Yet another software license is vying for the attentions of SaaS companies seeking to align themselves with the open source realm, without compromising their commercial endeavors.
Sentry, an app performance monitoring (APM) company that helps companies such as Disney, Microsoft and Cisco track and resolve laggy or buggy applications, has transitioned its core product to a new license it designed called the Functional Source License (FSL). The company’s open source chief Chad Whitacre says the license is for any SaaS firm that wishes to “grant freedom without harmful free-riding.”
“There’s been a long history of companies with deeper pockets and more resources taking advantage of traditional open source companies,” Whitacre told TechCrunch over email. “Open source companies, regardless of license or the pedantic definition, have become increasingly reliant on being venture-backed, for-profit, or more importantly being supported by the companies that rely on their code.”
Recent history is littered with examples of companies that grew off the back of open source projects, but later abandoned those roots to protect their commercial interests. In 2021 Elastic switched Elasticsearch from an Apache 2.0 license to a duo of source-available licenses, a move designed to prevent third-parties such as AWS from essentially selling its own version of Elasticsearch “as-a-service” without contributing much back to the original project. More recently, HashiCorp did something similar with Terraform, while the likes of Element (with Matrix) and Grafana transitioned from permissive open source licenses to so-called “copyleft” licenses, essentially forcing users to keep derivative projects open source, or pay for a license to use the product.
As for Sentry, the San Francisco-based company started out more than a decade ago under a permissive BSD 3-Clause license, one that comes with few restrictions. Similar to the other aforementioned companies, Sentry relicensed its core product back in 2019 to counter what co-founder and CTO David Cramer called “funded businesses plagiarizing or copying our work to directly compete with Sentry.
“This has included taking marketing content from our website, plagiarizing our documentation and framing it as their own, or straight-up copy/pasting our product visuals,” Cramer wrote at the time. “Their defense? ‘Well, it’s free open-source, and we can do that.’ These businesses are not using Sentry to improve how they develop software; they’re lifting its code and assets to build their closed-source products to compete directly with us.”
Thus, Sentry moved to the Business Source License (BSL), a source available license that allows for unlimited use in most non-commercial scenarios. Notably, BSL-licensed products are time-limited, automatically reverting to an open source Apache license after four years — this is designed to discourage commercial competitors from benefitting from a project in the short term. However, Whitacre argues that four years is just too long, and is not aligned with the spirit of open source.
“The default non-compete time period is four years, which is a really long time in the software world,” Whitacre wrote in a blog post on Friday. “This can make it feel like the eventual change to Open Source is only a token effort. It almost might as well be 100 years.”
While Sentry had actually shortened its BSL licensing to three years, Whitacre said that it was still too long. Plus, the BSL license has other flaws, such as the “additional use grant” mechanism, which allows project owners to define specific circumstances in which their code can be used commercially.
“The additional use grant is the biggest problem,” Whitacre writes. “It is a giant fill-in-the-blank that effectively means that every BSL is a different license.”
This variability means that products with a BSL license are often difficult to get approved from companies’ compliance departments, as they have to review each license individually.
“It also makes it difficult for companies to adopt BSL for their own products, because they need to make decisions and write custom language for it,” Whitacre continued. “We want to widely promote the values that led us to BSL, and to that end we want to fix the friction, with FSL.”
Sentry calls FSL an “evolution of BSL” that balances user freedom and developer sustainability. There is no additional use grant in place, plus the time-limit has been cut to two years, after which associated products will automatically transition to an Apache 2.0 or MIT license.
“For companies using FSL, two years provides protection against competition, but also acts as an incentive to continue innovating,” Whitacre wrote. “For the user community, two years provides meaningful protection in the event the driving company drops the ball.”
However, Thierry Carrez, general manager at the Open Infrastructure Foundation and vice chair at the Open Source Initiative (OSI) which manages the definition of open source software, said that Sentry is just the latest in a line of companies to build their reputation off the back of open source and then “abandon the model that made them successful in the first place.”
“Releasing yet another license variant that removes developers’ self-sovereignty in their technical choices is nothing novel — it is still about removing essential freedoms from the whole software ecosystem to clearly assert ownership over their proprietary software and the use you are allowed to make of it,” Carrez said. “This is not open source: it is proprietary gatekeeping wrapped in open-washed clothing.”