[License-discuss] Open Source license question

Philippe Ombredanne pombredanne at nexb.com
Wed Apr 10 09:56:30 UTC 2024


Hi Chris:

On Sat, Apr 6, 2024 at 11:32 AM Chris B <kindlysendme at gmail.com> wrote:
> I am an open source project maintainer and I was referred to this
> mailing list recently as a good place to ask questions.
>
> I was recently told by a community member that I should not be using
> the term "Open Source" as it has legal implications and the project
> doesn't fully embrace that term. Here is the argument:
>
> 1- The program has an optional paid component (not open source).
> The core program (that is open source) is fully functional as a stand-alone
> application. But the user has the option to pay for extra features that are
> not open source
>
> 2- The program has an optional telemetry that users can opt in / opt out
> before even installing the program.
>
> 3- Because of 1 & 2, there is a License Terms doc that outlines what is
> open source and what is not, and how the telemetry data is being used
> and what is being sent out.
>
> I have personally seen all of the above in other software that have an
> "Open Source" label. But wanted to check with this group if there are
> any legal implications that I am missing here.

I reckon from other emails in this thread that this seems to be about
this issue [1]

I guess the project has grown popular, and built user goodwill also
because it was Apache-licensed.

>From a casual look, I find these recent [2] licensing term changes [3]
and extra T&Cs [4] to be confusing.
It is not clear to me what is open source, Apache-licensed vs. what is
proprietary code.
I would treat the whole thing as a risky proprietary license because I
cannot make sense of anything.
I feel that I am likely to be pwned unless I buy something. And I
cannot find a way to easily buy anything on the website [5]

The biggest value of OSI-approved licenses is we have well known terms
with no head scratching to determine what they mean.
The license terms at issue here break this expectation and well
established community norm.

I cannot comment on what this misleading usage of open source may mean
wrt. a possible OSI trademark violation.
Or the possible misuse/changes of the Apache license, which may be
another issue to deal with the Apache Software Foundation.

Instead, my advice would be to eschew confusion and avoid crossing
streams by keeping things clearly separated!

- Keep the open source project clearly open source under an Apache license.
- And move the proprietary code elsewhere in a separate repo and do
not pretend this is open source.

Unless the goal is confusion, quid-pro-quo and deception in misleading
users to believe this is a bona fide Apache license.

Your users will thank you for this.

[1] https://github.com/caprover/caprover/issues/2036
[2] https://github.com/caprover/caprover/commit/ea1b06a1a6c1d6d153348572bb274bb22cd31b77
[3] https://github.com/caprover/caprover/blob/master/LICENSE
[4] https://github.com/caprover/caprover/blob/master/TERMS_AND_CONDITIONS.md
[5] https://caprover.com/

--
Cheers
Philippe Ombredanne



More information about the License-discuss mailing list