Open Source is for you, yes. But it’s also for unknown others.
Being close to an open source project, it’s easy to imagine that everyone sees the project the way you and your fellow community members do. This especially applies to the corporate sponsors of a single-company project; anticipating use by competitors they often want to apply controls to who can use the code.
A core objective of software freedom is to ensure that the code can be used not only by your collaborators, but also by unknown others with undisclosed goals. All OSI-approved licenses ensure everyone is permitted to use software for any purpose without further permission, delivering this core objective.
Random code liberation leading to unexpected application (AKA “innovation”) has always been and will remain a hallmark of open source. Borrowing portions of great code — from elegantly executed algorithms to useful libraries to entire components — is an intended mode of exercise for software freedom and not an artefact. Leaving it available is essential.
The same provisions that allow code reuse also enable the crucial pressure-release valve of open source; the fork. The ability to take the code and do something the original author or the current community don’t want is an essential freedom, not an unwanted side effect. Indeed, it is the origin of many of the most significant moments in open source.
It was a fork that rescued OpenOffice.org from corporate neglect, giving us LibreOffice. A fork allowed ForgeRock to rescue Sun’s identity management software from abandonment, thus saving huge investments in its deployment and creating a highly valued “unicorn” startup in the process. The MariaDB fork is keeping the MySQL project focussed on community rather than just the commercial goals of a megacorporation. Even the Firefox browser was a kind of fork from Mozilla, albeit a strategic one.
Making open source code freely available to unknown others is thus axial and not tangential to open source. That’s why I get extremely concerned by anything that wants to be seen as “open source” but still tries to lock out the outsiders, the rebels and the aliens. Attempts to do this range from the crude — like using a “time-locked” license that only becomes open source after a significant delay for “monetisation” — to more subtle approaches like requiring an account to access the source repository and then only allowing paying customers to easily have an account.
The code may be under an open source license, but software freedom is not present if accessing or using it requires being or knowing an insider. None of this is theoretical; indeed, Forgerock and MariaDB are themselves playing these games despite their origin story being rooted in software freedom.
So remain sceptical when software freedom is abridged or diminished in pursuit of a business model or of “safety”. Whatever that’s called, it’s not open source.
(A version of this appeared in the Linux Voice section of Linux (Pro) Magazine 207)