I would understand if Canonical want a new cow to milk, but why are developers even agreeing to this? Are they out of their minds?? Do they actually want companies to steal their code? Or is this some reverse-uno move I don’t see yet? I cannot fathom any FOSS project not using the AGPL anymore. It’s like they’re painting their faces with “here, take my stuff and don’t contribute anything back, that’s totally fine”
Sorry but that’s besides the point. If improvements to coreutils are not published and upstreamed then the community loses out on potential improvements that trained personnel at a successful company make. Not being dependent on such utils is a different discussion and doesn’t solve the core issue.
Yeah I’d like for them to use AGPL but even GPLv3 or it’s derivatives are fine as long as they emphasise FOSS
What improvements are you thinking of? I can see that reasoning with something like the Linux kernel where there’s a lot of complex and integrated code, but ultimately individual coreutils commands are really simple. There’s very little you can do to extend something like
ls… And if you do, you can just make your ownsuperlscommand and not have to deal with any licensing restrictions.With regards to AGPL vs GPL, none of the coreutils programs have network connectivity, so I’m not sure what the network requirement actually adds?
Personally, I don’t think the problem is the risk of companies not contributing back… I honestly wouldn’t mind if they don’t contribute at all and instead they just use the community-developed GPL software as-is, without making any changes to it.
In my mind, the problem is that I cannot trust that a piece of non-copyleft software that’s provided by a company actually does what I expect it should do, and does not have extra bits doing things I do not want it to do. Like the changes Google does in their Chrome version of Chromium, for example. It’s much harder for me to trust any random Chromium fork than it would be a GPL licensed browser, because all Chromium forks can legally include changes without disclosing them openly, they don’t even have to let you know if the binary actually matches the code.
If, for example, MacOS / Microsoft Windows include a copy of OpenSSL with the OS, how can I be sure they are not adding their own sort of malicious spice into it? Can I trust that the keys generated with it will be truly secure? How can I audit it?
At least with the GPL there’s some level of legal accountability in that any change that is not openly shared would be illegal. But with MIT there are no legal barriers against malicious code, it’s totally legal for companies to force feed me totally legal changes that I wouldn’t want and/or that I might not even notice they are there.
Again, it’s not about the actual programs being simple. Just because they are simple in usage doesn’t mean they should be encouraged to use a license that harms FOSS development. If we allow these “simple” utilities now, it sets the dangerous precedent for companies to push towards more software with such licenses and swipe FOSS advancements without contributing anything back. Corporations which do not contribute back to the FOSS community do not deserve to take anything from the community either.
Unfortunately, I alone am powerless to implement such measures when a large group of software developers decide to not take this into account when writing software.
I selected AGPL because I find it to be a little more strict compared to GPL. Any derivative of GPL is fine as long as it promotes open source development