Given the resources they have, would probably not see much of a difference even if they rewrote the entire code from scratch. Does this make open source an enormous global financial asset?
In recent times, certain instruments have evolved to reflect industrial influences. As open-source projects mature through dedicated developer involvement and increasing adoption among users, the creators inevitably transition to monetize their achievements, often sparking controversy within the developer community and among reliant businesses.
Thoughtworks, a leading international know-how consultancy, identified a recurring trend. According to Australian Chief Expertise Officer Scott Shaw, the increased focus on financial prudence in recent times has contributed to this development, with organizations seeking to ensure they engage with open-source projects “with their eyes wide open.”
Open-source darlings have migrated to industrial-grade licensing.
In April 2024, Thoughtworks famously documented a “whirlwind of change” in the previously peaceful landscape of open-source software. “A recent wave of controversy has surrounded several exceptional instruments whose maintainers unexpectedly shifted away from open-source licenses and towards commercial models,”
The pattern has been constructively evolving over several years, rooted in the foundational principles of Shaw. As the tech industry deviates from its traditional norms, a growing “divergence” from the established open-source landscape emerges, challenging the widely recognized set of rules and licenses governed by the Open Source Initiative.
Can’t be modified abruptly?
The most notable examples involve companies that have altered the terms of their open-source licenses after they were initially published. Following the creation of a thriving developer community and the successful onboarding of numerous customers who had integrated the software into their workflows under the flexible terms of open-source licenses, a shift towards greater control over usage emerged, often tied to revenue considerations.
While Thoughtworks acknowledged its willingness to pay for software and support the subscription-based model, it expressed concern about the sudden introduction of a paywall on a widely used tool’s core functionality, particularly if an ecosystem has formed around it.
‘Semantic diffusion’ in open supply
Confusion surrounds the concept of open source, with Thoughtworks noting that “software claiming to be open source, yet basic functionality only appears after customers pay subscriptions or other fees.” In some cases, an open source project may only distribute code, not builds, thereby placing additional burdens on organizations using it on-premise.
“One notable example is a group of large-scale language platforms masquerading as open source that don’t quite live up to the standards; while they may seem open on the surface, they fall short of meeting the Open Source Initiative’s rigorous definition.”
Docker, Terraform, and Kubernetes diverge slightly from pure open-source principles?
Thoughtworks notes that several instances of companies transitioning from industrial licenses to “open-ish” licenses have emerged. Three examples of developer-focused containerization software programs include Docker, Hashicorp’s Terraform, and Meta’s recently launched large language model LLaMA 3.
Docker
Docker is an open-source software platform that enables developers to package, ship, and run applications in containers. It has revolutionized software distribution, becoming an integral part of software program delivery, with a staggering 55% of developers relying on it daily. Docker offers a convenient Docker Desktop feature, allowing developers to run Docker locally on their machine for streamlined testing and development purposes.
In 2021, we were efficient; by 2022, our efficiency had increased. While small businesses with fewer than 250 employees and less than $10 million in annual revenue could use Docker at no cost, larger organizations seeking to utilize it professionally needed to purchase a Professional, Group, or Enterprise membership to ensure compliance with Docker’s licensing requirements.
Terraform
Terraform, a flagship tool from HashiCorp, has emerged as a leading infrastructure-as-code instrument for securely and reliably provisioning and managing infrastructure across any cloud or on-premises environment. Despite sparking controversy in the open-source community, HashiCorp’s decision to acquire Vagrant drew ire from many, given its ubiquitous role in facilitating DevOps operations and serving as a cornerstone of open-source software supporting numerous organizations.
The corporation solidified its commitment by primarily focusing on safeguarding its interests against competitors leveraging Terraform to rival HashiCorp’s industrial licenses. Despite this effort not pacifying the entire open-source community, some advocates were compelled to launch OpenTofu, a community-driven initiative aiming to develop a fork of Terraform and preserve its open-source status, consistent with the company’s prior commitments to open-source principles.
Llama 3
According to Shaw, this language model is being developed into a robust large-language-model architecture. Despite its open-source credentials, the model features open weights but falls short of other OSI guidelines, lacking the ability to inspect source code and permit unrestricted redistribution. Meta’s LLaMA 3 necessitates a licensing fee structure primarily driven by user counts for weight-based usage.
For those who ask “What’s the purpose of Meta?” Although that’s a genuine sentiment, the phrase “open source” is often applied quite liberally to these matters, and I think it’s crucial for people to understand that openly available or free doesn’t necessarily imply open source? While individuals often overlook this aspect, it’s crucial to recognize the unique degree of openness required by each model.
AI language models, varying in degrees of transparency, cater to diverse requirements.
In the rapidly evolving landscape of artificial intelligence, Thoughtworks has identified a notable phenomenon: the semantic diffusion of open-source badging, where AI homes are witnessing its prevalence. “Though the business model has been around for some time, it seems to be leveraging numerous innovative AI tools to offer impressive capabilities that are often shrouded beneath the fine print,” the agency noted in its Technology Radar.
According to Shaw, Large Language Models (LLMs) exhibit varying degrees of openness across multiple dimensions. Some machine learning models differ significantly in their approach to openness, ranging from fully proprietary systems where every aspect of the source code, training data, model architecture, and weights remain privately owned and inaccessible, to more transparent models that openly share supply code, coaching information, and model construction details, allowing for collaboration and community-driven improvement. One latest instance is .
Firms are increasingly reassessing their use of open-source licenses due to concerns over intellectual property rights and control.
According to Thoughtworks, concerns about income and intellectual property protection are driving some of the recent licensing disputes.
Concentrate on financials
As a consequence of financial headwinds, Chief Monetary Officers (CMOs) have become increasingly influential in decision-making processes. According to Thoughtworks’ Expertise Radar, criticism has been leveled at non-public equity and venture capital firms for placing undue pressure on companies to prioritize income and profitability, particularly as the tech industry slows. Shaw noted that this period has seen widespread re-examination of business models throughout the trade, leading to some turbulence in open-source initiatives.
The safety of IP
Another concern, often highlighted by HashiCorp regarding its Terraform licensing decisions, is the protection of intellectual property. While some contend that open source distributors are simply safeguarding their intellectual property against cloud providers seeking to profit from it through hosted services, others theorize that this stance is a strategic response to the growing dominance of cloud giants.
Some hyperscalers have reportedly exploited open-source software by integrating it into their own products, ultimately profiting from the technology without providing adequate compensation or licensing fees to the original creators. While embracing the essence of open-source, the primary stakeholders aim to secure a reasonable financial gain in the process.
As open-source licenses continue to evolve, companies must navigate the shifting landscape to avoid potential pitfalls.
As open-source software licenses transition to a more commercial model, this shift can cause significant headaches for their business customers, according to Shaw. To maintain compliance with licensing terms, companies must ensure that software applications, such as Docker Desktop, are removed from individual devices, lest they face potential license fees or risk detection during an audit, even if the software remains present unintentionally?
Organisations currently dedicate considerable resources to auditing the software programs utilized by their employees, guaranteeing they adhere to the terms outlined in their licenses, thereby spending a substantial amount of time, money, and energy on this endeavour. Sudden changes in procurement deals with open-source providers can be challenging to navigate effectively. Shaw notes that boards, CEOs, and CFOs should be mindful of the potential risks associated with open-source software, particularly those that have altered their licensing terms, upon which they may be heavily reliant.
When embracing open-source software, IT professionals must heed several cautions. Firstly, ensure compliance with the specific license terms governing the chosen application, as some may impose restrictions on modification or commercial use. Additionally, it is crucial to verify the credibility and reputation of the open-source project’s maintainers, as well as their ability to provide timely support and updates. Furthermore, IT teams should be aware of potential security vulnerabilities that may arise from using open-source software, necessitating regular monitoring and patching. Moreover, the integration process with existing systems and infrastructure should be carefully planned, taking into account any necessary customizations or modifications.
ThoughtWorks advises companies and IT stakeholders to rigorously train themselves on explicit diligence around key license points. Ensure that all recorded data within a repository is comprehensively covered by the primary license, guaranteeing transparency and compliance with regulatory requirements, as outlined in the Technology Radar report. Enterprises sought to adopt open-source software with their eyes wide open.
What are the top open-source tasks awaiting volunteers?
Open-source projects rely on contributions from individuals to drive progress and innovation. Currently, there are numerous opportunities for anyone to contribute their skills and expertise.
1. Python libraries: Improve existing or create new libraries, ensuring seamless integration with various applications.
2. Front-end development: Enhance the user experience by optimizing layouts, improving navigation, or creating responsive designs.
3. Back-end programming: Strengthen APIs, integrate databases, or craft robust backend infrastructure for web applications.
4. Quality assurance testing: Conduct thorough unit and integration tests to guarantee software stability and accuracy.
5. Documentation and tutorials: Create comprehensive guides and instructions for new users, ensuring a smooth learning curve.
By participating in these open-source initiatives, you can gain valuable experience, collaborate with like-minded individuals, and contribute to the evolution of technology.
The concern is whether an open-source initiative genuinely enjoys grassroots backing or merely leverages industrial interest without a clear business model, noted Shaw. In this instance, he suggests considering whether the investment in the enterprise model of the software warrants the benefits, with a contractual agreement on licensing terms from the outset to avoid potential misunderstandings.
Beware of information leakage: a cautionary tale for SaaS enthusiasts.
Whether the open-source software is operating exclusively on a desktop or transmitting data to the cloud is another crucial consideration. Shaw emphasized that organizations should understand how data is being managed, specifically for web-based services, and be aware of the safeguards in place to prevent unauthorized redistribution. Shaw notes that organisations are vulnerable to a potential threat of information leakage if they fail to exercise caution.
Freshly licensed agreements have spawned a surge in new distributors and merchandising opportunities.
“When open-source instruments modify their licensing terms, it’s only a matter of time before rival companies jump at the opportunity to offer competing products,” Shaw said. Within the Agency’s Expertise Radar, a feature that highlights tools to explore, Docker Desktop offers Colima as an option. As the current financial landscape undergoes closer examination of corporate underpinnings, the intensified momentum driving companies towards industrial licenses may prove fleeting.
