this post was submitted on 21 Mar 2024
334 points (100.0% liked)

Programming

19200 readers
136 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
334
Redis is no longer OSS (fosstodon.org)
submitted 1 year ago by [email protected] to c/[email protected]
111 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 145 points 1 year ago* (last edited 1 year ago) (5 children)

Didn't they switch to a license with stronger mechanisms to keep the source available? SSPL, is basically AGPL but have even stronger protection from large corperations to use the code in their data centers without contributing the changes back. This is basically a move to prevent AWS/Google/Microsoft/et al, from leaching on the contributors work without giving anything back.

Or am I reading this wrong?

EDIT: Note, that the Mastodon account is to an AWS employee.... so for him, this might be bad, since it no longer allows them to have their own internal fork without contributing back. Now, they will need to use a real for and maintain that them selves without leaching on the redis contributors.

[–] [email protected] 94 points 1 year ago

I suggest an alternative title to this post: AWS employee is mad since Redis change license to prevent them from leaching

[–] [email protected] 44 points 1 year ago (2 children)

The restriction doesn't only apply to large corporations, it applies to everybody. It restricts what you can do with it so it breaks the fundamental freedoms that make up "FOSS". As an immediate result it will be removed from Fedora and Debian because they don't consider SSPL/RSAL to be FOSS:

https://gitlab.com/fedora/legal/fedora-license-data/-/issues/497

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915537#15

[–] [email protected] 8 points 1 year ago

Fedora and debian support the corporate definitions of FOSS, so their opinions do not matter here.

it applies to everybody

I don't think most of us want to offer services by hosting a service without contributing back the code. If they do, I am happy that it is a requirement that they give back. Only for-profit companies will have an issue with this.

[–] [email protected] 8 points 1 year ago (1 children)

it breaks the fundamental freedoms that make up "FOSS"

Why? All the license says is that if you provide it as a service you must release the source code.

load more comments (1 replies)
[–] [email protected] 31 points 1 year ago (6 children)

They could just use AGPL. Amazon would need to contribute back, but with no restrictions on who and how can run it. Current licence has a clause that prevents any providing of the software on the network.

load more comments (6 replies)
[–] [email protected] 27 points 1 year ago* (last edited 1 year ago) (1 children)

Weirdly OSI doesn't classify the SSPL as an open-source license because it doesn't guarantee "the right to make use of the program for any field of endeavor", calling it a fauxpen license. I don't think the FSF has commented on the license, though I would be curious what they say about it.

I imagine they consider it to not give the right to make use of the program for any field of endeavor, because providing the source of the entire stack needed to run the service you provide makes it impossible for users to host their service on stuff like AWS, since it is proprietary.

[–] [email protected] 11 points 1 year ago

I think checking the sponsors page for OSI will be informative.

load more comments (1 replies)
[–] [email protected] 121 points 1 year ago (2 children)

For the record. The SSPL that Redis switched to while technically not recognized by the OSI really isn’t bad at all.

It’s exactly like the AGPL except even more “powerful”. Under the SSPL if you host redis as a paid service you would have to open source the tooling you use to manage those hosted instances of redis.

I don’t see why anyone but hyper scalers would object. It’s a shame that the OSI didn’t adopt it.

[–] [email protected] 46 points 1 year ago (4 children)

From what I've understood SSPL is a ridiculously ambiguous license, it's extreme copyleft. It's not just "open source the tooling you use to host the software", it can also be interpreted to mean "open source all the hardware and firmware you use to host the software". No one wants to risk going to court for that so corporate wants to use SSPL licensed software.

AGPL is the best license you can go for IMO.

[–] [email protected] 38 points 1 year ago* (last edited 1 year ago) (1 children)

The ambiguity is a valid concern. Hopefully the next version addresses this a bit better. This being said mega corps will call anything they can’t abuse for profit “extreme”. So if they think it’s extreme that just means we are on the right track.

[–] [email protected] 9 points 1 year ago (1 children)

lmao imagine allowing to run your software only on RISC-V boxes basically, pretty based but also a shoot in the foot in terms of acquiring any major funding

[–] [email protected] 17 points 1 year ago

To be fair the license is not meant to cause this and has never been enforced like this. The license was written for software tooling.

[–] [email protected] 9 points 1 year ago (1 children)

Regardless of whether it is too strong or too ambiguous, it is absolutely an open source license regardless of whether the OSI and/or FSF approve of it.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 69 points 1 year ago (2 children)

https://redis.com/blog/redis-adopts-dual-source-available-licensing/

This is the announcement.

This is a disappointing outcome but one that I think has been coming for a while. Amazon has profited off of Redis without giving much back for quite a while (at least I recall this being a complaint of the Redis folks, perhaps others have evidence to the contrary).

This is pretty clearly an effort to bring AWS to the table for negotiations.

[–] [email protected] 37 points 1 year ago (4 children)

${CORPORATION} has profited off of Redis without giving much back (...)

I don't understand this blend of comment.

If you purposely release your work as something anyone in the world is free to use and change to adapt to their own personal needs without any expectation of retribution or compensation, why are you complaining that people are using your work without any retribution or compensation?

More to the point, why are you singling out specific adopters while leaving out the bulk of your community?

It makes absolutely no sense at all.

[–] [email protected] 51 points 1 year ago (8 children)

There's generally an understanding (the GPL folks think it's naive -- and this makes their case) that if you use open source software you should give back to it.

load more comments (8 replies)
[–] [email protected] 14 points 1 year ago

They shouldve releases redis under agplv3 if they really want those corpo to give back to community.

load more comments (1 replies)
[–] [email protected] 11 points 1 year ago (3 children)

ElasticSearch tried this and lost hard already. OpenSearch has already out paced it in features and performance and ES is effectively dead. Such a braindead exercise to see Redis follow suit

[–] [email protected] 9 points 1 year ago (4 children)

Opensearch outpaced elasticsearch? This article from April 2023 states otherwise

OpenSearch saw over 3 times less code commits on core, and 14 times less work on important modules

load more comments (4 replies)
[–] [email protected] 8 points 1 year ago (1 children)

Such a braindead exercise to see Redis follow suit

I agree, this sounds like a desperate cash grab.

I mean, cloud providers who are already using Redis will continue to do so without paying anything at all, as they're using stable versions of a software project already released under a permissive license. That ship has sailed.

Major cloud providers can certainly afford developing their own services. If Amazon can afford S3 and DynamoDB, they can certainly develop from the ground up their own Redis-like memory cache. In fact, Microsoft already announced Garnet, which apparently outperforms Redis in no small way.

So who exactly is expected to pay for this?

[–] [email protected] 20 points 1 year ago (4 children)

Can someone explain the benefit of letting AWS use your product, then throw resources at it to improve it to get and advantage over your product, basically providing a much better product to their users than you would be able to. But they do it without any need to contribute back. I don't see the benefit of this to the opensource community at all, but people here seems to be quite passionate about it so you must see this differently than I do. So, please explain your view on how such a situation is beneficial to the OpenSource community.

[–] [email protected] 10 points 1 year ago

FOSS has spent the last few decades operating under the assumption that companies would give back for the greater good if they found value and grew dependent on a project. What they didn't understand is that corporations are parasites who only care about immediate profits, and are more than happy to abuse the honor system indefinitely. There isn't any benefit to FOSS to continue operating under this model, which is why FOSS is shifting away from licenses that permit leeching for profit.

It's no different to how corporations have worked to destroy the social contract, and do everything imaginable to evade taxes, offshore labor, corrupt our political systems, and not give back to the economies that incubated them and enabled their success — at some point you have to tell them to get fucked, stop being a fucking parasite, and pay their fair share... If they don't give back and improve things for the majority, they don't deserve to profit from it.

load more comments (3 replies)
load more comments (1 replies)
[–] [email protected] 44 points 1 year ago* (last edited 1 year ago) (4 children)

If you think this is bad, then you should make sure to use copyleft licenses.

EDIT: Just read the details, and it seems that this is just what they did. SSPL is like AGPL with a stronger SAAS is distribution claus. That might not be valid, according to the OpenSource definition, but unless you are planning to modify the code and provide it as SAAS I think this is no a problem.

load more comments (4 replies)
[–] [email protected] 29 points 1 year ago (5 children)

You may not make the functionality of the Software or a Modified version available to third parties as a service or distribute the Software or a Modified version in a manner that makes the functionality of the Software available to third parties.

🫡

load more comments (5 replies)
[–] [email protected] 28 points 1 year ago (1 children)

wtf

[–] [email protected] 23 points 1 year ago

Yeah...it's unfortunate. There's a good discussion over at hackernews here https://news.ycombinator.com/item?id=39772562

Looks like it's a dual licence now.

[–] [email protected] 19 points 1 year ago (2 children)

all is fine, gentlemen - it has been forked

phew

[–] [email protected] 25 points 1 year ago* (last edited 1 year ago) (1 children)

The old code isn't going anywhere, there are already countless backups and clones. For a fork to actually be meaningful it needs community support and maintainers otherwise it's basically just a clone.

[–] [email protected] 14 points 1 year ago (1 children)

it was a joke

[–] [email protected] 14 points 1 year ago (3 children)

No, I think you missunderstand.... A joke is supposed to be funny.

load more comments (3 replies)
load more comments (1 replies)
[–] [email protected] 15 points 1 year ago* (last edited 1 year ago) (8 children)

What a disingenuous take. Just because the OSI doesn't recognize the SSPL as open source doesn't mean it's not open source.

Edit: Everyone seems to believe I'm saying that because the source is available it should be open source. That's not what I'm saying at all.

[–] [email protected] 26 points 1 year ago (1 children)

It is no longer open source under the definition of Open Source Iniciative, FSF, Wikipedia, RedHat, Cambridge Dictionary, European Union, maybe even Redis themself... Only startups that want gratis marketing seems to disagree.

We had pretty much defined open source for the last 20+ years and one of the requirements is freedom of redistribution at least equal to the developer itself.
For what Redis is doing we already have term source available which makes perfect sense and both are well defined.

If you think open means just "you can see the code", you must prove yourself at this point.

load more comments (1 replies)
load more comments (7 replies)
[–] [email protected] 14 points 1 year ago (1 children)

Well... everyone back to memcached?

[–] [email protected] 10 points 1 year ago (1 children)

If you need a good queue, then postgres is your friend.

load more comments (1 replies)
[–] [email protected] 14 points 1 year ago

Been using the KeyDB fork for ages anyway, mainly because it supports running in a multi-master / active-active setup, so it scales and clusters without the ridiculousness that is HA Redis.

[–] [email protected] 13 points 1 year ago (3 children)

RSAL seems weird and I need to research it more. But I don't mind SSPL at all. It only hurts companies who hope to use open source without wanting to give back. From my perspective that's good.

load more comments (3 replies)
[–] [email protected] 11 points 1 year ago

WTAF? Today is a bad day.

[–] [email protected] 9 points 1 year ago

Read that as reddit

[–] [email protected] 8 points 1 year ago (5 children)

Irrespective of debates on what the definition of "open source software is" or who gets to define it, it is very clear that the SSPL is not a FOSS -- free and open source license -- and that's a shame. Sure, open source still means we can look at the source code, but we do not have the full freedoms to use the code for any purpose. You might retort "but I'm not a aaS provider" so my rights aren't affected.

But that's the thing: the erosion of free software rights is never the end, but then beginning of the end. Much like free speech, such rights must be jealously guarded. Need I mention what happens when there's no one left to speak up?

That some users of Redis never contributed back to the project is beside the point: truly free software is free as in libre: if you want thanks for your work, release it as freemium or some other license. But a FOSS license like BSD-3 has always been thankless and the OSI is correct in calling out the SSPL for not meeting the OSI's Open Software Definition's anti-discrimination clause, nor the FSF's zeroth freedom, amongst four.

Free means free. AGPL is free. But SSPL carves out an exception, making it not free. No amount of sweet talking changes this reality.

[–] [email protected] 10 points 1 year ago

SSPL doesn't carve out an exception, it just has clauses that are difficult for SaaS providers to meet.

[–] [email protected] 7 points 1 year ago (3 children)

By the same argument, wouldn't GPL and other copyleft licenses be considered non-free as well since you are not free to do whatever you want with the source? For example, incorporating it into a proprietary project, refusing to provide the source to users upon request, or not disclosing attribution, etc. The latter would even go against the terms of permissive licenses.

Clearly defining what free, and by extension FOSS, means is very relevant.

load more comments (3 replies)
load more comments (3 replies)
load more comments
view more: next ›