this post was submitted on 20 Nov 2023
201 points (93.1% liked)

Open Source

31366 readers
183 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Is it just me or is passing off things that aren't FOSS as FOSS a much bigger thing lately than it was previously.

Don't get me wrong. I remember Microsoft's "shared source" thing from back in the day. So I know it's not a new thing per se. But it still seems like it's suddenly a bigger problem than it was previously.

LLaMa, the large language model, is billed by Meta as "Open Source", but isn't.

I just learned today about "Grayjay," a video streaming service client app created by Louis Rossmann. Various aticles out there are billing it as "Open Source" or "FOSS". It's not. Grayjay's license doesn't allow commercial redistribution or derivative works. Its source code is available to the general public, but that's far from sufficient to qualify as "Open Source." (That article even claims "GrayJay is an open-source app, which means that users are free to alter it to meet their specific needs," but Grayjay's license grants no license to create modified versions at all.) FUTO, the parent project of Grayjay pledges on its site that "All FUTO-funded projects are expected to be open-source or develop a plan to eventually become so." I hope that means that they'll be making Grayjay properly Open Source at some point. (Maybe once it's sufficiently mature/tested?) But I worry that they're just conflating "source available" and "Open Source."

I've also seen some sentiment around that "whatever, doesn't matter if it doesn't match the OSI's definition of Open Source. Source available is just as good and OSI doesn't get a monopoly on the term 'Open Source' anyway and you're being pedantic for refusing to use the term 'Open Source' for this program that won't let you use it commercially or make modifications."

It just makes me nervous. I don't want to see these terms muddied. If that ultimately happens and these terms end up not really being meaningful/helpful, maybe the next best thing is to only speak in terms of concrete license names. We all know the GPL, MIT, BSD, Apache, Mozilla, etc kind of licenses are unambiguously FOSS licenses in the strictest sense of the term. If a piece of software is under something that doesn't have a specific name, then the best we'd be able to do is just read it and see if it matches the OSI definition or Free Software definition.

Until then, I guess I'll keep doing my best to tell folks when something's called FOSS that isn't FOSS. I'm not sure what else to do about this issue, really.

top 50 comments
sorted by: hot top controversial new old
[–] folkrav@lemmy.ca 71 points 1 year ago (3 children)

I'm utterly convinced overloading the term "open" was a very bad mistake in terms of how much confusion it created. Yes, "open-source" in the OSI definition means open to read, but also open to modification and redistribution. Having to make the distinction and explain the difference with "source available" is in itself a failure in communication.

[–] shrugal@lemm.ee 8 points 1 year ago* (last edited 1 year ago)

That's what you get when you use one existing word for a somewhat complex set of principles. It makes it easier to talk about it, because you don't have to learn new vocabulary or go through the list of requirements every time, but it also opens the door for misinterpretations. Imo it's good that we have a simple term for it, but we also have to educate people to make sure it doesn't lose its proper meaning.

It would be nice if the term "open source" could get some kind of legal protection. Like you can't call your product "cheese" if it doesn't have at least x% of actual cheese in it.

[–] andruid@lemmy.ml 4 points 1 year ago

Libre Software was/is the best strict definition of this to me.

load more comments (1 replies)
[–] bitwolf@lemmy.one 38 points 1 year ago (1 children)

There is

  • OSS
  • FOSS
  • FLOSS

Don't get excited about OSS it's just a distribution model (and one that is popular for commercial start ups right now).

You're looking for FLOSS.

[–] toastal@lemmy.ml 5 points 1 year ago (1 children)

There is also copyfair & copyfarleft

[–] nodiet@feddit.de 3 points 1 year ago (1 children)

Huh? I only know copyleft, what are those?

[–] toastal@lemmy.ml 3 points 1 year ago* (last edited 1 year ago)

Imagine if the commons of code required corporations (not worker-owned) recipropcate value to a project. These licenses aren’t FSF-approved but there are valid ciriticisms of how big businesses are getting more value than they put in & how an indie dev maintaining an important library is barely scraping by.

Worth a read: https://lipu.dgold.eu/original-sin

[–] scrubbles@poptalk.scrubbles.tech 37 points 1 year ago (2 children)

I think we're seeing a natural evolution, and it's in no small part due to corpos using FOSS to their own will. FOSS works if everyone is playing nicely, but corpos aren't.

For example. You build a small piece of code that helps out a huge chunk of developers. You release it for free, and let them use it however they want. A ton of small projects and apps are made easier thanks to you and your work, and you get called out from them. However, a giant corpo then takes this, uses it in all of their brand-name solutions, and then sells those solutions for millions of dollars becoming one of the most profitable companies in existence. You don't get a dime for your work, even though without your work their work would have been much more difficult.

This is the story of core.js, who's developer is currently in search of work to feed his family in Eastern Europe, while Amazon, Microsoft, Google, and pretty much 90% of the web use his code. He used the MIT license which allows this.

I think a lot of developers have seen this and are wise to it. GPL licensing is on the rise. I know when I read his story I immediately changed my tone from "FOSS/MIT Licensing is the best most moral way to go" to "Oh fuck those corpos, they could have at least said thank you".

Personally I hope more devs push for "Open source, but check the license" so they get credit where credit is due. I think it's completely fair for them to use a license that says "You are free to use it however you want - but if you start charging for your product I get a cut."

[–] Kushia@lemmy.ml 15 points 1 year ago (6 children)

You make some good points but yeah, if you licence something under a license that allows corporations to do this don't be surprised if they do.

I don't know if there's some license out there that allows free sharing of code with a limitation around using it in for-profit products and profit sharing for them and whether such a license would even work.

[–] TootSweet@lemmy.world 8 points 1 year ago (1 children)

I don’t know if there’s some license out there that allows free sharing of code with a limitation around using it in for-profit products

There's no reason why such a license couldn't exist, but if it did/does, it wouldn't meet the OSI definition of "Open Source" nor the FSF definition of "Free Software". Both terms require that resale of the software be explicitly allowed.

There are FOSS licenses (notably the GPL) that say that if you do resell (or otherwise redistribute) the software, you have to do so only under the same terms. (That is, you can't sell a proprietary fork. But you could sell a fork under FOSS terms.) But none that say "no selling."

[–] Perhyte@lemmy.world 4 points 1 year ago

There are FOSS licenses (notably the GPL) that say that if you do resell (or otherwise redistribute) the software, you have to do so only under the same terms. (That is, you can’t sell a proprietary fork. But you could sell a fork under FOSS terms.) But none that say “no selling.”

For many companies (especially large ones), the GPL and similar copyleft licenses may as well mean "no selling", because they won't go near it for code that's incorporated in their own software products. Which is why some projects have such a license but with a "or pay us to get a commercial license" alternative.

load more comments (5 replies)
[–] Atemu@lemmy.ml 4 points 1 year ago

You are free to use it however you want - but if you start charging for your product I get a cut.

The problem here is who this "I" is. Often times, there are dozens or hundreds of contributors. Do they each get a cut? Do they all get a cut of a cut? How is that cut calculated?

[–] wiki_me@lemmy.ml 32 points 1 year ago (3 children)

Best you can do is accuse something of being open washing, or correct people by saying that it does not fit the OSI definition which is widely accepted (it's based on debian guidelines) and the software is at best "partially open source".

Having a github page with a list of problematic projects and licenses could be useful.

[–] beeng@discuss.tchncs.de 6 points 1 year ago (1 children)
[–] ZILtoid1991@kbin.social 5 points 1 year ago

ClosedAL

I'm from the generation that used to have sound cards, and I'm very sad about what Creative did to the industry...

[–] TootSweet@lemmy.world 6 points 1 year ago (1 children)

Oh shit! "Open washing" is a term I never knew I needed in my lexicon until now.

And yes. A running list of such projects would be awesome to have. I migrated all my projects to Gitlab when Microsoft bought Github (in retrospect, I wish I'd gone to Codeberg) but I'd love to see a project that collected examples like that in one place. I could probably be persuaded to start/maintain it. (As long as it's not on Github. Lol.)

load more comments (1 replies)
[–] ImpossibilityBox@lemmy.world 4 points 1 year ago

Can we get a term like this for AI. I'm so goddam sick and tired of everything being called AI that clearly and obviously isn't.

We developed a system that looks for red and when it sees red it KNoOOoOAwwWWss that it is seeing red and does stuff. It's a super effective, ground breaking, world shaping, paradigm changing AI system. Give us money please.

[–] BURN@lemmy.world 22 points 1 year ago

Open Source has meant Source Available for quite a while.

FOSS is different than Open Source, and it’s a distinction that very likely needs to be made.

[–] Kaldo@kbin.social 17 points 1 year ago* (last edited 1 year ago)

Muddying the waters is the oldest trick in the books, big corporations have even started doing it with "indie" games - Dave the Diver is stylized and marketed as an indie game despite being developed by a division of a multi-billion company Nexon.

I definitely have an issue with it as well, it's really hard to say whether something is actually FOSS nowadays or not, and whether it can be taken away or acquired by someone else down the line. That could be my fault as well since I never bothered to learn about the licenses beyond what MIT / Apache2 are, and even those I understand superficially.

There should absolutely be more pushback for things like these though.

[–] MigratingtoLemmy@lemmy.world 16 points 1 year ago* (last edited 1 year ago) (3 children)

I'd like a license where the source is available but companies need to pay to use

[–] captain_aggravated@sh.itjust.works 15 points 1 year ago (7 children)

Something akin to the Creative Commons Share-alike non-commercial license?

[–] theshatterstone54 4 points 1 year ago

Yeah, basically one of the CC licenses (probably this one, I don't know CC that well) but for software. It's been a license I dream of and have dreamt of for a while. I guess the closest we have is the GPL but eben rhat has been bypassed.

load more comments (6 replies)
[–] TootSweet@lemmy.world 11 points 1 year ago

There's no reason I know of why a license like that couldn't exist, but it wouldn't qualify as "Open Source" by the OSI's definition.

[–] paholg@lemm.ee 4 points 1 year ago* (last edited 1 year ago) (1 children)

Isn't that what Unreal Engine has?

I've also heard it referred to as "source available".

load more comments (1 replies)
[–] lemann@lemmy.one 13 points 1 year ago (5 children)

My response might be a hot take 🥲

Personally:

  • OSS: source available
  • FOSS: Free (freedom) open source, copyleft

I just learned today about "Grayjay," a video streaming service client app created by Louis Rossmann. Various aticles out there are billing it as "Open Source" or "FOSS". It's not. Grayjay's license doesn't allowe commercial redistribution or derivative works. Its source code is available to the general public, but that's far from sufficient to qualify as "Open Source." (That article even claims "GrayJay is an open-source app, which means that users are free to alter it to meet their specific needs," but Grayjay's license grants no license to create modified versions at all.)

I had a look through the license at launch, and also watched the entirety of Louis' video, in both of which I didn't come across any restrictions imposed on an end user to modify the app for their own needs or redistribution - just no commercial redistribution or redistribution with ill intent. I keep seeing the restrictions mentioned though and genuinely cannot find anything to back them up...

In the original launch video Louis does explicitly state that the app is not free, but he does erroneously refer to it as open source. Mainstream tech outlets conflating foss/source-available is likely down to journalists just not aware of the distinction, or just taking his word for it

IMO since the app is Louis' project that is primarily being financed by donating his personal money to FUTO (AFAICT) it would be immediately obvious to a follower of his that the app is not going to be open source as per the OSI definition. Looking at what happened with NewPipe clones when he mentioned it on his channel, and bad actors in local governments sabotaging his attempts to get a bulletproof R2R passed in many states, his overall trust level is probably pretty low - the last thing someone like that would want on a personal project is loads of strangers contributing, bad actors ripping it off trying to make a quick buck, or even worse redistributing it with malware.

Leaving the OSS conflation aspect for a second, Grayjay is a very big and complex app, with integrated dev tools and a comprehensive plugin system (each are individually GPL licensed if i'm not mistaken). IMO chances are if someone wants to modify the app, they should be looking at a GPL plugin to introduce their functionality in, rather than modifying the source - as would be required with something like NewPipe. They have a whole youtube video going through how to develop a plugin, and how it's architected.

If/when Grayjay is transitioned to FOSS, I imagine it'll be difficult for the community to maintain it due to the complexity... It'll probably need to be broken down into several smaller manageable parts, such as projects like Home Assistant, LibreOffice, and Node-Red. Something like NewPipe, which is literally just the Android app and extractor library, would be much easier for unpaid volunteer contributors to maintain IMO.

I personally disagree slightly with the current definition of "open source", because it hides so much nuance that isn't readily evident to someone unfamiliar with the community. A lot of people do not make the connection of "open source" = OSI, they think "open source" = source is out in the open. FOSS and FLOSS are way more explicit in meaning from my perspective

[–] lily33@lemm.ee 9 points 1 year ago

I didn’t come across any restrictions imposed on an end user to modify the app for their own needs or redistribution

It's by default that you can't redistribute modified versions. You need explicit permission to do so. Furthermore, that license is revocable. So let's say you invest a lot of time into making modifications - at any point, they can revoke the license, and you suddenly find yourself forbidden from distributing your modified version, too/

If/when Grayjay is transitioned to FOSS, I imagine it’ll be difficult for the community to maintain it due to the complexity…

That's not really relevant. There's no requirement in open source on how the projects are to be maintained.

the last thing someone like that would want on a personal project is loads of strangers contributing, bad actors ripping it off trying to make a quick buck, or even worse redistributing it with malware.

It's up to him whether he accepts strangers contributing. That has nothing to do with whether it's open source. If he didn't want contributions, he could disallow any pull requests on an open source software - or conversely, if there are people willing to contribute to a non-open-source project, there's theoretically nothing stopping that. Redistributing it with malware is not really a problem open-source projects have, and malware writers wouldn't care for the license anyway.

The only thing is would be the somewhat relevant would be making a quick buck part, but that's only been a problem for people using MIT/BSD license.

Finally, I'll never understand why people would want to name software after dental string...

[–] Knusper@feddit.de 5 points 1 year ago

"Open-source" is not up for interpretation. The word was coined by this definition being made public: https://opensource.org/osd/

[–] TootSweet@lemmy.world 4 points 1 year ago

I keep seeing the restrictions mentioned though and genuinely cannot find anything to back them up…

At least in the U.S. any right granted exclusively to the copyright holder and not mentioned in the license is reserved by the copyright holder. So if the license doesn't allow something that absent a license would constitute copyright infringement, then... well... it's not allowed.

In the licence, they say "subject to the terms of this license, we grant you a non-transferable, non-exclusive, worldwide, royalty-free license to access and use the code solely for the purposes of review, compilation and non-commercial distribution." "Review" is defined elsewhere in the license and seems pretty explicitly and purposefully not to include making altered versions of the work.

A modified version of it would be a "derivative work" under copyright law, which would constitute copyright infringement (even if not distributed, according to the research I've done) if the license didn't allow it. So as far as I can tell from the license, even cloning the source of Grayjay and changing the background color would constitute copyright infringement.

And, of course, just above, it also says "non-commercial distribution." So selling a copy of the source or compiled code would infringe.

(Also, the section where the license says "we may change the rules at any time" basically makes the license completely useless.)

All that to say if you're looking for anything to back up claims of restrictions, it's all there in the license.

...he does erroneously refer to it as open source...

Honestly, I haven't watched Louis Rossmann's video about Grayjay but I wouldn't be satisfied to just trust what he says when the license says something else. (Still, I do intend to watch it when I get a sec if I can. Or did YouTube take it down and make it hard to find? Who knows.)

the last thing someone like that would want on a personal project is loads of strangers contributing...

Open Source (or FOSS or Free Software or whatever) doesn't mean there's no gatekeeper. The vast majority of Open Source projects allow contributions only after an approval process.

...bad actors ripping it off trying to make a quick buck...

I get that. I'd still rather see it properly FOSS, though.

I used to pay attention to things in the Minetest development community. There were some cases where random folks made Android ports (before Minetest officially supported Android) and sold them on the Play Store.

(Which seems like a good argument for copyleft but that's none of my business. Lol.)

...or even worse redistributing it with malware.

I would imagine any outfit sleazy enough to distribute "malware" wouldn't be deterred by a little copyright infringement. I wouldn't think a source-available project could prevent that with license terms to any extent that a FOSS project couldn't.

(Or do you mean something more like I'd call "antifeatures" -- not illegal, but privacy invading or DRM'd whatever?)

If/when Grayjay is transitioned to FOSS, I imagine it’ll be difficult for the community to maintain it due to the complexity…

I'm not sure why you think a transition to FOSS would require any change in how it's developed.

Leaving the OSS conflation aspect for a second, Grayjay is a very big and complex app, with integrated dev tools and a comprehensive plugin system (each are individually GPL licensed if i’m not mistaken). IMO chances are if someone wants to modify the app, they should be looking at a GPL plugin to introduce their functionality in, rather than modifying the source - as would be required with something like NewPipe. They have a whole youtube video going through how to develop a plugin, and how it’s architected.

I'm less concerned about whether people can actually materially make it do things the authors didn't anticipate now than I am whether I can be certain that if/when it gets enshittified or abandoned or whatever someone can fork it and the world goes on our merry way as if nothing was amiss. Like has been done with OpenOffice/Libreoffice, MPlayer/MPlayer2/MPV, and others. As the license is now, we 100% cannot without rewriting at least the core from scratch in a cleanroom kind of fashion.

If/when Grayjay is transitioned to FOSS, I imagine it’ll be difficult for the community to maintain it due to the complexity… It’ll probably need to be broken down into several smaller manageable parts, such as projects like Home Assistant, LibreOffice, and Node-Red. Something like NewPipe, which is literally just the Android app and extractor library, would be much easier for unpaid volunteer contributors to maintain IMO.

Again, why after it transitioned to FOSS would it suddenly have to be maintained by a "community" of "unpaid volunteer contributors" any more so than it is now?

load more comments (2 replies)
[–] pixelscript@lemmy.ml 13 points 1 year ago* (last edited 1 year ago)

This failure of the word "open" to mean one clear and specific thing just feels like an echo of the failure of "free" to mean one clear and specific thing.

Someone came up with the term "free" in the context of software, and a bunch of people asked, "Ah, so that means I don't have to pay for it?" And half the room went, "Yep, of course!" and the other half of the room went, "Ehrm, not exactly..." And from that point on, we've had to amend the word "free" with awkward qualifiers like "as in freedom, not as in beer", or attempt to introduce a clarifying companion term like "libre" to try and capture one of the competing meanings.

I'm sure the "open" in "open source" is doomed to the same fate. "Source available" is to "open source" what "libre" is to "free". An awkward clarifying companion term that only dorks like us bother to distinguish.

[–] rufus@discuss.tchncs.de 10 points 1 year ago* (last edited 1 year ago)

Yes. I have exactly the same feeling.

And I think if the OSI coined the term 'open-source', they get to decide what it means. And words have meanings.

[–] Barzaria@lemmy.dbzer0.com 7 points 1 year ago

Free software!!

[–] PropaGandalf@lemmy.world 5 points 1 year ago (1 children)

This is inevitable. You are fighting a fight against the natural development of a language. Maybe we really should start caring more about licenses but the terms will be used by other people nevertheless like they want.

[–] TootSweet@lemmy.world 6 points 1 year ago

You are fighting a fight against the natural development of a language.

Perhaps, but I fully believe the more successful I and folks who join me in that fight are, the more beneficial it will ultimately be to basically everybody who uses software.

[–] theneverfox@pawb.social 5 points 1 year ago (4 children)

As a developer, honestly I think this is a good thing.

Open source isn't always a good thing. It's not just opening the source, it's a very specific way to develop software.

In theory, you make something open source, and other devs walk in and out, helping the project grow and helping with admin work. People can tag in and tag out as their schedules allow, and the software will grow organically and democratically, bigger than any single user

In practice, it's politics. Contributing is rarely on a walk-in basis - but code is your ideas given form, and no amount of power is too little to trip over.

People are protective of their baby, but also don't want to spend their free time interviewing contributors instead of working on it. And just like mods on top boards, managing a popular open source project attracts a very specific type of person

And finally, we live in a hypercapitalist society right now. Know what happens if you open source a project and it gains traction? Someone runs off and turns it into a service, usually the owner, but not always. Services tend to become the first class citizen, and are free to take investor money and make pull requests to serve their use case at the expense of someone using it themselves.

I think it's safe to say Linux is the greatest open source project of all time. It's a clusterfuck that has not lived up to the imagined ideals of open source - I think it's great and too important to entrust to any group, but it's a hot mess. And Linus Torvold didn't open source it for years until it reached a point of maturity.

My point with all this is that OSS is fantastic, but it's not a virtue intrinsically. After all, almost no one makes money on OSS, but plenty make money on turning such a project into a service.

Opening your source on the other hand? Other people can take bits and pieces to learn from, and people can audit it. If you keep out corporate use, I think that's fair - I mean, even if you copy code for your own project, you quickly move beyond the 20% difference you need to remove their copyright claim if you're building something different

I think we need to be more pragmatic about OSS... We need to make multiple philosophies for different people and different types of software

load more comments (4 replies)
[–] p_q@lemmy.world 4 points 1 year ago

it's thoose kind of people you want to keep away from important stuff, so you know "open source" is the thing, man! ;-)

[–] otter@lemmy.ca 3 points 1 year ago* (last edited 1 year ago) (1 children)

I agree that there are more things lying (or being misleading) about their open source. OpenAI is another one that doesn't match the name anymore

At the same time there's a spectrum of open source, reflected by the range of licenses. IMO any level of open source is better than not having it, and sometimes it makes sense to restrict it a little bit.

  • ex. The reasoning given by GrayJay was that they don't want a bunch of malware / ad filled clones running around, and I think that's reasonable justification? I often see posts complaining about fake apps with similar names, and this might help GrayJay avoid that headache. At the end of the day, they're making something useful available for free and opening up their source for others to inspect and learn from.

What I think is also happening is that it's now more popular to be open source. So more people are making things SOMEWHERE on the spectrum of open source rather than closed source only, and so we're seeing more content that doesn't properly match the culture of FOSS development.

I feel like that's still an improvement, but I'm new to the world of FOSS so I'd love to hear more thoughts :)

[–] lily33@lemm.ee 3 points 1 year ago (3 children)

The reasoning given by GrayJay was that they don’t want a bunch of malware / ad filled clones running around, and I think that’s reasonable justification?

It's not.

  1. That just hasn't been a problem for open source projects. I've been using almost only open source since like 2007, and I've never seen or heard about an ad-filled clone of some of them. Even if they are a thing, they've never reached me as a user.
  2. If someone did want to distribute malware clones, they won't be stopped by a license restriction.
[–] Unmapped@lemmy.ml 7 points 1 year ago (1 children)

The ad filled clones are definitely a thing. Just search for newpipe in the Play Store and you will see them. A lot of people don't know about the fdroid store so when they hear about newpipe they search on Play Store and end up downloading a fake one full of ads.

load more comments (1 replies)
[–] joeldebruijn@lemmy.ml 6 points 1 year ago

I believe Firefox had their fair share of problematic clones but they dont protect from that by licensing their code in a special way. They protect their brand and use of logo etc

So you can use the code and create something "new", you just cant call it Firefox anymore.

[–] otter@lemmy.ca 3 points 1 year ago* (last edited 1 year ago) (1 children)

For #1: It's pretty common for example with the YouTube frontends, downloaders, etc. UBlock Origin has a set of filters to warn when you arrive at a fake site. Try googling "revanced", you should run across one

For #2: Fair, but wouldn't the license make it easier to go after the other ones legally? It's easier to submit a takedown request if you can back it up. It won't stop someone very motivated, but it's a barrier still

[–] TootSweet@lemmy.world 3 points 1 year ago

For #2, it depends what you mean by "malware". If it's something fraudulent, they're breaking the law anyway. Surely if they're not afraid of criminal charges they're not afraid of a little copyright infringement. If you're talking about something more like "antifeatures", I'd argue that copyleft is better than "no derivatives" for that particular case.

load more comments
view more: next ›