[HN Gopher] I turned my open-source project into a full-time bus...
___________________________________________________________________
I turned my open-source project into a full-time business
Author : andris9
Score : 513 points
Date : 2024-02-27 10:16 UTC (12 hours ago)
(HTM) web link (docs.emailengine.app)
(TXT) w3m dump (docs.emailengine.app)
| RcouF1uZ4gsC wrote:
| > I re-designed the UI of the app to look more professional and
| implemented a license key system. From that moment if you wanted
| to use EmailEngine (the new name for IMAP API), you needed a
| license key that was only available for paying subscribers. I
| also changed the license from LGPL to a commercial license. The
| source code is still published publicly on GitHub. It is no
| longer open-source by definition but source-available. This
| change of license was only possible due to requiring outside
| committers to sign a CLA from the start.
|
| This is the key portion. The open source project was turned into
| a commercial source available library with a license key.
|
| I am glad this has worked well for the developer who now has a
| decent income for all the hard work put into this library.
| quaintdev wrote:
| So what prevents someone from bypassing the license check and
| run the version of application locally?
| m12k wrote:
| Probably fear that this is the kind of red flag that would
| show up in due diligence, and that having piracy as part of
| the foundation of the tech stack that you build your business
| on is not a worthwhile risk to take.
| evgpbfhnr wrote:
| Honesty? (haha)
|
| More seriously:
|
| - you get support by paying, this is important for many
| businesses - $1k/year is cheap
|
| - risk of getting sued if the word gets out you're using
| something against its license (and for network-facing code,
| I'd suspect it's easy enough to miss something)
|
| For me the advantage of source-available is you can always
| shortcut the support if there's a business critical problem
| and you can't wait for the author to wake up, so I think it's
| a great model.
| simmons wrote:
| I'm curious how much time a solo dev spends on support for
| a project like this. I can imagine some companies asking
| for a tremendous amount of support, or even trying to
| somehow get free consultation on adjacent concerns that
| aren't totally related to the product. Maybe it's just a
| matter of setting clear boundaries and limiting time?
| andris9 wrote:
| I do support once a day for about an hour. I do monitor
| notifications for support emails during the day to react
| faster for urgent issues but there rarely is anything
| urgent. I guess the self-hosting side keeps support
| demand lower - if you are already capable of installing
| and running that software you can probably figure most of
| your issues out yourself.
| andris9 wrote:
| Most EmailEngine's customers are small-ish SaaS providers
| (different kinds of niche CRMs, etc), and in their position,
| it is not really an option to spend time / risk breaking
| copyright protections. Instead, they pay the subscription fee
| and get into building email integration features for their
| service.
|
| TBH, I wouldn't dare to use such a model in the B2C market,
| though. Everyone would pirate it.
| RyanHamilton wrote:
| For niche applications, it's not that terrible. I've
| produced an SQL IDE for years with a license key that sold
| <=100 individual purchases per year. I've only spoken to
| one person I believed pirated it. I've now went the
| opposite direction and made it free.
| MattJ100 wrote:
| What led you to making it free?
| meigwilym wrote:
| Updates, support and no losing developer time to updates and
| support. Sub $1k is a bargain for something so integral.
| graemep wrote:
| > I am glad this has worked well for the developer who now has
| a decent income for all the hard work put into this library.
|
| it is also why people are reluctant to sign CLAs.
| KingMob wrote:
| It's a sad irony that CLAs essentially put the project owner
| in the exact same position as the unicorn that screwed them
| over, by screwing over those downstream who make
| contributions, if/when they monetize the project.
|
| I came across some Scheme/Racket/? library recently that
| attempts to quantify contribution levels and distribute any
| received funds fairly based on that. Unfortunately, I can't
| find it at the moment, but it was a cool idea.
| andris9 wrote:
| You mean I screwed over those 0.1% of commits in
| EmailEngine (because the other 0.1% is from the Github
| Actions bot writing the changelog)? Everything else is my
| own code.
|
| For over 14 years, I've been actively developing
| Nodemailer, a hugely popular project. There has been no CLA
| in place, and the main outside commits I get are typo fixes
| during Hacktoberfest. This is why I'm still the owner of
| 98% of the committed code in Nodemailer. Usually, if I do
| not fix or build something, no one else will either.
| komali2 wrote:
| > You mean I screwed over those 0.1% of commits in
| EmailEngine (because the other 0.1% is from the Github
| Actions bot writing the changelog)?
|
| I mean... yeah? Correct me if I'm wrong but you profited
| off their labor without compensating them, right? Why
| should the number of people you did that to make it less
| wrong? Obviously a corpo making bajillions of dollars
| without paying you sucks, but by sheer number of people
| negatively affected, it's still the same lol, in this
| case you're just the one with the bag, instead of a
| corporation.
| andris9 wrote:
| Well, I guess you're right in a way. While there are no
| meaningful outside commits in EmailEngine, there are
| _some_ commits, even if these have minimal impact, by
| people who do not get paid for it, while I do.
| komali2 wrote:
| I'm not judging you for this, btw. I find it _extremely_
| difficult to meaningfully measure in a dollar amount
| someone 's contribution to a FOSS project, once
| monetized. The whole thing is messy. Honestly in general
| I find it quite difficult to measure labor value at all,
| which is why I guess basically every corporation on earth
| just lets "the market" decide, but that feels too
| arbitrary to me, and "the market" doesn't seem real when
| it gets to arbitrarily pay someone differently based on
| whether their passport says "India" or "USA."
|
| I've been experimenting with just throwing my hands up
| and doing flat profit share, but we haven't really had an
| opportunity to really try this at scale (for a bunch of
| boring reasons), but I'm curious how it'll look. I don't
| think we'll have the crazy huge ratios you do on your
| FOSS though so I can see why that wouldn't be feasible
| for someone in your position.
| graemep wrote:
| I would not say that in your case, but the problem is
| that if a project has a CLA there could be a lot of
| commits from other people and then it would be screwing
| them over.
| soegaard wrote:
| https://www.youtube.com/watch?v=-xnppM6GG9Q
| sam_goody wrote:
| > I am glad this has worked well for the developer who now has
| a decent income for all the hard work put into this library.
|
| Isn't this a rug-pull?
|
| Open source project which others havecontributed to, and whose
| reputation was earned by nature of being open source.
|
| Than, after you have users, switch to proprietary. Sounds bad
| to me, but maybe I didn't fully understand?
|
| BTW, Apple used to have a thing with Darwin server where you
| could disable the license check legally, but only a hacker
| would do that. Companies still paid for the software. That
| sounds like a better solution, IMO - at least for those that
| are two small to pay but growing by the seat of their pants can
| still use and promote the software.
| MattJ100 wrote:
| The main reason CLAs exist is to facilitate this kind of "rug
| pull", so I think the lesson is to either accept that it will
| happen or never sign a CLA.
| 727564797069706 wrote:
| This is great stuff, thank you for sharing and congratulations!
|
| Looking to do something similar in terms of offering better, paid
| alternatives to the existing solutions out there in a source-
| available fashion.
|
| Anyone here experiencing trouble with tools you'd terribly want
| someone to improve?
| ponector wrote:
| We are struggling with TestRail. Barely usable expensive crap.
| Enterprise business love such things.
| evgpbfhnr wrote:
| For anyone else wondering about the license, it's standard
| signing with an ec (sect239k1) key
| https://github.com/postalsys/emailengine/blob/master/lib/too...
|
| So the author can just write whatever validity date/license
| details (apparently hostname etc), sign it and give that to their
| customers.
| daemin wrote:
| Could you elaborate on this, not necessarily the code itself,
| but about signing and "an ec". I'm new to this and will be
| wanting to provide licences for software in the future.
| scosman wrote:
| Ecliptic curve signing. You can produce a message body like
| "valid_until=2025-02-25" then sign it and distribute it as an
| api key that's body+sig. Client can verify signature using
| public key without a server call (sig validation).
|
| EC beats other signatures because signature is muuuuuch
| shorter, so it can still look like an API key.
| evgpbfhnr wrote:
| "an ec key" (elliptic curve) is just a detail, this can be
| done with any crypto library or utility - for example
| directly with the openssl command:
| https://stackoverflow.com/questions/15686821/generate-ec-
| key...
|
| embed the public part in your application and you can verify
| that something signed with the 'dgst' command and the private
| key really has been signed with the private key (which you
| obviously shouldn't publish)
|
| (Note if using plain commands there is more friendly than
| openssl, minify/signify are much harder to get wrong, but I'm
| not sure they're as easy to use programmatically in as many
| languages there are for libcrypto/sodium/etc; this is really
| just an example)
| semireg wrote:
| I use jwt for my app's licensing. It works great.
| victor106 wrote:
| Any resources you can provide that will help in
| understanding how this works?
| evrimoztamur wrote:
| Can't a user generate a fake license? Is there another layer of
| integrity checking, or can users simply patch in a fake
| checkLicense (which is apparently referred back to in four
| other spots in the code).
| notpushkin wrote:
| Well, you sure can patch it if you want :^) I think there
| isn't really a reason to add more than a simple license check
| though, as enterprise users are generally scared of using
| pirated software.
| slashdev wrote:
| Also keep in mind pirated software doesn't cost the author
| anything if the user wasn't going to buy it anyway. If a
| company is willing to risk all that effort and liability to
| crack and maintaining the patches across changes to avoid
| paying for your software, they were not likely to pay for
| it in the first place. Nothing lost.
| alex_suzuki wrote:
| This. Any licensing schema that protects locally running
| software can be circumvented by a reasonably crafty
| individual - but there is simply no overlap in the Venn
| diagram of Paying Customers /\ These Crafty Individuals.
| klabb3 wrote:
| Yeah, or more specifically a company might have the
| competence but will not waste their engineers time,
| because the reason they're using the service in the first
| place is to not have to focus on their core business. Not
| random accessories.
|
| A lot of time, circumventing a license check would be
| more work than - say - implementing sending email on
| their own. Depending on what the service is.
|
| Developers think they're selling fancy tech. Most often,
| what we're selling/providing is convenience - something
| boring that just works.
| psnehanshu wrote:
| So all I have to do is generate my own private-public key pair,
| replace the hardcoded public key in the code you linked, then
| generate a license key with my private key. But yeah, I don't
| know what should be the payload of the signature.
| throwaway11460 wrote:
| Add "face the angry company lawyers" to the todo list
| ThePhysicist wrote:
| Good for him! That's my experience with open-source software as
| well, if something is free, companies will almost never pay for
| it even if they get a ton of value out of it. On the other hand,
| if it's only a small amount e.g. 1,000 USD per year most
| companies let developers purchase that without much paperwork, so
| for these kind of tools such pricing is a sweetspot. If you go
| into enterprise sales territory things become way more complex
| and your sales cycles longer. For a solo founder that doesn't
| need to hyperscale this pricing scheme seems perfect.
| alex_suzuki wrote:
| Agree. Developers seriously underestimate the amount of
| paperwork and organizational gymnastics larger companies
| require to buy literally anything. They won't be not buying
| your product because it's too expensive, but because it's just
| too much of a hassle. At that point, price is less of a factor
| than some people think.
| haolez wrote:
| Does marketplaces like the one at AWS help with that? I can
| pay with my AWS billing account. Sounds like another type of
| sweet spot.
| playingalong wrote:
| In principle that should work great. In practice I don't
| think it's working. Not sure why.
| playingalong wrote:
| In principle that should work great. In practice I don't
| think it's working. Not sure why.
| Valien wrote:
| It can help for sure. Especially if a company has an EDP or
| PPA with Amazon.
|
| The process to become an ISV on AWS takes a bit of work
| though.
| StackRanker3000 wrote:
| Sorry, could you/someone please help with these acronyms?
| throwaway11460 wrote:
| Independent software vendor
| StackRanker3000 wrote:
| Thanks!
|
| After a quick search, EDP seems to stand for Enterprise
| Discount Program, and PPA means Private Pricing Addendum.
| eschneider wrote:
| This is a big reason why enterprise software pricing is the
| way it is.
| dzikimarian wrote:
| Also if it's $1000/year (or even better per version) flat and
| really useful it's actually kinda easy to get green light.
|
| If it's $5/user/month, with 3 plans, with add-ons and it's
| unclear how many people you have to on board (just devs?
| Maybe business too? Does security team need access?) it's
| much harder discussion as nobody knows final cost (apart from
| the fact that we're not gonna like it in the long run).
| HeyLaughingBoy wrote:
| One of the best versions I saw of this was for an IoT
| server product. Free for 10 devices or less. Flat fee of
| $1,000/month for 11+
|
| They made it very clear that they only really cared about
| enterprise customers.
| hyperthesis wrote:
| Next, I started to increase the pricing; 250EUR became 495EUR,
| then 695EUR and 795EUR, and finally 895EUR. To my surprise, it
| did not mean getting fewer customers. I guess any sub-$1k amount
| for businesses is peanuts, so the only thing these price
| increases changed was improving the revenue.
|
| Open sourcers identify with users, but businesses getting a ROI
| are unlike consumers.
| ergonaught wrote:
| > In any case, it changed years later when a startup using
| Nodemailer was acquired for half a billion dollars. I was
| financially not in a good place back then, and when I saw the
| news, I started to wonder - what did I get out of this?
|
| This is the root of most things like the BSL. You create an open
| source project or product, and companies with billions in
| quarterly revenue build the core of their business on your
| software, and meanwhile won't contribute to your ongoing
| viability (nevermind actual success) even in amounts that are
| entirely trivial for them. Toss the cloud providers into it now
| and it's even uglier.
| graemep wrote:
| I get that, but the author did not try something like the BSL,
| just went to a fairly typical proprietary license.
|
| Even the right open source license, such as the AGPL, would
| probably have worked well, with the proprietary license as an
| option (in the same way he tried LGPL + MIT).
| kijin wrote:
| Well, one of OP's initial mistakes was that he thought LGPL
| was anywhere near "copyleft." It isn't.
|
| For SaaS companies who just want to use the software on their
| backend and are not interested in redistributing it in any
| way, there's no realistic difference between LGPL and more
| permissive licenses like MIT and BSD.
| graemep wrote:
| It looks like I was wrong. From the code he did use the
| AGPL. I am confused as to why the article says LGPL. Typo?
| Tried both?
| le-mark wrote:
| I've been sitting on some code for about 15 years because it's
| the key to disrupting a couple of entrenched players and would
| enable cloud vendors to offer the functionality "as a service".
| No way I want Amazon/google/MS to run away with it.
|
| Edit down voters might ask themselves what is much older than
| 15 years that some companies pay a lot of money for?
| wcedmisten wrote:
| Why not release it as AGPL?
| hn_throwaway_99 wrote:
| > I've been sitting on some code for about 15 years because
| it's the key to disrupting a couple of entrenched players
|
| I have a difficult time believing that any piece of code that
| can be "sat on for 15 years" would disrupt anything. 15
| years, especially in tech, feels like a couple generations
| these days.
| goodpoint wrote:
| lol, no.
| abenga wrote:
| You're not running away with it either. You should just
| release it as a proprietary tool or SaaS if you think it will
| be useful for people.
| solumunus wrote:
| Pics or it didn't happen.
| corentin88 wrote:
| Which startup/company was bought that price?
| kerkeslager wrote:
| This is why copyleft is necessary, and also why large companies
| have spread a lot of anti-GPL propaganda.
|
| In a larger sense, we desperately need a societal shift in
| perspective from naively viewing companies as benevolent by
| default, to viewing companies as they actually are by default:
| they'll literally kill people if it's profitable.
| eleumik wrote:
| This they told me at first lesson of economics at university,
| 1989
| pydry wrote:
| Not just anti GPL but anti BSL/Elastic license too.
| immibis wrote:
| AGPL/proprietary dual licensed is a solution to this. Clients
| get two choices: give back as much as they take, or fuck you
| pay me. The former makes everyone happy, and the latter stops
| the developer making themselves homeless.
| rmbyrro wrote:
| Author tried it and didn't work. He presumes small
| businesses don't care about the potential risks associated
| with LGPL, and those were the majority of his most
| promising market.
| sokoloff wrote:
| The risk profile to a SaaS company from LGPL and AGPL
| licensed code are night and day.
|
| Even GPL is pretty low risk for a hosting company, but
| LGPL's risk is strictly lower.
| KingMob wrote:
| The LGPL, which the author tried, is not the AGPL, which
| might have been a larger roadblock to the freeriding
| unicorn.
| jonhohle wrote:
| Any company big enough to have a legal department will
| tell their devs to say away from LGPL, GPLv3, etc. If a
| dev is using that as promo for their commercial offering,
| it will probably just be ignored.
| sokoloff wrote:
| My company is big enough to have a legal department. (I'm
| the tech counterpart/coordinator with legal for open-
| source topics, whether its us open-sourcing code we work
| on, contributing to existing open-source, or consuming
| open-source.) We license under Apachev2, and we readily
| use LGPL & GPL v2/v3 with a quick review, and have very
| specific and much more thorough review processes for
| AGPL.
|
| I'm quite sure that I don't work for the only such
| company.
| tormeh wrote:
| And those small businesses were right. All the
| Apache/MIT-licensed software baffles me when LGPL for
| libraries and AGPL for applications seem clearly superior
| for promoting collaboration.
| immibis wrote:
| Big businesses convinced software developers they have
| the world's best intentions at heart, or at least, they
| are harmless and never need to be opposed.
| sokoloff wrote:
| > This is why copyleft is necessary
|
| How would copyleft* have prevented this?
|
| AGPL _might_ , but GPL (and therefore, copyleft) _doesn 't
| prevent_ the upthread outcome.
|
| * - GPL is the prototypical/original [as far as I know]
| widely-used example of a copyleft license and the startup
| using nodemailer could have done that just as well (and for
| free) if nodemailer was GPL-licensed.
| rmbyrro wrote:
| That's the nature of some humans. A corporation is not
| required to kill for profit.
|
| Doctors would kill for profit. Politicians would. The same
| for engineers, cookers. Any profession, activity or line of
| business really.
|
| That's human nature. But not all humans. Not even majority,
| I'd say certainly.
|
| The problem is that this small minority gets 99% of the news.
| Very rarely one hears when a CEO avoids a decision that could
| endanger someone. Or when a Doctor is honest and preserves
| the patient's health above all.
|
| It doesn't mean these good things aren't happening all the
| time. Look at your life and remember: how many people could
| have done harm to you for a profit? How many do you remember
| actually doing it?
| komali2 wrote:
| > A corporation is not required to kill for profit.
|
| Perhaps no, but a corporation has no compunctions about
| killing for profit. Let's take the direct approach, and
| list some that will take money and a target list, and make
| those people dead for you:
|
| https://en.wikipedia.org/wiki/List_of_private_military_cont
| r...
|
| Here's a list of companies in the USA who will sell you the
| tools you need to kill people at scale:
|
| https://en.wikipedia.org/wiki/List_of_United_States_defense
| _...
|
| But I think that's not exactly what we're talking about,
| we're talking more about how the corporate entity under
| this current system shields organizations of people from
| the deaths their decisions cause.
|
| GM knowingly let people die due to a defect in their
| vehicles that they were aware of:
| https://www.washingtonpost.com/business/economy/why-did-
| gm-t...
|
| PG&E was found culpable for the pipeline rupture that
| killed 8 people and destroyed 38 homes in San Bruno in
| 2010, because they ignored inspection data.
|
| An article came out a few weeks ago about how immigrant
| child laborers are being killed in shocking volumes in
| American factories https://www.theguardian.com/global-
| development/2024/feb/12/i...
|
| Here's a fun that goes through a bit of the history of
| corporations killing people directly (murdering trade
| unionists) and indirectly (tobacco companies suppressing
| research). https://jacobin.com/2020/01/corporations-profit-
| values-murde...
|
| There's something uniquely devilish about the corporation
| in our current legal and economic system.
| joelfried wrote:
| A corporation is a legal entity created on paper to allow
| people to do business more effectively.
|
| Corporations don't do anything, the people in them do.
|
| People working at GM didn't act to fix their vehicles and
| people died.
|
| People at PG&E chose not to perform actions based upon
| inspection data, and people died when their
| infrastructure failed.
|
| According to your Jacobin article, people at Coca Cola
| killed those trade unionists.
|
| How about let's not let the legal wrapper for people
| protect those who murder others?
| digging wrote:
| "Prosecuting individual actors" and "treating
| corporations as hostile entities" are not mutually
| exclusive; indeed I'd say we should all strive to do
| both.
| camgunz wrote:
| A major point of establishing a corporation is the
| liability shield it grants. Sometimes it doesn't work
| (google piercing the corporate veil) but, the whole idea
| is to grant indemnity to people within a corporation for
| the corporation's actions.
| kerkeslager wrote:
| I agree, people within corporations need to be held
| responsible for their actions.
|
| But a big part of why that isn't happening is that when
| people kill people from behind the shield of a
| corporation, we can't even get people to agree that
| _anything_ should be done about it, because "they were
| just following incentives". And any attempt to change the
| incentives is met with "but how can they do business if
| they're expected to comply with these onerous
| regulations" or "but that's socialism!". Instead, we're
| just supposed to trust that if it made money for a
| corporation it must have been good, because the invisible
| hand of the market would never allow it to be otherwise.
|
| Until we break the idea that corporations are good by
| default, it's going to be hard to persuade people that
| going after people within a corporation for their
| wrongdoing is a good idea.
| kerkeslager wrote:
| > A corporation is not required to kill for profit.
|
| _Some_ corporations aren 't in a situation where killing
| people is profitable.
|
| But _every_ corporation will come across situations where
| harming people is profitable, and if they don 't harm
| people in that situation, one of their competitors will.
|
| People like Yvonne Chounard who manage to avoid unethical
| practices AND create a profitable company are the
| exception, not the rule, and he was aware of that, which is
| why he went to great lengths creating an atypical corporate
| management structure to try to preserve the ethics of
| Patagonia in his absence.
|
| > Doctors would kill for profit. Politicians would. The
| same for engineers, cookers. Any profession, activity or
| line of business really.
|
| > That's human nature. But not all humans. Not even
| majority, I'd say certainly.
|
| You're fundamentally not understanding what I'm saying.
|
| It's not the doctors I'm worried about. Doctors have to
| look their patients in the eye usually.
|
| It's not the cooks I'm worried about, because they're
| generally poor, and don't have the means to avoid
| regulation.
|
| It's not the engineers I'm worried about, because they
| generally don't get paid more if their work kills people
| (with the exception of those in the manufacturing of
| weapons). In fact, it's often engineers that are the
| whistleblowers saying "we told them what was wrong and they
| did it anyway" when the decision is made to do something
| dangerous.
|
| And if you think the majority of politicians won't kill to
| keep power, please tell me what country you are in so I can
| move there. I can only think of a handful of elected
| politicians at the federal US level who _aren 't_ obvious
| de-facto murderers.
|
| The people I'm worried about the most are the C-level
| execs, board members, and majority shareholders: the kind
| of people who can put a numerical value on what it will
| cost to not kill people, and then justify it to themselves
| and never have to look their victims or their victims'
| families in the eye.
| leedrake5 wrote:
| Not billions, but I was in a similar position. What saved me
| was the GPL license on the open source code and hiring a lawyer
| that kept my ownership of any software I wrote (though at a
| reduced hourly for them) and patenting new ideas connected to
| the project. When it came time for the company to scale up, I
| couldn't have been in a better position.
| raffraffraff wrote:
| More galling than the company getting acquired for half a
| billion dollars is the fact that they never even said
| "thanks"...
|
| > I searched my mailbox for emails related to that company and
| found a single complaint about a feature. No pull requests, no
| donations, no nothing.
| satvikpendem wrote:
| Interesting, I actually was making a competitor to Email Engine
| but also open source, similar to Nylas, because I didn't like the
| latter's opaque pricing and I didn't like the former's self-
| hosting, I wanted it to be in the cloud.
|
| I even got a YC interview based on this idea for last summer's
| batch (rejected primarily for being a solo founder, they seem to
| like solo founders only if they had a previous exit), but
| ultimately I gave up on the project because I realized I didn't
| actually like the problem space, it seemed too boring for me
| after a while and I wanted to concentrate on building things I
| thought were interesting.
| carlossouza wrote:
| > The only regret I have is that I did not start selling my
| software earlier and only published free, open-source software.
|
| Well... better late than never. Congrats!
| j1elo wrote:
| Well, _Open source is NOT a business model (and your business
| will fail if you think that it is)_
|
| https://anonymoushash.vmbrasseur.com/2018/08/24/open-source-...
|
| Previous HN discussion:
| https://news.ycombinator.com/item?id=26602316
| jraph wrote:
| What should we take away from your comment?
|
| Sure, open source is not a business model, it defines a set of
| software programs that respect some rules: the OSD [1].
|
| But you can certainly have a business model around open source
| software.
|
| [1] https://opensource.org/osd
| Veuxdo wrote:
| Consider the OP's headline. They didn't even describe what
| their project was. All they said, all they think they needed
| to say, was that it is Open Source.
|
| And on HN, it's actually true. Open Source projects get lots
| of kudos here.
|
| The problem is, others may see what is essentially a
| marketing strategy aimed at a niche audience and conclude
| that Open Source is an essential, in fact they most
| essential, part of the business. Hence the need to remind
| people that Open Source is not a business model.
| jraph wrote:
| I consider at some point running my own open source
| business.
|
| It must be around an idea that will speak to me at the time
| if it ever happens, but the open source part is important
| to me for ethical reasons. I'm not interested in running a
| software business if it's not open source.
|
| And so I'm interested in reading others about their
| business experiences around open source. What is their
| actual project is important since it has consequences on
| how the business will be run, but the exact project won't
| matter too much to me as a reader and it does not really
| matter to me if it doesn't appear in the title, I will
| click.
|
| Now the headline is a bit disappointing since the article
| is really "How I didn't keep doing open source when I
| turned my project into a business".
| Veuxdo wrote:
| There's two valid, and opposing forces at play here:
|
| - Motivation is a precious resource. If you are more
| motivated to work in an Open Source software business,
| then this will prevent burnout.
|
| - You have to ask if you're playing to play, or playing
| to win [0]. If you're playing a game with self-imposed
| rules that exist only in your head, you put yourself at a
| huge disadvantage.
|
| [0] https://commoncog.com/playing-to-play-playing-to-win/
| Havoc wrote:
| What sort of billing platform do people use for this sort of
| stuff?
| andris9 wrote:
| I use a self-built web page (a simple Express.js app), that
| uses Stripe and Stripe's customer portal for the subscription
| management.
| alex_suzuki wrote:
| Paddle, Lemon Squeezy and Fastspring are popular choices for
| Merchants of Record. These are basically distributors that sell
| your software in their name and take on the liability of filing
| taxes correctly.
|
| Stripe for people who don't care about taxes or are large
| enough to have an accountant do it for them.
| Havoc wrote:
| Thanks for the detailed response. Didn't know the merchant of
| record thing exists. That's neat
| mogoh wrote:
| > How I turned my open-source project into a business
|
| > I also changed the license from LGPL to a commercial license.
|
| OK ...
| StevenXC wrote:
| They didn't make a business using an open source project; they
| turned their open source project into a monetized non open
| source project.
| zepolen wrote:
| That's not how that works:
|
| > Derivatives works (including modifications or anything
| statically linked to the library) can only be redistributed
| under LGPL
| jowea wrote:
| LGPL does not bind the author(s) of the software in this
| way. And since there was a CLA the other authors authorized
| the main dev to change the license.
| josebama wrote:
| Thank you! This is the piece of information I was
| missing. I kept wondering as I read the article whether
| that was a LGPL license breach. Thanks for clarifying
| throwaway11460 wrote:
| As the owner of the intellectual property you're the one
| licensing to others. License is a kind of contract.
| You're not under any license yourself, it's yours.
|
| If you accepted PRs without a contributor agreement
| transferring the ownership, you might be infringing on
| their IP (licensed to you and others).
| jacooper wrote:
| Did you read the article? He forced a CLA on every commit
| gramakri2 wrote:
| We still use andris9's mailtrain even though the project has long
| died. Thanks andris9 for so many of email related node.js
| projects! Invaluable.
| auggierose wrote:
| I like it, but I wonder: In a case like this, what is the point
| of offering a source-available license on GitHub at all?
| notpushkin wrote:
| Transparency and maybe an occasional PR from your users.
| auggierose wrote:
| But if they have the source code, they could just switch off
| the license key check, right?
|
| It seems to me he could just keep the license GPL then,
| wouldn't change a thing. The (small) businesses don't care
| about the license, but walk the path of least resistance.
| andris9 wrote:
| This was my initial business model and it did not really
| work. As soon as there was the license key requirement,
| previously free users opted to the paid subscription to get
| the license key and get the upgrades. In fact all the old
| and free releases are still available under AGPL license
| from Github.
| bachmeier wrote:
| I suspect the reason this model works is because it's
| easy to say "We need X to do our work. It costs Y euros."
| and the company pays for it without thinking. It's
| probably a much tougher sell to say "We need to pay for
| this even though we can get it for free." Even harder is
| "We use this product so we should make a donation." It
| was never a matter of them wanting to avoid paying.
|
| I see this all the time in universities. Underfunded open
| source projects won't get a $100 donation from a
| university using thousands of copies, but a company like
| Matlab can get massive payments just because that's the
| only way to get it. You have to figure out how to make it
| easy to justify paying for your software.
| brap wrote:
| >But if they have the source code, they could just switch
| off the license key check, right?
|
| That's basically piracy. Unlike individuals who pirate
| stuff all the time, for businesses there's a much greater
| risk for lawsuit which is usually not worth it, even for
| many smaller businesses. For a 1-2 person business that's
| not making any money, maybe they can get away with it. But
| they probably don't make a great customer anyway.
| slashdev wrote:
| It can help your user's answer questions about the software,
| debug issues involving the software, have transparency into
| security, etc.
| MangoCoffee wrote:
| >what is the point of offering a source-available license
|
| Long ago, I worked for a company that sold mortgage software.
| This is back when SOAP is all the rage. The software is not
| open source, but it is source-available, or rather, a law firm
| has the source code. My employer's customers are mostly banks
| or home builders that offer mortgage services. My employer is a
| very small one. Customers like banks want to know if you will
| stick around, if they buy into your software, and if you can't
| stick around. They need the source code.
| htsh wrote:
| As a longtime user of nodemailer, thank you.
|
| I am gonna check out emailengine for future work.
| rossy wrote:
| > _In any case, it changed years later when a startup using
| Nodemailer was acquired for half a billion dollars. I was
| financially not in a good place back then, and when I saw the
| news, I started to wonder - what did I get out of this?_
|
| This is really what you should expect when you work to improve
| the commons in the same world where there are entities that are
| hyper-optimized to make the most short-term profit out of
| anything they can exploit. Of course they're not going to give
| anything back. It could happen to any FOSS dev. It sucks, and
| it's definitely human to look at all the money they're making and
| feel like you deserve some of it. You do deserve it! Everyone
| deserves to make a living. But the world is still a better place
| with FOSS in it. It's a shame for this to happen to someone and
| for them to decide that improving the commons was a _mistake_ and
| instead they should have been making projects that FOSS orgs can
| 't use and individuals and small orgs are priced out of (but is
| still _" peanuts"_ for big businesses.) If you make best-in-class
| software that's FOSS, everyone benefits, and you can feel proud
| that individuals have access to the same resources as big corps
| because of what you've done.
|
| I'm also tentatively in favour of the idea of scaring away big
| corps with GPLv3 or AGPL licensed software.
| ZaoLahma wrote:
| This is just the thing - there needs to be a very clear reason
| for you to partake in FOSS, something that you want to gain
| from it that has a bigger value to you than the cost of
| allowing your time and effort to be used by others for free,
| and money can not be it.
| mnau wrote:
| Exactly, before you go to open source, take a hard look at
|
| * why I am doing that
|
| * plethora of burned-out maintainers and their posts
|
| * how I am going to deal with the issues/PRs, toxic
| entitlement
|
| * what's my exit strategy
|
| The first thing before you go into open source (provided it's
| actually used open source) is to answer these questions
| honestly for yourself. Because it's massive time sink with no
| money and *there will never be money* (unless you go open
| core or your employer pays you, in that case that's just a
| job just like any other).
| xiphias2 wrote:
| One important thing the author got from working on open
| source is free feedback (issues).
|
| I don't view people taking the time to open issues as
| entitled people, but people offering their free time
| providing invaluable feedback.
|
| Those issues are quite often different from what I expect,
| and they represent of how people are using the software.
|
| The only mistake the author did was waiting too much
| monetizing, not doing open source software in the first
| place.
| andris9 wrote:
| TBH, I get way better feedback from paying users than
| previously from free users. Free users like to tinker and
| think in terms of "what if," so they bring up all kinds
| of features the software should also have because it can
| or it would be cool. The paying users only need actual
| features that help their business case, and they do not
| care at all about these "what if" features.
| xiphias2 wrote:
| I see, do you think just _starting_ with payed product
| would have been better? (Or starting with a product +
| open source tools for marketing?)
|
| BTW good luck to scaling up to $60k / month, it will be
| fun
| andris9 wrote:
| I did not plan to make the project paid at first, I would
| have prefered the OS / Open Core model, but it did not
| work out. So what I meant about the feedback was that the
| feedback for a free product might not help much for a
| paid product and vice versa. Different target groups,
| different priorities. On the other hand, more users, no
| matter if free or paid, help to detect edge case bugs
| better as there is a higher chance of someone stumbling
| on it and reporting it. In this case the first larger
| wave of free users did help me, yes.
| goodpoint wrote:
| > I'm also tentatively in favour of the idea of scaring away
| big corps with GPLv3 or AGPL licensed software.
|
| GPL scares freeloaders.
| xrd wrote:
| I was curious about the automated CLA process. It is interesting
| to me to read the answer about not supporting GitLab:
|
| https://github.com/cla-assistant/cla-assistant/issues/534
|
| Very terse answer that says: As you noticed, this
| would mean a completely different line of code
|
| I believe the author is not a native speaker, and means to say
| that this would require different code for each platform. Sure,
| that must be true, but the GitLab and GitHub APIs are not that
| dissimilar.
|
| I felt like this was a very strange response to a legitimate
| question and it makes me feel like there must be something more
| there.
| fastasucan wrote:
| _Sure, that must be true, but the GitLab and GitHub APIs are
| not that dissimilar._
|
| Which they address in the later part of their answer which you
| leave out:
|
| _Surely most parts of the project could be reused, but this
| development would still mean a huge investment, which we can 't
| afford. Nevertheless all kinds of contribution are still
| welcome and we would try to provide our support as good as we
| can._
| xrd wrote:
| As you point out, I am assuming malicious intent and you have
| every right to assume the same of me! I should have put that
| other part in.
|
| It just didn't jibe with me and still feels like it is an
| easy and obvious upgrade.
|
| But, you are right, they did justify it, it seems like an
| overstatement to say it would be a huge investment. I should
| review the code myself to verify, but a statement like that
| the lazy programmer in me shy away from even doing that.
| hmillison wrote:
| I'd guess "huge investment" in this case is relative. The
| maintainer is not spending a ton of time building features
| for the CLA tool since it's mostly "done" and so investing
| more time to build support for Gitlab would require many
| more hours of development than they're probably dedicating
| right now.
|
| And i can imagine that maybe they didn't abstract
| communication with Github enough and would need to refactor
| the system to handle that as well.
|
| Generally, i think it's not totally reasonable to expect
| them to do more free work to support use cases that the
| maintainer does not need. Since it's open source, we're all
| welcome to contribute back.
| throwaway240227 wrote:
| A "Code Line" is SAP speak for "branch" or "port" in other
| software projects. (CLA Assistent is an SAP project.)
|
| See e.g. usage here https://community.sap.com/t5/technology-
| blogs-by-sap/one-cod...
| aglione wrote:
| Hey, I follow your project since I think 12 - 13 years and it has
| always inspired me to build something on it.
|
| At the end I didn't, but I'm really happy you found a way to live
| with it.
|
| Congratz!
| andris9 wrote:
| Thanks!
| sgu999 wrote:
| > I even went so far that when a founder of a major transactional
| email service sent me an email regarding Nodemailer and offered
| to make a donation to promote my efforts, I rejected it.
|
| To all of you around here who do FOSS, please reconsider this
| kind of attitude. The ones offering can be employees, and they
| had to argue your case.
|
| Just a couple weeks ago I asked a maintainer of one our Rust
| dependencies to give us a quote for fixing an issue. I had
| beforehand negotiated the deal with the CTO, it could have been
| anywhere up to $5k for roughly one day of work. No license
| involved, just money against some of their time to improve their
| open source code. To my dismay, they refused and did it "for
| free" while giving us a link for a donation.
|
| Guess what? The donation never came. It doesn't make sense for
| the ones who think in ROI, even less for the CFO behind them. Now
| I'm too ashamed to even show up on the issue board so we're all
| at a loss.
| pm215 wrote:
| One problem from the open source project side of things is that
| unless the project happens to be one where at least one regular
| contributor is a consultant who is already set up to do work-
| for-hire like that, it can be way too much hassle to deal with
| a single one-off $5K, let alone smaller amounts. There's a big
| chasm of "this isn't worth it administratively" before you get
| to "there is enough money coming in from this kind of thing
| that somebody could make it their job" (for instance for a
| developer who already has a full time job, doing work for money
| probably requires them to go through a lot of hassle clearing
| it with their employer). Some projects don't even have a setup
| where they could do anything useful with a donation.
| packetlost wrote:
| Yeah, there is a lot of hassle in some cases, it's really
| quite unfortunate that the laws don't protect individuals
| that want to do side work.
| Propelloni wrote:
| This must be a non-EU thing. Sometimes I'm amazed how much
| western democracies and esp. the EU have achieved in
| protecting the employee from their employer. It all seems
| so natural that I tend to forget how much the social
| democrats and worker unions struggled to get to this point.
| permanent wrote:
| EU is very large. If I were to believe your posts,
| Germany has achieved good protection of employees from
| their employers. Simply not true in ... many non-Germany
| EU countries.
| vladvasiliu wrote:
| I'm not sure I understand how your point relates to
| getting paid for side work as somebody who doesn't do
| that regularly.
|
| For example, here in France, there's no such thing as
| "freelance". As an individual, you can't just invoice
| somebody. You need to set up some form of "enterprise".
| Sure, there are some forms which are supposed to be
| easier to set up, but you still have to go out of your
| way and do it. You can't just declare the income on your
| tax return. And now that you've created a company, you
| need to file tax returns every year, even if you don't do
| anything. It's also not free, an actual accountant has to
| sign them off (this may not be the case for the smallest
| forms of companies). Sending your taxes to the fiscal
| administration is also not free (fun fact: VAT is levied
| on that fee).
| sgu999 wrote:
| IANAL but that's not entirely true. As long as it's
| exceptional, it's legal to earn money without having a
| company in France. It's the "revenu commerciaux non
| professionnels" box on your tax form.
|
| As for being an "auto entrepreneur" (equivalent of a sole
| trader), you don't need an accountant at all and the
| paperwork is rather small. Definitely worth it as it
| means you have some recurring revenue already.
| vladvasiliu wrote:
| According to the taxman's website [0] you need to be a
| "liberal enterprise". Not sure what exactly that means,
| but I'd be surprised there's no form of bureaucracy
| involved. I think you need to have at least a "micro
| enterprise".
|
| > As for being an "auto entrepreneur" (equivalent of a
| sole trader), you don't need an accountant at all and the
| paperwork is rather small. Definitely worth it as it
| means you have some recurring revenue already.
|
| Good to know, especially since, IIRC, they've removed the
| special social security you had to have for that kind of
| company.
|
| [0] https://www.economie.gouv.fr/entreprises/impot-sur-
| revenu-bi...
| sgu999 wrote:
| > According to the taxman's website [0] you need to be a
| "liberal enterprise". Not sure what exactly that means,
| but I'd be surprised there's no form of bureaucracy
| involved. I think you need to have at least a "micro
| enterprise".
|
| We are not referring to the same thing, I think. You're
| looking at the tax for corporates when I'm looking at
| individuals [0]. The key seems to be that it's has to be
| exceptional and not regular. I'd still double-check on a
| case by case basis with the tax bureau before going
| ahead, but I've found them to be helpful in the past.
|
| It does make sense for niches like these to exist,
| otherwise you'd end up having to setup a legal entity
| before being on the receiving end of a transaction as an
| individual.
|
| [0] https://www.impots.gouv.fr/sites/default/files/media/
| 1_metie...
| giovannibonetti wrote:
| For those of us that are used to working as contractors that
| isn't an issue, as we already have accountants and are used
| to making invoices every month. But I understand it can be
| daunting if you don't have all of that in place, yet.
| MrDarcy wrote:
| An accountant isn't necessary for something like this,
| plans like Zoho books free or harvest take care of the same
| things an accountant would take care of.
| dboreham wrote:
| Parent said "accountant AND...". You need the accountant
| to provide advice so you don't do illegal things or run
| afoul of tax authorities, not to generate an invoice.
| vladvasiliu wrote:
| This.
|
| Aren't there subtleties, for example, when doing inter-
| state commerce (assuming the two parties are both US-
| based)? In the EU, VAT isn't charged the same way if you
| invoice an entity based in your country or one based
| outside of it.
| sgu999 wrote:
| Yes I understand that but if you can accept donations, you
| can surely hack together a quote and state that the payment
| will go through your donation platform. In most country I
| believe you don't have anything to do at all bellow a certain
| threshold.
|
| It's just a matter of not offering to work for free to a
| corporation that really doesn't need your generosity.
| sdenton4 wrote:
| And sometimes a side project doesn't want to be a side
| hustle; dealing with payments and tax implications is time
| not being spent on the core project. It's an individual
| choice as to whether the time cost of accepting payment is
| worth it.
| Propelloni wrote:
| From my point of view there are two misconceptions in your
| post. 1) you need to be set up to work-for-hire to write an
| invoice. 2) you need to get clearance from their employer for
| things outside work hours.
|
| ad 1) No, you don't need to. At least in Germany anybody
| who's legally competent can write invoices. If the invoices
| are secondary income, you will be taxed heavily (and declare
| it you must), but that's it. It has been some time since I
| last lived and worked in the USA, but I mean to recall that
| it was basically the same. Of course, invoiced money is your
| money now and you need to donate it to the FOSS project,
| which then needs some kind of treasury. But you said as much
| already.
|
| ad 2) No, you don't need to. Your employer is your employer,
| not your owner. Now I don't know about the USA today (see
| above) but in European countries what you do outside working
| hours is your private affair -- discounting a few, very
| specific fringe cases. If you play soccer, dabble in
| explosives, or code for money doesn't matter. And frankly,
| your typical employer in most cases does not care anyway.
| permanent wrote:
| 1) That may be allowed in Germany. Definitely not in Poland
| and many other countries.
|
| 2) In my experience, not true. Most often an employee needs
| to get a pre-approval that often take too long. As a full
| time developer, there's difference between playing soccer
| and developing software.
| COM2323 wrote:
| In my country a lot of people in IT are contractors (not
| employees) and sometimes these contracts are wild (like not
| working on anything else during that time and stuff like
| that).
| jen20 wrote:
| That kind of clause doesn't fly in either the UK or US,
| since it is disguised employment. The definition of a
| contractor is someone who sets their own rate and hours,
| and works under their own direction.
| ensignavenger wrote:
| Unless one is setup as a nonprofit, in the US, there is very
| little difference between recieving 5000 from a donation link
| and recieving 5000 as a payment on an invoice. It is all
| taxed the same.
|
| Some projects might not be setup for either, but it sounded
| to me like the above poster was dealing with some one who was
| willing to accept it as a donation, and it would likely have
| been trivial to send an invoice for 5000.
| gryn wrote:
| Not all open source devs are from the USA and in a lot of
| place outside it say the EU it can be quite the hassle. If
| you do it wrong it can very well be more than 5k worth of
| effort to fix it. When the taxman comes out 2 years later
| with a fine saying you didn't do X or Y.
| mrighele wrote:
| In those countries the taxman will come out anyway
| because it will say that it was not a donation and you
| are trying to avoid paying taxes. It would be better to
| speak with an accountant beforehand in either case
| gryn wrote:
| it not about avoiding paying them (you will anyway unless
| you're in very narrow class of orgs) its about being in
| the wrong legal structure and getting stuck in
| administrative hell because you don't fit in their tidy
| little classification boxes.
| planb wrote:
| I remember the first time I sold code to a company for low 4
| figure amount. The hassle of registering for a VAT-Id (in
| Germany) and writing an invoice wasn't the problem. I was
| afraid that there were any liabilities or other ,,rules" I
| simply didn't know about like ,,what if something breaks and
| they sue me, because I didn't include a specific line of
| legalese in the contract?".
| mgbmtl wrote:
| This may be terrible advice, but as a freelancer, getting
| sued by a company will cost them a minimum of $20k in legal
| fees just to get started. Unless you really messed up in
| bad faith, I would assume that most people will attempt to
| resolve things amicably.
| yogorenapan wrote:
| Crypto (as bad as it is) is a good way to take money. You can
| easily send and receive large amounts without worrying about
| laws and taxes. Might be unethical or illegal but _just don't
| get caught_
| giancarlostoro wrote:
| You can also run into the opposite problem, where they
| license a commercial version of a dependency, and instead of
| paying ten grand or whatever, they pay a senior (way over six
| figures) to re-implement the same functionality, which wont
| be maintained anywhere as well, and it takes them over a year
| to reach parity. Totally never happened anywhere I worked.
|
| It astounds me that companies would rather waste hundreds of
| thousands of dollars instead of just throwing a few thousand
| that will benefit them in the long haul.
|
| I genuinely believe more companies should adopt a policy of
| just letting devs work half a day on fridays on whatever they
| want, whether it be technical debt, or even open source
| projects the company depends on. Maybe that would be more
| feasible, but even then lots of places would still not
| understand the value.
| lobocinza wrote:
| It's not companies but people. I experienced both ends of
| the spectrum in the same company.
| giancarlostoro wrote:
| In my particular case it was one person vs a team of
| managers and directors who refused to "waste" thousands,
| but kept a senior engineer working on a foolish waste of
| time and resources, there were so many other things this
| engineer could have worked on instead.
| Brajeshwar wrote:
| I believe it has more to do with accounting discrepancies.
| Unless the company already has a set process for
| donating/payments to Open Source Projects, it is a whole
| process to get that type of payment set up, approved, and paid.
| Corporates need to answer the what, why, who was/were the
| payments for. For bigger companies, a non-standard category of
| $5,000 would be more of an irritation to deal with.
| amelius wrote:
| I believe it has more to do with the feeling of "we are in
| charge of our code", so they don't let anyone pay for any
| changes/fixes in the code and there can't be any entitlement
| to more bugfixes should anything break. Donations don't have
| that moral obligation.
| stronglikedan wrote:
| You tried to do it your way, and they did it their way. Nothing
| to be ashamed about. But maybe don't always expect things to be
| done your way, since you make yourself uncomfortable when it
| doesn't happen.
| Capricorn2481 wrote:
| Sounds like pure moral hair-splitting. If they didn't want
| money, cool. But if they were expecting money but needed it
| to be via a donation for some moral reason, then I'd wager
| they read too much "itsfoss"
| VeninVidiaVicii wrote:
| Make a donation now, then open an issue.
|
| If it's an ROI problem, the return is getting the issue
| resolved.
| sgu999 wrote:
| I'm not deciding what the company can spend on, that's the
| point. That person isn't doing me a favour, they are doing a
| favour to a company.
| VeninVidiaVicii wrote:
| Sounds like you aren't trying to get the new issue
| resolved.
| kijin wrote:
| Once upon a time, I ran an open source project that accepted
| both donations and paid subscriptions, with similar benefits
| offered for both (larger quotas on the hosted service). A small
| amount of donations trickled in from time to time, usually from
| individuals. But most companies, both corporations and sole
| proprietors, chose the paid subscription. Even at a higher
| cost. After a while, I scrapped the donation option entirely. I
| own a business, not a charity, after all.
|
| Lesson: Unless you're registered as a 501(c), or an
| organization with similar status in your jurisdiction, don't
| even think of accepting "donations" from anyone who retains an
| accountant. It just doesn't work that way, open source or not.
| didgetmaster wrote:
| It's not just open source projects. I have a project that I am
| considering converting to open source but have not done that
| yet so it is still proprietary. It reached a point where it was
| ready for beta test so I created an open beta. It attracted a
| few customers and one wanted to buy a license. I thought a
| yearly license of $250 sounded fair and they agreed to pay it.
| But then I got to thinking about all the hassle to keep track
| of that and file taxes. It's just not worth it for just a few
| customers.
|
| I told them to continue using it for free until it can attract
| at least 100 customers. Then it might be worth the hassle.
| halostatue wrote:
| Some of us simply do not want the hassle of being paid for our
| efforts. We aren't working as contractors, and the meta-effort
| is far too high for any benefit.
|
| This is one of the reasons I have never set up sponsorships on
| any of my GitHub accounts (my taxes are complicated enough).
| bbsz wrote:
| I always wondered if an oss-bid-for-pr marketplace has a point.
| Even repo owners could be in the loop - either taking up the
| offer, leaving it for others and just resorting to accepting
| the PR or straight up refusing the change (equivalent of
| closing a PR).
|
| In a way it feels against "the spirit", but maybe it's exactly
| the same way of thinking you're pointing out.
| komali2 wrote:
| I've always felt like FOSS as a philosophy has been tangled up in
| trying to participate effectively in capitalism, when that was
| never really the point, nor really very possible unless you're
| lucky, nor really worth it. The origin of FOSS as I understand it
| from reading books like "Hackers" is from people that were mad
| that access was being restricted to systems and code from people
| that really wanted to use these systems and code, and hack them,
| and learn from them. I recall that one of the things Stallman
| likes to brag about from that time is not related to FOSS at all,
| but instead successfully decrypting a bunch of passwords,
| emailing the decrypted passwords to people, and recommending they
| instead set the password to an empty string instead. It was about
| keeping access to the system Free as in Beer.
|
| I suppose some have argued that FOSS represents a Public Commons
| in the way that fields and wells and physical marketplaces used
| to, but none of those things survived capitalism, so I don't see
| why a technological commons should be expected to either.
|
| For me I've been thinking lately that perhaps those interested in
| FOSS should instead consider how we can use FOSS to detach
| ourselves from needing to participate in global capitalism at
| all. Is there FOSS technology we can use to liberate people from
| things they need to spend money on right now? An example could be
| the Global Village Construction Set:
| https://www.opensourceecology.org/gvcs/ a set of open source
| designs for things like hydraulic motors or microcombines or
| steam engines that you can build on your own, usually not for
| cheap, but for far, far cheaper than you could buy from John
| Deere. Here's another cool project, some guy has just been
| building things like solar panels and basic circuit boards on his
| property from very base components for years:
| https://simplifier.neocities.org/
|
| Some other FOSS liberation examples:
|
| Combining a tool like Jellyfin with Sonarr, Radarr, and etc, can
| liberate people from their 5 different media subscriptions. Or at
| least they can still buy DVDs and put them on Jellyfin to have
| the convenience of streaming with the media library of their own
| choosing.
|
| Deploying Matrix or another FOSS communication tool can let
| organizations have enterprise-level communication software
| without paying HUGE seat-based license fees to corporations like
| Slack.
|
| In fact there's many ways to liberate yourself from paid SaaS in
| this list: https://github.com/awesome-selfhosted/awesome-
| selfhosted at my co-op we self-host and deploy all our services
| for this reason, it saves us a TON of money.
|
| I don't have many other examples to mind because this is
| something I'm actively still researching. Friends in Venezuela
| though especially tell me how FOSS technology can liberate in
| ways I wouldn't expect here with my 64gb RAM machine with the
| latest processor, that I can easily replace components on on a
| whim. Such as how they can keep all their broken down machines
| pieced together from junkyards running pretty ok on various linux
| distros, and how they can sell creative work using free tools
| like gimp (no, really) or darktable. Like as not they'll just
| pirate software, though, but apparently FOSS often runs better on
| shitty hardware.
|
| Anyway my long term plan is to find or build more and more things
| that let people just not spend money on things anymore. That
| could be by making it easier to not have to throw things away
| anymore, or building tools to replace proprietary ones, or, idk,
| other ways I haven't thought of.
| andrewmcwatters wrote:
| I'm convinced that the MIT license and other public domain-like
| licenses are the worst licenses to actually use if you're not a
| FOSS ideologue. So, most people. It works against your own
| interests in just a subtle enough way that also works against the
| interests of those who use your software.
|
| At a bare minimum, you should probably at least use the GNU
| General Public License version 2.
| kijin wrote:
| Exactly. Everything I've released over the last several years
| is GPLv2 or higher. If you don't like that, don't worry, I
| won't tell you to fuck off or give you a lecture on free
| software. You just need to pay me. Business is business. :)
| andrewmcwatters wrote:
| Yeah, I stopped using the MIT license moving forward some
| time ago. There's no benefit whatsoever to the author, and
| there are perfectly permissible licenses that one can still
| use without allowing others to walk all over you.
| mvkel wrote:
| I like this story.
|
| Shipping OSS is a donation of one's time, money, and expertise.
| Volunteering is a rewarding way to participate in a community.
|
| Usually in any community, you meet someone who opens a door to an
| opportunity that you never would have found otherwise.
| zakariassoul wrote:
| Love the story. I am curious on how your initial customers
| reacted to you increasing the prices?
| andris9 wrote:
| I locked prices for existing customers. So someone who signed
| up 2 years ago is still paying 250EUR per year, while customers
| signing up today will pay 895EUR per year.
| zoogeny wrote:
| I think a key takeaway from this story is that the author started
| getting subscriptions once he caused the software to stop working
| without a license.
|
| > If you did not provide a valid license key 15 minutes after the
| application started, the app just stopped working.
|
| IMO, all of the shenanigans with license changes (MIT/LGPL/etc)
| are nothing to most users. On HN we are sensitive to these
| nuances . But in the "real world" of corporate worker bees just
| trying to get stuff done I doubt it even registers.
|
| More likely what happens is someone searches for a solution to a
| problem, installs it and sees if it works and then moves on with
| their day. Except they can't move on if the software stops
| working after 15 minutes. Clearly it is doing what they need, so
| now they need to unblock themselves.
|
| We might assume they'll read the code, find the license check and
| remove it. And I bet some percentage do exactly that. But some
| percentage of users would rather swipe a credit card for $X
| instead.
| logtempo wrote:
| would've been fun to see if putting the 15min restriction with
| a hidden option in the code or similar to remove it would've
| lead to the same result.
|
| I'm sure many people would've paid because the free version was
| not advertised.
| theturtletalks wrote:
| Isn't this what WinRAR did back in the days? It would be a 7
| day trial and then asked you to pay, but the trial never
| expired.
| accrual wrote:
| I switched to 7-Zip and never looked back, but some cool
| kids did buy a WinRAR license (e.g. LGR on YouTube).
| xp84 wrote:
| I used a keygen when I was a cool kid, but as a cool
| adult I finally bought a license (at roughly age 35)
| strictnein wrote:
| Same. Bought a key 5-10 years ago just as a "thank you"
| for all the pirating of it that I did.
| qup wrote:
| How many times can you pirate software that you only have
| to buy once?
| theturtletalks wrote:
| Maybe he started fresh with Windows Vista/7 and needed to
| pirate it again. Or he had a laptop and desktop so
| pirated for both.
| bityard wrote:
| I don't have a problem with commercial software, and I don't
| have a problem with open source software, but I do have a
| problem with developers releasing their code as open source,
| building a community while banging on the open source drum and
| then doing a rug-pull by taking the software commercial once
| they decided they have captured a big enough audience to
| extract money from it.
|
| All I'm asking is, if you want to eventually make money on your
| project, at least be up front about it in the beginning so that
| your users can make an informed decision when they decide
| whether to bake it into their stack.
|
| The rug-pull approach is always a much worse look in the end.
| kiba wrote:
| You mean making the software _proprietary_. The definition of
| open source itself is neutral on whether it 's a commercial
| effort or not, or whether it's a community effort or not, or
| whether it's both community and a commercial effort.
| joveian wrote:
| There is a difference between a commercial effort and
| calling something commercial software, which often
| (usually?) refers to licensed per use (often per installed
| system) software. Open source must be freely
| redistributable, which means it can't have a per use
| license.
|
| I think the main issue is the name. If a project is made
| more commercial or proprietary than it was before, please
| change the name (or additionally use a different name for
| the commercial/proprietary part, which seems to be common
| practice even when starting a project as partly open
| source). A clean break between different maintainers
| (particularly when a mostly single person effort) is a good
| reason to change the name too. Naming things is hard and it
| doesn't necessarily need to be all that different a name
| just something to reflect the change.
| andris9 wrote:
| You can't take the entire software commercial, as everything
| previously released under the open-source license will stay
| under that license. In the case of EmailEngine, all versions
| ever released under the AGPL license are still in Github; you
| can fork and use these freely. It is only the path forward
| that gets closed when going commercial - users can start
| paying, can stay indefinitely on the already released free
| versions, or can take the initiative and fork the project.
| StimDeck wrote:
| Simple. Open source doesn't mean "free code for life". Most
| people try to turn their time into money. Besides, any one
| of us could fork the project, compile binaries with a novel
| license check and charge for them. Why not the person who
| actually added value?
| cuu508 wrote:
| > at least be up front about it in the beginning
|
| Treat CLA as that: an upfront statement that the author may
| and probably will change the license in the future.
| jowea wrote:
| I don't think it counts as a rug pull if you're free to grab
| the last open version. Why should they continue updating the
| software?
| j1elo wrote:
| I think like you. But also, one does not necessarily know
| beforehand that they will want to make money.
|
| Like a project could be born out of pure generosity, but
| after the happy initial phase the project might get too heavy
| on the maintenance requirements, causing the author to
| approach burnout, and possibly deciding that they want to
| make money to continue pulling the cart forward.
|
| However, here's something I do think: if you create something
| as Open Source, it should be out of a mentality of goodwill
| and for the greater good, regardless of how it ends up being
| used. OSS licenses do mean this with their terms. If you
| later get tired or burned out, you should just retire and
| allow the community to keep taking care of it. Just like it
| happened with the Jq tool [1].
|
| [1]: https://github.com/jqlang/jq/releases/tag/jq-1.7
| Vegenoid wrote:
| If there is a community that is interested in taking care
| of it, can they not fork it? It seems better for the
| primary maintainer to continue working on it if people are
| willing to pay for it, than to stop working on it entirely.
| gwbas1c wrote:
| As many other respondents mentioned, the old version is still
| there.
|
| But, as TFA states:
|
| > I guess any sub-$1k amount for businesses is peanuts, so
| the only thing these price increases changed was improving
| the revenue.
|
| Businesses _spend money to solve problems._ $1k is a lot of
| money for a consumer product, but for a business product, $1k
| when something is business critical and handles high volume
| is significantly cheaper than hiring a person or contractor
| to solve the problem.
|
| Furthermore, the benefit goes both ways, as Reinman now
| supports the product full-time. The business customers are
| now working with a product that has full-time support,
| instead of hobbyist support.
| alex_lav wrote:
| This is toxic though. People shouldn't have to be able to
| predict the future should they? And if the opportunity to
| escape being a wage slave presents itself by simply changing
| an approach, should a person not take it just because
| potentially years prior they didn't intend to?
|
| A person changed their mind. That is okay.
| pizza234 wrote:
| The implication here is that once an open source project is
| widespread enough, the maintainers are morally forced to
| provide development and support for free. This obviously
| doesn't make any sense.
|
| In real world, when maintainers change the license, if a
| software is widespread enough, a fork is created, and at
| least part of the community moves to it.
| aseipp wrote:
| > All I'm asking is, if you want to eventually make money on
| your project, at least be up front about it in the beginning
| so that your users can make an informed decision when they
| decide whether to bake it into their stack.
|
| That isn't how it works in practice, I think.
|
| If you have already decided from the start to make money on
| your FOSS project, you're going to need a plan more evolved
| and refined than "push to GitHub and sort out the details
| later", otherwise you've already failed. Many people will
| even decide to just not do open source, for that reason.
|
| If you're not planning on making money, that might change
| later when you realize that the only value you get from
| million-dollar corporations making heaps of money off your
| work is some bug reports and requests to do more in your off
| time. Alternatively, you might decide you _enjoy the work_
| and want to make a living off it. Neither of these are bad,
| per se. Also, nobody signs a contract stating they 're going
| to work for free forever, so you're going to have to live
| with that.
|
| The reality is that most of the people who derive great value
| from open source and free software just want it for free; the
| labor and economics can and must be sorted out by someone
| else, preferably at absolute zero cost to them. For many
| purposes, it's no different of a relationship than the one
| between a random underpaid restaurant server and random
| demanding customer.
|
| When you say "users can [then] make an informed decision [on
| your monetized project]", I assume the informed decision
| you're referring to is "I'll never pay money," because that's
| what it is about 99% of the time.
| GMoromisato wrote:
| The following is controversial and ill-thought-out, so feel free
| to flame (I gotta learn somehow!)
|
| Nobody does things for free. We do things because we gain either
| money or status or pleasure. If you want someone to work for you,
| and you don't want to pay them money, you have to give them
| either status or pleasure.
|
| One example of getting people to do things for pleasure is ad-
| supported social media sites. They are giving people pleasure
| (modulo engagement psychology) and getting their attention on ads
| for free.
|
| But let's focus on getting people to do things for status. PhDs
| are a classic example: if you get a PhD and stay in Academia,
| your salary is tiny relative to industry. But there is a promise
| of status ("you're on the frontier of knowledge!"; "people call
| you 'doctor'!"). The few principal investigators that get the
| giant grants are successful only because they rely on an army of
| underpaid experts.
|
| Which means there is an incentive--even if unconscious--to
| convince people that status is worth the lower salaries. The
| fights for being first-author, or publishing in a top-tier
| journal, or even insisting on being called "Doctor" are all
| competitions for status, because that's what you're getting paid
| instead of money.
|
| Open Source is the same way. Arguments about purity ("is that
| really an OSS license") and self-sacrifice ("I won't accept money
| from corporations") are all evidence that people are earning
| status instead of money.
|
| By itself, this is not a bad thing (in either OSS or Academia).
| People should be free to choose how to sell their time. The
| problem is that those who benefit from the work-for-status
| arrangement (large corporations, large universities, and their
| leaders) are incented to use dark patterns to preserve that
| arrangement.
|
| We're sensitive to social media sites using dark patterns to
| manipulate people into trading work (or money) for pleasure. We
| should be equally sensitive to how open-source culture can (even
| unintentionally) drive people to be underpaid.
| mundanevoice wrote:
| Life is too short to give stuff away for free. Monetize wherever
| possible. Almost everyone who gives away useful software for free
| burns out and stops doing it.
| sh79 wrote:
| The title is misleading. The author changed their open source
| project into a commercial product with source available. It's not
| a business built around an open source project as the title
| implies, it's a license switch.
___________________________________________________________________
(page generated 2024-02-27 23:00 UTC)