There's nothing wrong with releasing software under a license that allows contributions but disallows commercial use, which is what Cyph was attempting to do:
> We're a small startup with a significant amount of time and money invested into the development of Cyph. We recognize the need for anyone to be able to review the code and verify our production build against it from a security perspective, but at the same time it would be problematic if an unrelated third party could just stand up their own instance of Cyph and directly compete with us at this stage. We would be much more inclined to fully open source Cyph at a later stage of the business.
I disagree with the philosophy of forbidding any contributions just because they are not fully open-source for commercial purposes.
This seems like a very common scenario for software that is almost "open source" except for not allowing commercial deployments. I would be surprised if there is no existing licence to cover this use case, but it will not be fully open source of course. Which again doesn't mean that all contributions need to be forbidden.
There are bunch of well known source available licenses, such as BSL 1.1 (https://mariadb.com/bsl11/). No need to invent a new license that gives more confusions.
ianal but I think it's done this way to allow for some latitude in interpretation. gives licensees the ability to get things going, eg as a private beta, and seek a commercial license when they're ready instead of worrying about that up-front. also gives both parties the ability to argue whether a particular situation counts as production use if the dispute ends up in court.
That's unfortunately a very narrow sense. In fact, the most common definition of open source implies open governance because of the wording. The exact definition will vary depending on exact authorities (OSI vs. FSF), governance transparency, relationship with patents, treatment of non-software contents and many others. This ambiguity is why I never say "open source" alone, at the very least I say F/OSS to be clear. Maybe I should start saying something more soon.
Open Source is a specific thing.
Free Software is a specific thing.
When I say Open Source I mean Open Source. When I say Free Software I mean Free Software.
The two are not equivalent.
Open Source is defines by OSI.
Free Software is defined by FSF.
(The clue is right there in the name.)
Feel free to refer to F/OSS if you want to refer to both. You definitely should be saying something more if you wish to include other models.
>> In fact, the most common definition of open source implies open governance because of the wording.
eh? I disagree with this. Open Source does not imply Open Governance. I'm not sure any license discusses governance at all. Organisations have governance rules, not (most / all ?) Licenses.
Your reading of the license name to imply some form of governance is, in my opinion, unwarranted.
> Open Source is a specific thing. Free Software is a specific thing. When I say Open Source I mean Open Source. When I say Free Software I mean Free Software. The two are not equivalent.
The hint is that you have slightly changed your terminology there, intentional or not. The capitalized terms "Open Source" and "Free Software" indeed have specific definitions. But generalized and thus non-capitalized words "open source" and "free software" had been fuzzier, and pretty much all conversations about F/OSS deal with that sense (the "common" sense hereafter). In fact the notation F/OSS is an acknowledgment that both words are, nominal definitions notwithstanding, used as if they are synonyms to each other.
> Open Source does not imply Open Governance. I'm not sure any license discusses governance at all.
Under the "common" sense, they are heavily related and this has been one cause of maintainer burnouts. Again, I don't like the term "open source" (capitalized or not) for that reason too.
> But generalized and thus non-capitalized words "open source" and "free software" had been fuzzier, and pretty much all conversations about F/OSS deal with that sense (the "common" sense hereafter).
You'll have to provide some source for this argument. The very fact that we're having this conversation means that the fact that "Open Source" and "open source" are different things is, at the very least, controversial.
"Free Software" has been a controversial term since the late 80s, I'll give you that, but the only confusion it ever brew was between "free as in freedom" vs "free as in free beer", and people thinking the term "free software" means "software I don't have to pay for" is rather common.
But, as I said in another subthread, this whole mess about the meaning of "open source" only started recently when people started overloading the term to mean something other than "whan has been defined as 'Open Source' by the people who coined that term in regards to software in the first place" (i.e., the OSI). There was no confusion 10 years ago.
Even 10 years ago, it was already very common to assume that "open sourced" softwares should necessarily open their development process. I have several first-hand accounts and tried very hard to decouple them to no avail. And this confusion was built into the origin of that term; esr's highly influential The Cathedral and the Bazaar [1] exactly suggested that after all. It is no surprise that the term became even fuzzier by now.
I feel that applying "common sense" to legal documents may lead you into trouble.
That aside, there are as many governance models are there are licenses - and they two are not linked in any way. I've certainly seen plenty of Open Source projects which are not in any shape or form Open Governance.
> I feel that applying "common sense" to legal documents may lead you into trouble.
Of course IANAL and we are not even talking about the legal aspect here, but legally speaking to be pedantic, the common sense does play a role when there is a reason to believe that some party failed to understand a deeper legal meaning. You can't arbitrarily replace any word in legal documents provided that definitions are given in advance, after all.
> That aside, there are as many governance models are there are licenses - and they two are not linked in any way.
Nominally not, but they are linked in the way that some sort of openness is heavily expected for most "open source" projects.
> We're a small startup with a significant amount of time and money invested into the development of Cyph. We recognize the need for anyone to be able to review the code and verify our production build against it from a security perspective, but at the same time it would be problematic if an unrelated third party could just stand up their own instance of Cyph and directly compete with us at this stage. We would be much more inclined to fully open source Cyph at a later stage of the business.
I disagree with the philosophy of forbidding any contributions just because they are not fully open-source for commercial purposes.
This seems like a very common scenario for software that is almost "open source" except for not allowing commercial deployments. I would be surprised if there is no existing licence to cover this use case, but it will not be fully open source of course. Which again doesn't mean that all contributions need to be forbidden.