will never give back. Truly freed code survives because you can't steal it without obligation. This stopped being a debate years ago:
: linux,libreoffice,khtml>applewebkit>blink
Bsd/mit: Bsds,openoffice,mozilla

It's funny to see people pretend this is a debate when success of gpl transparent.

@smxi I think that the huge rate of burnout in developers that cause issues time and time again can be traced back to this attitude of "I will license it permissively to get it into everything". When the code gets into everything without compensation, the pressure of responsibility mounts, and bad things happen.

It is my personal belief that one's mental health doesn't worth the "bragging right" of one's code getting into a wide range of proprietary garbage.

@nicemicro to me the core mindbug is open source. Vs . If you fall for that trap then one license is as good as another so you'll burn out once reality sets in. I make free software to help the bits of free software ecosystem I can. Free software of course is open source by definition but as ibm-redhat recently showed us the contrary is not necessarily true. Since I've never had any interest in doing unpaid work for billion dollar corporations I used gpl from first day I found it.

@nicemicro Any company that avoids is openly admitting they want to take without giving back. Those are not desirable partners long term as has been proved over and over. Nor are they reliable or trustworthy. Every gpl project has a possible long term future builtin and every non enforced sharing license project can go like a poof of smoke because it has no true code permanence protection beyond last public commit. Like rhel is trying to do while stealing our code to use their stupid word

@smxi honestly, I don't really mind that much what RedHat is doing. No one is entitled to get updates to a software from you just because you gave them an earlier version.

As long as they don't restrict your GPL guaranteed rights for the software itself, they can condition the future business relationship with their customers on whatever they want.

@nicemicro the software freedom conservancy does not agree with your notion. They view it as crossing over a line that actually violates the gpl, but in a way that is hard to prosecute. You';re ignoring their toxic language they used, for example calling derived distros thieves, which is pure bs, rhel steals most of the code they use by that definition. Redhat has had bad behavior twoards gpl for a long time now, the old days are gone, this is corporate profit taking, unrelated to

@smxi I guess I then disagree with the SFC.

I don't say I like how RedHat handled the issue, I ignore the language they use because I don't think that is overly relevant to the issue of software license.

In the end, the original developers have the legal right under copyright law to license their code however they want, and they know that Free Software licenses let others make profit with the code.

@nicemicro re agreeing or disagreeing: they are professional free software licensing attorneys. You have not read their statements on this which are clear and explicit. And contain a lengthy history of bad redhat behavior re free software license violations. Don't have the link sorry.

Only people I saw unable to process that info have jobs that depend on ibmredhat at some level as near as I can tell.

@smxi I have not read their specific opinions, that is true. However it is clear that the GPL does not limit the type of business agreements you do for the purpose of receiving software updates or services. The information I have (i.e., terminating service agreements and not providing future versions) does not affect what the license covers (which is the current version of the software, not any possible future version).

@smxi as far as I know, they do not restrict their customer's access to the source code, and they have no legal recourse to sue you if you redistribute it. However they are free to terminate other agreements (that their customers voluntarily signed with those termination clauses).

So if you know about any specific present issue where they violate the GPL, please let me know instead of accusing me of being a paid shill. I know about their past violations, and I'm not arguing about those.

@nicemicro You seem to be referring to how Red Hat conducted business before they shut down CentOS 8/9.

With their current setup, you as a paying customer get the binary packages, but you don't get the Complete and Corresponding Source Code for your packages.

All you get from them is "[it all comes from the git repos for CentOS Stream, some commits in there, you'll figure it out]". In theory you can find the information, but it's obscured for no reason other than obscuring.

If you redistribute what you got from them, as the GPL requires them to give you the right to do, they will terminate your support contract and access.

@smxi

@clacke @smxi I don't think what you describe here is correct. I think what you describe here is true for their publicly available repositories. As a customer you have the right to ask for the exact source code that your binary packages were compiled from, and I am not aware of any instance of them not honoring them.

@clacke @smxi The GPL does not have any clause that makes a user entitled to any future versions or any tech support.

Therefore, it is not a violation of the GPL to terminate business relationship based on an action that is allowed by the license but not allowed by the business agreement.

Red Hat can't come and take away the code they already gave you, and can't stop you redistributing it. They have all the rights to not talk to you any more though.

@nicemicro @smxi If the license requires them to allow redistribution, and if they ensure redistribution has negative consequences, then a reasonable bystander would say they are not allowing redistribution, but are in effect imposing "further restrictions".

But nobody has gone to court over it yet.

@clacke @smxi

I guess one could interpret that "termination of a service contract in case of redistribution" is "applying further restrictions".

My interpretation as a bystander is, that the service contract is an ongoing thing separate from the software, and it being contingent on "no redistribution" is not a restriction on the redistribution of the software itself. I accept though that it is not a 100% unambiguous thing, and could go either way in a jury trial.

@smxi @clacke Thank you for the link. The article clearly states that there is an active disagreement on the specific issue of "firing a RedHat customer" for exercising rights guaranteed by the software license (paragraph 4, too long to quote here).

It seems to me, that the SFC's biggest worry is that this business model while might not directly violate the GPL, it is very easy to take a small extra step that does. And that is a worry I share and we should keep pressing they don't do it.

@nicemicro sometimes it truly doesn't matter. Take i3. Awesome code and docs and devs. Best in class project. Irrelevant what license they use since it's small and well run and very disciplined. So no negative to bsd type licence. Or with top priority security. They want it in devices that need to be secure primarily. Again small disciplined group with actual reason since security number one. The outside world can't change them. But most projects should put code future first.

@smxi I have no ill thought about the OpenBSD folks, but for me, Free Software is as much about consumer protection as the philosophy. If you license your code in a way that others can lock it down, then you are assisting corporations in their anti-consumer behavior.

I guess it isn't bad that the proprietary device running BSD in the background is secure and hackers can't do secret stuff against me, but it would be even better if the manufacturer also wouldn't do secret stuff.

@nicemicro that gets more into the philosophical side of free software. I lean towards long term good of users, human users. But there are other views like a gift should have no strings attached. But that fares poorly when it leaves human and enters sociopathic corporate realms. Which is why many non techs know Linux today, and most of the world's browsers, and few if any have even heard of bsd.

Real problem now is restrictive licensing like mariadb adopted since gpl fails to protect web.

@nicemicro the definition of free software as you like it here is precisely the , , . Their preambles and bodies are about protecting the rights of users and code authors. Licences like bsd, mit etc have almost no textual content and differ from public domain only in requirement to include license. Nothing about users rights or obligations. So you are talking about a subset of licenses where such explicit rights and obligations are the license.

@smxi I'm strictly talking about what I find important about Free Software, which is not a fact, but my personal opinion.

And the BSD / MIT licenses don't match my preferences, so I don't like them - plain and simple.

@nicemicro I understand certain use cases for bsd type public domain licenses, I've used them for stuff where it truly does not matter, but never for real projects. But I am hampered always by a profound respect for the people in the project,, and , , , etc though I also know I could never collaborate with them because I refuse to give away my free software work to corporations with no sharing back requirements. So we'd never get along, lol.

@nicemicro it's corporations who want to avoid gpl code because that imposes obligations. Developers not in who care about survival of should use licences that enforce code survival and growth. There's a reason bsds are now a blip of a percent of total os now and linux is in and on everything. You have to force sharing and giving back when dealing with the sociopathic corporate sector. Anything else is naive. Except for special cases like openssh, libressl etc.