With the long-standing tension between proprietary and open source software (OSS) unlikely to resolve anytime soon, a startup with a $3 billion market cap is throwing its weight behind a new licensing paradigm — one packed with new definitions, terminology and governance models, designed to bridge the open and proprietary worlds.
Developer software company Sentry recently introduced a new licensing category it's calling “Fair Source,” and Sentry is among the first adopters, along with a half-dozen others, including GitButler, a developer tools company founded by one of the founders of GitHub.
The Fair Source concept is designed to help companies adapt to the “open” software development field – open source, open core, source available – without encroaching on existing licensing environments and avoiding the negative stigma associated with “proprietary”.
But Fair Source is also a response to a growing realization that open source isn't working well commercially.
“Open source is not a business model. Open source is a distribution model, and primarily a software development model,” Chad Whitacre, open source lead at Sentry, told TechCrunch. “And in fact the licensing terms put severe limitations on the business models that are available.”
Of course, there are highly successful open source projects, but they are usually components of larger proprietary products. Companies that have flown the open source flag have often retreated to protect their efforts, moving from fully permissive licenses to more restrictive “copyleft” licenses, as with Element last year and Grafana before that, or abandoning open source altogether, as HashiCorp did with Terraform.
“Most of the world's software is still closed source,” Whittaker added. “Kubernetes is open source but Google Search is closed. React is open source but the Facebook newsfeed is closed. Fair Source creates a space where companies can safely share access to not only these low-level infrastructure components but also their core products.”
Chad Whitacre, Open Source Lead at Sentry. Image courtesy of Sentry
fair play
Sentry, an app performance monitoring platform that helps companies like Microsoft and Disney detect and diagnose buggy software, was initially offered under a permissive BSD 3-clause open source license. But in 2019, the product moved to the Business Source License (BUSL), a more restrictive source-available license originally created by MariaDB. The move was a response to what co-founder and CTO David Cramer described as “funded companies stealing or copying our work to compete directly with Sentry.”
Fast forward to August of last year, when Sentry announced that it was “open-source” a developer tool it had recently acquired, Codecov. This came as a disappointment to many, as it was released under a license called BUSL, which raised questions about whether the company could really call itself “open source” at all, as it was released under that license, a license that is incompatible with the Open Source Initiative's (OSI) definition of “open source.”
Cramer quickly issued something of an apology, explaining that while he'd misused the descriptor, the BUSL license complies with the spirit of many open source licenses: users can host and modify the code themselves without paying a cent to the creators, but they cannot commercialize the product as a competing service.
But in reality, BUSL is not open source.
“We kind of screwed up and inspired the next hornet,” Whitaker said, “but in the discussions that followed we realized we needed a new terminology, because we're not proprietary. And obviously the community doesn't accept that we're open source. And we're not open core.”
Those who follow the open source world know that it's all about terminology. And Sentry isn't the first company to fail over (mis)use of established nomenclature. Still, the episode inspired Adam Jacob, CEO and co-founder of DevOps startup System Initiative, to call on someone to create a brand and manifesto that covers the types of licenses Sentry wants to comply with. That would be similar to what OSI has been doing with open source for the past 25 years, but with a more commercially appealing gradation.
I think the way forward here is to create a loose coalition of people who use non-competitive licenses and actually come together and draft our own set of values, and then brand it, and stand by it with pride.
— Adam Jacob (@adamhjk) August 3, 2023
And that's what led Sentry to Fair Source.
At present, the primary recommended fair source license is the Feature Source License (FSL), which Sentry itself released last year as a simpler alternative to BUSL, although BUSL itself is also designated as fair source, as is another new license created by Sentry, the Fair Core License (FCL), both of which are included to support a variety of project needs.
Companies can submit and be considered for their own licenses, but all Fair Source licenses must have three basic provisions: [the code] It must be publicly readable, available for third parties to use, modify, and redistribute with “minimal restrictions,” have a delayed open source release (DOSP) provision, and convert to a true open source license after a predefined period. For Sentry's FSL license, that period is two years. For BUSL, the default period is four years.
The concept of “delaying” the release of source code with a true open source license is a key defining element that distinguishes Fair Source Licensing from other models such as Open Core. DOSP protects a company's commercial interests in the short term until the code is fully open source.
But a vague and subjective definition like “minimal restrictions” can certainly raise questions: what exactly does that mean, and what restrictions are acceptable?
“We just launched this a month ago. This is a long-term game,” Whitaker said. “Open source [the OSI definition] “It's been around for over 25 years, so some of this is up for debate. We want to see what emerges and take the time to unravel it.”
The flagship Fair Source License follows a similar path to previous “source available” licenses in that it has a non-compete clause that prohibits commercial use in competing products. This includes any product that provides “the same or substantially similar functionality” as the original software. And that's one of the central problems with such licenses, says Thierry Carrez, general manager of the Open Infrastructure Foundation and board member of the Open Source Initiative: they leave a lot of room for interpretation and can become “legally ambiguous.”
“The Fair Source License is not an open source license because the freedoms it grants do not apply to everyone. It discriminates based on legally vague non-compete rules,” Karez said. “Therefore, widespread adoption of the Fair Source License would not only create legal uncertainty, but would also significantly reduce future innovation.”
Furthermore, Karez added that there is nothing to prevent the terms of the Fair Source Licence from being changed in the future, highlighting the problem with the licence being administered by a single organisation.
“There are two approaches to software development: a proprietary approach, where a single organization produces and monetizes the software, or a commons approach, where an open ecosystem comes together to produce the software and share the benefits,” Carrez says. “In a proprietary approach, there's nothing to prevent a single copyright holder from changing the terms of the agreement going forward, so the exact terms of the license you're using today aren't as important as trust that those companies won't change them.”
In many ways, Fair Source is simply a branding exercise: it allows companies to cherry-pick the parts of the established open source ethos that they value while avoiding calling themselves “proprietary” or anything like that.
“It's great that people are simply speaking their minds honestly, but [their software] “It's not open source,” she said, suggesting that this new license category might only complicate things, especially since there are already well-established names for this type of software.
“We need to change our thinking to separate software into three categories instead of two. OpenUK has been advocating this for some time,” Block told TechCrunch. “In open source, we call the proprietary category with publicly available source 'source available' or 'public source.' [the] sauce [code] available and distributed under a license that does not meet the Open Source Definition.”
Git commit
Scott Chacon, who claims to be one of the four founders of GitHub and served as its chief information officer until his retirement in 2016, is launching a new Git-focused startup, GitButler, in early 2023. After considering a range of licenses, including fully proprietary ones, he settled on FSL and publicly declared his support for the fair-source movement.
“We're not yet sure what our ultimate business model will be, and we want to keep our options open,” Chacon told TechCrunch. “We understand that if a company releases under an OSS license and then has to relicense under a more restrictive license to make their business successful, there will be a legitimate outcry from the community.”
And that's the crux of the problem for many companies today: Of course, everyone loves open source, but the setbacks continue to make today's startups hesitant to go all in and then be forced to reverse course and risk incurring the wrath of the global community.
“We think it's [BUSL / FSL-style license] “It will ultimately be open source under the MIT license, which gives us some protection while we're making a significant investment,” Chacon said. “We want to be able to protect our employees and investors while giving our users as much access and freedom as possible.”
GitHub is actually a good starting point for discussing the fair source movement. The Microsoft-owned code hosting platform is at the heart of open source software, and GitHub has open sourced some of its internal tools over the years. But GitHub itself is not open source. Tom Preston-Werner, former CEO of GitHub, wrote an article on this very subject back in 2011, extolling the virtues of open source but also talking about what should be avoided: “Don't open source anything that represents core business value,” he wrote.
And it's this approach that Chacon is taking to his latest venture.
“My philosophy is to open source anything that I don't mind or would prefer my competitors to use,” he said. “If fair source had been important 15 years ago, we might have released the GitHub source under such a license back then.”
Other companies joining the early FairSource frenzy include YC alumni CodeCrafters, PowerSync, Ptah.sh, and Keygen, whose founder Zeke Gabrielse has partnered with Whitacre to handle governance of the new FairSource application.
“Our governance right now is geared towards the scale of this effort, which means it's just two people, myself and Zeke, and decision-making is publicly available on GitHub and anyone is free to contribute,” Whitaker said, adding that there may be room for independent oversight in the future, but that it's not a priority right now.
“We're just planting the seed and seeing where it goes,” Whitaker said. “This is a long-term endeavor, so we'll evolve the structure as we go.”