I would understand if Canonical want a new cow to milk, but why are developers even agreeing to this? Are they out of their minds?? Do they actually want companies to steal their code? Or is this some reverse-uno move I don’t see yet? I cannot fathom any FOSS project not using the AGPL anymore. It’s like they’re painting their faces with “here, take my stuff and don’t contribute anything back, that’s totally fine”
Personally, I don’t think the problem is the risk of companies not contributing back… I honestly wouldn’t mind if they don’t contribute at all and instead they just use the community-developed GPL software as-is, without making any changes to it.
In my mind, the problem is that I cannot trust that a piece of non-copyleft software that’s provided by a company actually does what I expect it should do, and does not have extra bits doing things I do not want it to do. Like the changes Google does in their Chrome version of Chromium, for example. It’s much harder for me to trust any random Chromium fork than it would be a GPL licensed browser, because all Chromium forks can legally include changes without disclosing them openly, they don’t even have to let you know if the binary actually matches the code.
If, for example, MacOS / Microsoft Windows include a copy of OpenSSL with the OS, how can I be sure they are not adding their own sort of malicious spice into it? Can I trust that the keys generated with it will be truly secure? How can I audit it?
At least with the GPL there’s some level of legal accountability in that any change that is not openly shared would be illegal. But with MIT there are no legal barriers against malicious code, it’s totally legal for companies to force feed me totally legal changes that I wouldn’t want and/or that I might not even notice they are there.