Yeah, but that's a really dangerous position to take and if they'd work with me I'd be quick to set them straight. Because that path leads to legal adventure.
I'd add "redistribute" to the GP's definition, but the point stands that the definition of "open source" is not "licensed using an OSI approved license"
Whether or not it's OSI approved or not isn't relevant, but if it doesn't meet their definition or something similar (https://opensource.org/osd) then it probably isn't what most of us would call open source.
How about I create a license called the ABA (anyone but amazon) license. If you're not Amazon/AWS/a subsidiary, it's just the MIT license. If you are, then you have no rights to use the software. Would you call that an open source license? I wouldn't. An important point (I thought) of open source was that the rules are the same for all, whether you're using it for personal projects or the biggest business on earth, whether you charge money for it or do it for free.
That's a fine interpretation of the term for amateurs.
By which I mean, it's probably fine to think of things that way when you're working in an amateur capacity. If you're working in a non-amateur capacity, thinking about things that way could result in unwittingly exposing yourself to more legal risk than you want.
I don't think simply checking that the license is "OSI approved" gives you many legal guarantees. There are currently 83 "OSI approved" licenses containing a variety of terms, from aggressively copyleft to extremely permissive: https://opensource.org/licenses/alphabetical
I don't either. . . we might be playing a game of moving goalposts here. I was specifically responding to the observation that, "Open source for most people means whether you can see and modify the source code.", and saying that that, while that is a workable definition, it's probably not one that most people want to use.
You might want to be a little tighter with that definition. You can find the source for all sorts of crazy stuff. And with that, you can modify it.
Oracle or Microsoft or any other copyright holder that didn’t release that is going to be ticked off at you.
There has to be some element of the author wants you to have it.
I know this sounds silly and pedantic. I think there have been organizations that ignored copyright and released stuff they didn’t control the rights to.
You might want to tack on something about the authors want me to have access to this.
… And I think this has exactly been @bunderbunder's argument from the start? That the "definition" put forth by threeseed is naïve and could at best be usable on an amateur level, but as soon as you start having money involved, you really want a more in-depth/verbose/specific definition (like the one the OSI provides), rather than simply being "I can read (and thus modify) the source."
Part of why I originally used the term "non-amateur" instead of "professional" when I described people who shouldn't work under that definition is that, while students and maintainers of open source projects might not be getting paid for what they're doing, they still have compelling reasons to be more careful about licensing.
One worst-case scenario for a student might be that some software licensing snafu threatens their academic work, and, by extension, their whole career. And open source project maintainers have an ethical responsibility not to get users of their work into legal hot water.
For those people, falling in line with OSI offers a huge advantage: You can't avoid crossing the software licensing legal tightrope. But, by sticking to working with OSI-approved licenses, you can at least ensure that you're working with a net.
> That's a fine interpretation of the term for amateurs.
That's a seriously polarizing statement that you've made.
While I understand that your argumentation is from points of law, I think you need to realize that the term open source, was pushed by us, the developer community and so I feel that it is us amateurs that have the right to maintain the heart of the law. So, revisiting the heart of the matter:
"We had identified free software as a promising approach to improving software security and reliability and were looking for ways to promote it. Interest in free software was starting to grow outside the programming community, and it was increasingly clear that an opportunity was coming to change the world. However, just how to do this was unclear, and we were groping for strategies." [0]
So, what MongoDB has done is in fact increased (imho) the open source aspect of their offering by attempting to curtail corporate abuse. You should be thanking them.
No, it has nothing to do with "amateurs". Whether the source is open and what the license dictates are two wholly different things. The danger is exactly in conflating the two.
Take for example the NPOSL-3.0:
A variant of the Open Software License 3.0, this license requires that the organization using it is a non-profit and that no revenue is generated from sale of the software, support or services.
The source is open, but you can't use it outside of non-profit orgs. It's "Open Source™", it's approved by OSI, and it can still get you in legal trouble.
Huh, how on earth did that get approved. It violates Section 6 of the definition: "No Discrimination Against Fields of Endeavor" (which specifically has the example of discrimination by disallowing software use within a business).
Personally I never liked the OSI's definition of "open source", and the FSF definition of free software has always felt (for me) to be far more fundamental.
If you never liked the OSI's definition of "open source", what do you think about the Debian Free Software Guidelines?
About the discrimination of fields of endeavour, please read the sibling comment to yours. I think you and the grandparent have both misunderstood the license.
I went and re-read Section 17 (the only section that is different from the OSLv3) and yeah it looks like tl;dr legal misrepresents what the license requires. Effectively, it requires that if you redistribute it and want to do so under the NP-OSLv3 you must make a declaration that you're a non-profit and so on -- otherwise you must distribute it under the OSLv3 and clearly state this is the case. (I don't really see the benefit of such a license, but each to their own.)
Looks like I was wrong. Regarding the DFSG, I think it was necessary (according to Bruce Parens it was the DFSG which convinced Stallman to distribute his four freedoms definition more widely). I think the DFSG is a decent set of guidelines that help avoid legal trouble for Debian by having clear requirements, but I don't think it's a good definition for a movement's primary purpose. In many ways the DFSG and OSD can be seen as re-statements of the four freedoms but without any strong justification for why these particular conditions are necessary for a license to be good -- the four freedoms can be explained by explaining how each freedom is necessary to ensure that users have control over their computers.
For an example of why having strong fundamentals is important, the OSD doesn't really have a stance on DRM -- while the free software definition clearly does (even though it predates any modern concepts of DRM).
Thanks for changing your mind on receiving new information.
DFSG and the OSD are essentially the same thing, having been written both of them by Bruce Perens. Main difference is that Debian doesn't certify licenses: they ship software, so they look at the whole packages, so to speak. OSI only certify licenses, they don't ship software.
As to what the DFSG and OSD do that the FSF four principles don't, I think they are more detailed set of rules one can apply when trying to figure out whether some software is free or not. IMHO, the FSF principles are less operationally useful, despite describing categorically the same set of software.
> DFSG and the OSD are essentially the same thing, having been written both of them by Bruce Perens.
Right, and I knew this is what you were getting at. I guess my main point is that having a working guideline for acceptable licenses for a distribution makes complete sense (after all of the moral viewpoints have been debated to death you have to ship some code eventually), but using those guidelines as the basis of a movement doesn't really (at least not as much as basing a movement on an a set of ethical axioms). So I would say I favour the DFSG over the OSD purely because of what it is used for and represents, rather than because of the (almost non-existent) differences between the two texts.
But of course, I'm biased since I'm far more in the "free software" camp than I am in the "open source" camp -- purely because I think bringing it back to discussions of ethics is quite important (perhaps more than ever).
You've misinterpreted the license. What it says is that the licensOR (not the licensEE) is a non-profit. That is, by publishing your original software under the NPOSL, you claim that you are a non-profit organisation. That's it.
Nowhere does the license say that you can't use the code outside non-profit orgs. In fact 17.d says very clearly that if you're not a non-profit, you are allowed to distribute your modified works, but under the original OSL license, not the NPOSL. So you can use, modify it and distribute it, only with a complication in the licensing.
The other amendment the NPOSL adds is where the original OSL gives a grant of patents and a warranty of provenance, and the NPOSL explicitly doesn't, because it's designed for non-profit companies, which have no money, so it's intended to reduce legal exposure.
It's a Free Software license in my opinion, and I bet you a drink that Stallman and the FSF would consider one too, even if they would not recommend using it.
Also note that the license's author is Laurence Rosen, who was General Counsel of the OSI, knows more about software licensing than most people, and who explains the details and rationale of the NPOSL in [1]
If you have any other license that's OSI-certified and you think is non-free according to the principles of the FSF, I'm interested in learning about it.
One thing to take into account, though, is that the OSI is a certification body, and the FSF isn't.
Thhis means that the list of Open Source (according to the OSI) licenses is closed and published on their site. The FSF gives a set of principles and also publishes a list of licenses with some analysis, but the FSF's list is non-exhaustive, nor does it pretend to be. There are infinite potential free licenses that the FSF will not list, because its doesn't count license certification as one of its goals.
Yes, the OSD tries to include legality in "seeing and modifying". If you regard Open Source as just "seeing and modifying" the source then anything that you can get the source code for is Open Source. This is most definitely not the case, as illustrated by my previous example of Windows 2000. Please see [0] and [1] for more info. Confusingly, there are still copies of the W2K source on github which have an MIT license in the root which is, I assume, false and unauthorized by MS [2].
On my side those cases are categorised as "Public source" and the respective license terms are then labelled as freeware for most cases, as a sub-variant of Proprietary license types. The other two variants would be Purchase or Subscription.
From a licensing compliance/verification perspective, being OSI approved is a good help to guide developers and reduce the effort of processing the applicable terms. For the auditor itself, the OSI stamp is OK but not something critical.
Looking better, we simply don't even use the terms Open Source nor FOSS on our procedures to be inclusive of the commercial/closed 3rd party products.
Not whether OSI gives it some arbitrary stamp of approval.