[HN Gopher] Show HN: A source-available billing system I've spen...
___________________________________________________________________
Show HN: A source-available billing system I've spent 18 months
building
Author : that_guy_iain
Score : 198 points
Date : 2024-07-22 08:22 UTC (14 hours ago)
(HTM) web link (billabear.com)
(TXT) w3m dump (billabear.com)
| lionkor wrote:
| Cool license [0]!
|
| [0]: https://github.com/billabear/billabear/blob/main/LICENSE.md
| notpushkin wrote:
| From what I see it's basically BSL (and BSL _was_ used until 4
| months ago). It 's neat that the new license is using "plain
| English" language, but were there any specific problems with
| BSL that prompted this change?
| hnbad wrote:
| The short answer is that FSL was designed as an evolution of
| BSL that doesn't allow for as much variance in what the
| license means in practice, i.e. it got rid of the "additional
| grants" and mandates a shorter, fixed expiration date.
|
| As I understand it, nothing FSL does couldn't be expressed in
| a modified BSL but having it as its own license makes it less
| ambiguous by not allowing for much variation beyond which
| specific license it converts to upon expiration.
| ezekg wrote:
| To add: the problem with the BUSL was that every variation
| of the BUSL was effectively its own license. The FSL reins
| that in so that a company's legal department could approve
| FSL full-scale, allowing all FSL projects to be used. The
| same full-scale approval could never happen for the BUSL
| due to the variances.
| fasteo wrote:
| https://fsl.software/
| forkerenok wrote:
| Thanks for sharing! Got an answer to my question about
| updates there in the FAQ:
|
| > How exactly does the two years work?
|
| > The two year timeframe applies to each software version
| that is made available. Methods of making software available
| include pushing a Git commit, publishing a package to a
| repository, or mailing out a CD in a tin. For example, one
| could clone a repo, run git checkout `git rev-list -n 1
| --before="2 years ago" master`, and--if LICENSE.md is FSL--
| use that version under MIT or Apache 2.0.
| phkahler wrote:
| So the key is to download the source for each version you
| use and record the date and the current license text. Also,
| use the oldest version you're comfortable with since it
| converts the soonest. I'm thinking for down the road when
| new releases are under a different (even commercial)
| license and the pull the source for old versions. Then cost
| starts to go up a lot. Not saying it will, but I hope the
| software is successful but that sometimes leads to bad
| things for customers.
| ezekg wrote:
| Or just use git: git checkout `git rev-
| list -n 1 --before='2 years ago' master`
|
| and if the license is FSL, you're g2g.
| inktype wrote:
| Thanks. My initial reaction upon reading the submitted title
| was dismissive because I dislike when companies mimic the
| prestige of open source by saying "source available" while
| having a practically proprietary license.
|
| This is the first time I've seen FSL and it is quite nice.
| Surely "source available" is the wrong term to label the
| license with.
| ezekg wrote:
| > Surely "source available" is the wrong term to label the
| license with.
|
| There's a new term coming very soon, "Fair Source." :)
|
| See: https://fair.io
| swyx wrote:
| > mimic the prestige of open source by saying "source
| available"
|
| no, its just the correct term, we literally ask people who
| use the wrong license to change their terminology to "source
| available", lets not punish people who do it right from the
| get go
| inktype wrote:
| You misunderstood my comment; we probably agree. If
| something isn't open source, it shouldn't be labeled as
| open source.
|
| I'm saying that there ought to be a more descriptive term
| for this license to differentiate from the usual
| proprietary "source available" licenses. ezekg's comment
| gives an appropriately descriptive label, "Fair Source".
| foresto wrote:
| > I dislike when companies mimic the prestige of open source
| by saying "source available"
|
| It can be a practical need, rather than a prestige grab. Some
| people can only sink time into developing their software if
| sales of that software pay their bills. The redistribution
| rights granted by an open-source license somewhat conflict
| with this, by allowing another party to appropriate their
| original work and use it to undercut them. (This is part of
| why a revenue model based on services, rather than sales, is
| often encouraged in open-source.)
|
| Meanwhile, the author might very much want to offer customers
| other rights granted by open-source licenses, like the
| ability to inspect the code, or to have it audited, or to
| modify it, or to build it from source as an assurance of what
| instructions are being executed. This is a situation where
| "source available" makes sense.
|
| Looking at it from the other direction, some potential
| customers will only accept software that grants the latter
| rights, but don't care about redistribution rights. "Source
| available" is a viable option for them as well.
|
| I wonder if it would be helpful to have a new, clearly
| defined term for a class of licenses granting inspection &
| modification rights without redistribution rights, and
| explicitly protecting users from additional restrictions like
| fees for source access. That could help make licensing of
| this kind easy to identify and understand, and if that meant
| wider acceptance, perhaps more developers would be willing to
| release their source code to users.
|
| (I do see "Fair Source" mentioned in another comment, but I
| haven't investigated to see if it aligns with what I'm
| describing.)
| louloulouhoo wrote:
| Super cool. I feel like images with fewer colours will work best.
| hnbad wrote:
| I was very surprised to see that it's localised (at least into
| German) and even has an imprint (in the German language version
| at least) despite being based in the UK.
|
| I guess my main concern with using it as a SaaS would be that
| it's located outside the EU (which creates GDPR headaches despite
| what "GDPR compliant" services outside the EU will tell you) and
| whether this also means it can be adapted to comply with any
| given country's laws (e.g. in 2025 laws will come into effect in
| Germany and the EU that will place certain requirements on B2B
| "e-billing" such as using a specific XML format).
| that_guy_iain wrote:
| > I guess my main concern with using it as a SaaS would be that
| it's located outside the EU (which creates GDPR headaches
| despite what "GDPR compliant" services outside the EU will tell
| you) and whether this also means it can be adapted to comply
| with any given country's laws (e.g. in 2025 laws will come into
| effect in Germany and the EU that will place certain
| requirements on B2B "e-billing" such as using a specific XML
| format).
|
| Well the UK is GDPR compliant it literally has the entire GDPR
| law as GDPR (UK). If there is an issue in the future I'll just
| move the company to Germany. The servers are currently in
| Germany. I will be implementing everything and anything to
| comply with EU laws.
| Sander_Marechal wrote:
| > The servers are currently in Germany
|
| With what company? All good if it's a EU company like
| Hertzner, but it can still give GDPR headaches if you are
| hosting on e.g. AWS in Frankfurt because Amazon is still a US
| company.
| badcppdev wrote:
| What headaches are they? Do you have any references of
| people having problems?
| that_guy_iain wrote:
| Basically, the US is not compliant with GDPR because of a
| couple of laws, which I've forgotten the name of. Some
| courts have found that because the company is US then
| even if the data is in the EU a US court can force the
| company to hand it over. This is why Google Analytics is
| illegal in a few countries.
| mhitza wrote:
| > couple of laws, which I've forgotten the name of
|
| https://en.wikipedia.org/wiki/CLOUD_Act
| that_guy_iain wrote:
| It's Hertzner for that specific reason of it's an EU
| company.
|
| Yea, the EU really needs to fix the EU-US GDPR issues. It's
| not like the US will.
| Tehnix wrote:
| I feel I should bring up that in the EU there almost exists
| two worlds when it comes to GDPR: Germany - and the rest of
| the countries.
|
| I've made software for the childcare industry, where the
| data concerns are greater than most other industries.
|
| Nobody had any problem with AWS, or really any non-EU
| vendor, as long as they lived up to the GRPR agreements and
| could provide the usual agreements.
|
| Only in Germany would you run into requirements to either
| host in Germany (at worst) or at least within EU (at best).
| Additionally, there's a lot of German specific laws on top,
| that simply aren't in the other EU countries, and the
| general population is also much more concerned about data
| privacy and residency than any other EU country.
|
| It was a world of difference, and honestly enough for me
| that I would not enter the German market again if it meant
| needing to comply with any additional effort than the rest
| of the EU market.
|
| A bit more of a rant: The hosting solutions in Germany are
| also quite atrocious once you get to a certain scale. Lack
| of proper managed services, tons of instability, insane
| maintenance policies, poor security support (eg no 2FA for
| many). Once you've gotten used to how AWS/GCP/Azure handles
| things, it's hard to go back to that world.
|
| Edit: Almost as response to my last point, AWS is setting
| up a unique EU sovereign cloud
| https://aws.amazon.com/blogs/aws/in-the-works-aws-
| european-s...
| that_guy_iain wrote:
| > I feel I should bring up that in the EU there almost
| exists two worlds when it comes to GDPR: Germany - and
| the rest of the countries.
|
| Well, Germany isn't the country that made Google
| Analytics illegal. Other countries do care.
|
| > Nobody had any problem with AWS, or really any non-EU
| vendor, as long as they lived up to the GRPR agreements
| and could provide the usual agreements.
|
| I was in charge of the tech for a massive man in the
| middle company in Germany where we integrated with lots
| of companies to provide data for other companies. Noone
| had an issue with AWS because they were all using it.
| It's consumers who care and consumers who will make
| reports and it's companies that will pay the fine.
| yayoohooyahoo wrote:
| I'm not sure I understand what this does compared to Stripe? It
| actually seems like all the features are what Stripe already
| does.
| meiraleal wrote:
| If that's the case, it is a great software, no?
| yayoohooyahoo wrote:
| Again maybe I'm missing something but since it's built on top
| of Stripe, I would expect that it does more than just Stripe.
| Otherwise I don't see why I would try to install this?
| skrebbel wrote:
| For one, Stripe Billing has been getting pretty pricey
| mynameisvlad wrote:
| Once again, this tool builds on top of Stripe and Stripe
| alone. You aren't really escaping their fees by using
| this tool.
| danenania wrote:
| 'Stripe Billing' is a separate product from the core
| Stripe service with additional fees.
| VoidWhisperer wrote:
| The main difference is that the source code is available under
| a FSL license and after two years converts to the apache 2.0
| license... compared to Stripe where the core part of the system
| is closed source and proprietary
| yayoohooyahoo wrote:
| Ok but it integrates with Stripe, right? If you still need
| Stripe anyway you may as well use their features directly
| rather than go through an indirection layer?
| canadiantim wrote:
| It's actually better to use a buffer layer so your own
| payment logic is platform independent, eg if stripe bans
| you accidentally you can easily use another payment
| provider
| yayoohooyahoo wrote:
| I agree it would be great in this situation but currently
| it only supports Stripe, and they don't mention plans of
| supporting any other payment platform.
| datavirtue wrote:
| That being said, this does not look to be targeted at
| small businesses and that problem is one that is only
| faced by small businesses. Small operations need to have
| every payment system they can get their hands on (lest
| one of them throw the ban hammer). A killer feature for
| smaller operations would be multiple payment
| integrations.
| antaviana wrote:
| I would recommend to have the Spanish website linguisticaly
| reviewed.
|
| There is an awkward mix of formal and informal sentences, and
| also some too literal translations here and there.
|
| I would also recommend localizing the screenshots into Spanish
| (I'm assuming the product is localized).
| KingOfCoders wrote:
| German doesn't work either, most words are too large.
| yard2010 wrote:
| While working on i18n projects I always test German first. It
| breaks most of the UIs.
| 91bananas wrote:
| Omg i have seen this so much in our i18n translations, UI is
| completely broken. So there is a proper solution for this?
| willsmith72 wrote:
| My German friend's recommendation:
|
| We can read english quite well.
| NetOpWibby wrote:
| LMAO pretty good
| electroly wrote:
| It's no joke, really. I worked on a product (B2B, not
| consumer software) that was primarily sold in the US and
| Germany. Not only did we leave the product in American
| English, but the Germans requested that we force all
| numeric inputs/outputs to use American formatting (period
| for decimal point, comma for thousands separator, even on
| computers configured for German formatting). To them, it
| was American software and thus it made sense for it to be
| in American English. Their English was certainly better
| than our German.
| soperj wrote:
| In most of my interactions with Germans, their English is
| also better than my English.
| shreddit wrote:
| "German" is even spelled wrong in the language selector:
| "Deustch" instead of "Deutsch"
| KingOfCoders wrote:
| [Edit] But of course I appreciate the effort.
| f1shy wrote:
| I can confirm german and Spanish, also the Italian version is
| strangely written.
| markus92 wrote:
| Same with Dutch, Google Translate quality if not worse.
| teamspirit wrote:
| I have found, in my experience, that Chatgpt's translations
| are pretty spot on - especially when compared to Google
| translate.
| abakker wrote:
| Agree - ChatGPT is doing a better job.
| olivierduval wrote:
| Same for french: "tax rate" is definetly not "taux
| d'imposition" but "taux de taxe" in that context
| nikolayasdf123 wrote:
| > "With out of the box SDKs integration is easy"
|
| I read it like "without". I think you mean "with out-of-the-box"?
| kstrauser wrote:
| "Out of the box SDKs make integration easy."
| ramon156 wrote:
| Can I help out with the translations? Dutch is awful
| 6510 wrote:
| een krachtig belastingsysteem
| ruune wrote:
| krachtig is such a great word
| elaus wrote:
| German as well. I guess it's AI translated on a string by
| string basis, therefore translating the same thing into
| different words when it's in another paragraph or list item
| (missing context).
| kfir wrote:
| Daring tech stack!
|
| (50%+ in php)
| badcppdev wrote:
| Boring tech stack!
| datavirtue wrote:
| There is nothing more enjoyable and fun than developing on a
| mature, boring tech stack. We might be able to keep web devs
| more than a year if the kneejerk choice wasn't React or
| Angular (Vue3 is a joy).
| koito17 wrote:
| Who decides what is "boring"? Plenty of people have stuck
| with React for nearly a decade and components just as old
| continue to work in the latest version of React. Meanwhile,
| Vue 3 is such a breaking change from Vue 2 that people
| either abandon Vue altogether or chase bugs with the 2-to-3
| bridge. Does that make React "boring and mature" compared
| to Vue 3? If not, why not?
| badcppdev wrote:
| The Tax Solution page doesn't make it clear as to whether it
| handles US State Sales Tax problems?
| turnsout wrote:
| Yeah there's a lot of nuance state-to-state, like Illinois
| charging for certain digital services.
| kayodelycaon wrote:
| It's worse than that, it can also vary by city.
| turnsout wrote:
| It can even vary within the city--in Chicago there's an
| extra tax on the F&B industry to support Navy Pier, with
| very specific boundaries.
| chrismorgan wrote:
| Once I was long-distance cycling in the USA during the
| summer, and rather fond of chocolate shakes. Somewhere at a
| fast food place, I got asked if I was eating in or taking
| out. I asked what the difference was--it seemed incongruous
| to ask on such an item when that's the entirety of the
| order. My curiosity was rewarded: apparently there was an
| extra tax in that city on one or the other; so I did
| whichever was cheaper (and honestly, either drinking it
| inside, or sitting on my trike).
|
| I even came across taxes that were only present in _half_ a
| city, even--one side of a road but not the other, that kind
| of thing.
| fencepost wrote:
| That's probably not uncommon since municipality borders
| don't follow county borders.
| nanidin wrote:
| It can even vary within a city, and within a zip code - see
| TID's, NID's, and CID's.
| kayodelycaon wrote:
| It's even worse than that. You need a complete address to
| actually know what the correct tax is.
| TechDebtDevin wrote:
| I miss the good ole days when Boomer politicians didn't
| realize you could buy things on the internet (or that it even
| existed) and everything was without sales tax.
| szundi wrote:
| That was the reason they retaliated with hate probably
| FabHK wrote:
| So, let's look at what actually happened. Boomer Bill
| Clinton signed the Internet Tax Freedom Act into law in
| 1998, prohibiting taxation of internet sales to support the
| growth of commerce on the internet (which itself was
| invented by Boomers and even older generations).
|
| Much much later there were efforts to tax sales on the
| internet no matter where in the US, and for good reasons.
|
| https://en.wikipedia.org/wiki/Internet_Tax_Freedom_Act
| Suppafly wrote:
| >like Illinois charging for certain digital services
|
| I live in IL and haven't heard of that. Generally if
| something is a 'sale' it's taxed though. I miss the old days
| when anything purchased online was some gray area they
| couldn't figure out if they should tax or not.
| Thorrez wrote:
| I think it's specifically Chicago:
|
| >Chicago's 9% amusement tax extends to all "amusements that
| are delivered electronically." If you stay home and watch a
| movie, you pay the same tax rate as you would if seeing it
| in theaters.
|
| https://www.illinoispolicy.org/this-christmas-your-gift-
| from...
| meekaaku wrote:
| How do ppl currently handle it in big systems like
| oracle/dynamics or whatever.
| djbusby wrote:
| Integrate with Avalara or TaxJar
| calvinmorrison wrote:
| Avatax is amazing
| stevenschmatz wrote:
| Sales tax in the US is exceedingly complex. It's simply out of
| scope for most companies to tackle without using a specialized
| sales tax vendor. To properly create a model of just US states'
| rules, you need to take into account dozens of factors like
| product type, exemptions, various address types, fulfillment
| info, and more.
|
| You can get to a basic level of compliance fairly easily with
| state- and customer-based rates in select circumstances. But
| unless you dig deep, you will get things wrong, and you will
| only know about it when you get a potentially expensive audit
| years later.
|
| Context: CTO of [Taxwire](https://taxwire.co), writing software
| for sales tax.
| that_guy_iain wrote:
| > The Tax Solution page doesn't make it clear as to whether it
| handles US State Sales Tax problems?
|
| I will fix that. It handles US State Sales Tax to some extent.
| So it has state tax rules and thresholds. So will only apply
| the tax if the threshold or there is a nexus. However, it
| doesn't have the polygon tax areas that would be needed for
| cities. For example, Illinois doesn't have SaaS tax but Chicago
| does. That is very high on my list of things to do. But you
| could work around that right now by doing it on a customer
| level. Where you set the tax rate for the customer.
|
| But I will definitely improve that text on the tax page to
| explain how it hands the US tax issues.
| karolist wrote:
| If anyone wonders what the stack is and how to host it ->
| https://github.com/billabear/hosting-docker-compose/blob/mai...
| mtmail wrote:
| PHP, Postgres, Stripe API
| bmonteirog wrote:
| Signed up for the free trial... but I cant see anything on the
| dashboard, only a blank page with an Environments h1. :( Cool
| concept though. Oh! and the ui from the screenshots is way better
| than the live version
| dvh wrote:
| How much does a say $5 payment cancellation costs? I've heard
| these diy billing systems have very high cancellation fees.
| Malidir wrote:
| Your website isn't responsive, the whitespace at the sides isn't
| preserved
| pvg wrote:
| A discussion/Show HN last year
| https://news.ycombinator.com/item?id=36491975
| spaghetticoder wrote:
| The Italian translation needs some love, let me know if you need
| a hand with it.
| 0xbadcafebee wrote:
| Does anyone genuinely make their choices for what product to use
| based on if its source is available?
|
| I don't want to read the source code, I want to use the product.
| If there is a bug, I want you to fix it. If you don't fix it, why
| am I paying you / using it? Assuming I am a programmer (many
| users aren't) and make my own patch, and you don't merge it, I'm
| still screwed. Source only helps me if I'm the one running the
| code. So the fact that your SaaS is source available has no
| bearing on my use of it.
| tyzoid wrote:
| It's not strictly a SaaS if the license allows you to host it
| yourself at no cost.
| lytedev wrote:
| Of course some people do! Programmers mostly, I would expect,
| since they can possibly patch or audit code which may be a
| requirement.
|
| Personally, I would never reach for a tool or component or any
| piece of software if I have to run or operate it unless I can
| change the code.
|
| Now, "source available" has another implication, however...
| elric wrote:
| Lots of businesses have agreements with vendors to keep the
| source code in escrow, in order for the business to be able to
| ensure continuity if the vendor goes out of business or
| abandons the product.
| csdreamer7 wrote:
| How does that work exactly? They have rights to get a 3rd
| party to maintain the product if the original vendor goes out
| of business?
| elric wrote:
| They can either maintain it themselves, or let another
| party do it for them, indeed. The contracts specify under
| which circumstances the code can be released, but usually
| it's going out of business or cancelling a product.
|
| It's something we had to deal with in a previous job where
| we (as a small company) sold products to Global 500
| companies. Either we agreed to this, or there would be no
| deal. Every time we released a new version to those
| clients, we would place the updated source code (along with
| documentation and tooling etc) in escrow.
| csdreamer7 wrote:
| Ty for the info.
|
| What exactly is escrow for source code? Some party you
| paid to upload a tar.gz to an sftp server?
| eichin wrote:
| When I've done it in the past, it was a vaguely tech-
| savvy law firm (the hard part isn't really the _storage_
| , it's the "evaluate the conditions of the escrow
| contract release terms".) (IIRC recommended by the
| customer but we had some independent validation - I think
| one of our VC's law firms had dealt with them before?)
|
| We also had to details on how to actually build the
| product from the source, though I think they mostly just
| trusted us on that as long as we supplied a separate
| document - and by trusted, there were penalties spelled
| out in the contract about that too. (We were in good
| shape releng-wise but I expect a lot of companies would
| have to clean up their act to actually comply with that
| part.)
| elric wrote:
| Escrow in general refers to a third party acting as an
| intermediary trusted by both parties. This works for
| source code, but also for money, goods, or anything else.
| Say if I want to buy a large diamond from you, you hand
| it over to the trusted escrow service, I give them a big
| pile of money. Once they have the money, they give me the
| diamond, and then give you the money.
|
| Only in the case of source code, I give them the code,
| and they won't give it to you until I go out of business.
| They get paid for that, of course. In our case, we
| uploaded source code an escrow service's servers.
| ezekg wrote:
| This is one of the reasons I personally went fair
| source/source-available. I was already sharing my code with
| my biggest customers via escrow, so I thought I'd just
| simplify and share with everybody and give everyone the same
| benefits i.r.t. continuity and longevity.
| ezekg wrote:
| I think a big value prop is that it reduces vendor lock-in,
| especially when depending on a new company. If the company
| fails, you can self-host and even fork. You can also choose to
| self-host for compliance reasons if your sector doesn't jive
| well with multi-tenant SaaS.
| bofadeez wrote:
| Way too expensive
| popalchemist wrote:
| Source available is a no man's land. People who want source code
| also want MIT (or similarly permissible license). People who
| don't care about source, don't care if it's available.
| lukevdp wrote:
| Signed up for the trial, I get an empty screen that says
| "Environments". Can't seem to do anything!
___________________________________________________________________
(page generated 2024-07-22 23:06 UTC)