Dirk Riehle's Industry and Research Publications

Triple-Licensing Single-Vendor Open Source Components (Illustrated)

I thought I’d illustrate how I’d solve the current licensing conundrum of single-vendor open source firms like MongoDB and Elastic using some graphics. In short: While open source application vendors can still dual-license, open source component vendors (like the companies just mentioned) need to triple-license to get the benefits of open source yet keep their competitors at bay.

To recap: In the single-vendor commercial open source model, open source application vendors like SugarCRM and Jaspersoft (back in the day) licensed out their software under (at least) two licenses, one commercial, one copyleft (e.g. AGPLv3). They don’t have to make compromises, because their customers only use the software, they don’t distribute it. The following figure illustrates this on the left.

In contrast to this, open source component vendors like MongoDB and Elastic used to also dual-license like the application vendors, however, the open source version had to water down the copyleft effect by way of permissively licensed shims, e.g. adapters or client libraries. This was necessary to drive adoption with application developers, who would not have touched the open source component otherwise (because the copyleft effect would have required their own application to be openly licensed). The above figure illustrates this to the right.

The permissive shims opened the door for cloud providers to use the same rights grant that application developers got to offer the open source component as a service. Many of the open source component vendors did not like this competition and tried to uninvite it by switching away from the open source license to an almost-like but-not-quite open source license. As anyone following the news knows, this lead to quite a backlash from the open source community.

I suggest that not all is lost and that open source component vendors should simply add back the AGPLv3 as a possible third license, but without the shims. This move is illustrated in the following figure.

By triple licensing like illustrated above, the component vendor gets the benefits of the open source community and its good will (by way of the AGPLv3 license) and also gets to drive adoption with application developers by way of the almost-but-not-quite open source license. Whether it is possible to recoup the lost goodwill I don’t know.

However, for new single-vendor open source firms, who approach this problem transparently, this should be a satisfactory solution.

Posted on

in

,

Tagged as (if any)

Subscribe!

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. What’s next after “source-available”? – Dirk Riehle's Industry and Research Publications

    […] Due to complications (from a vendor’s perspective) with open source licenses, however, the hyperscalers (AWS, Azure, GCP) were gearing up as competition to the commercial open source vendors. In reaction, mature vendors relicensed away from open source to so-called source-available licenses that effectively forbid any competition with the original vendor. […]

    Reply
  2. The Wrong First Question: Which Open Source License? - Software Research and the Industry

    […] At first glance, the difference between the two license choices for commercial exploitation may be surprising. They are the result of the open source use-case (distribution in the case of a component and plain use in the case of an application). For advanced reading, I explain this in more detail elsewhere. […]

    Reply

Navigation

Share the content

Share on LinkedIn

Share by email

Share on X (Twitter)

Share on WhatsApp

Featured startups

QDAcity makes collaborative qualitative data analysis fun and easy.

Featured projects

Open data, easy and social
Engineering intelligence unleashed
Open source in products, easy and safe