Situation:
A web based project, providing network service is currently under GPL license. Some people have made a fork and are hosting their forked service without sharing the code, which original project do not want.
Objective:
Making sure that new version of the project can't be forked, closed and hosted as it currently is.
Means:
AGPL license seems to be the way to go, but that requires relicensing the code, however, as far as I understand, relicensing from GPL to AGPL could be done.
A few possibilities:
Actually relicensing the code. This require an agreement of all main contributors, while possible, may be lengthy. One time small contributions from contributoirs not willing to switch could be reimplemented without much issues
Relicensing some core module or even a single important file in the code. This will require people willing to host a closed source version of the code to remove this part, which can be made quite hard.
Just stating in the license that starting from a certain commit, all code is now AGPL. This is the simplest solution in terms of effort and will render any new version fully unusable by closed source fork, and over time, all part of the code would become AGPL. I'm not sure this is something that can be done.
Let me know what you think.
Lawyer time
Yeah no, that out of the question, that's a failry sucessful hobyist project. No money involved.
I understand your objective, but why?
Are the closed versions making money?
Are they adding valuable features that you're not getting back upstream?
I'd be careful making too many potentially user hostile actions. I say hostile because you are a lucky one where others have found use for your hobbyist project and your reaction is to find ways to make them stop doing it. If you're looking to turn professional and add support package options, this makes sense.
Are the closed versions making money?
No, but nothing prevent them to
Are they adding valuable features that you're not getting back upstream?
Yes, dividing the community in the process and not crediting the original open source project.
I'd be careful making too many potentially user hostile actions. I say hostile because you are a lucky one where others have found use for your hobbyist project and your reaction is to find ways to make them stop doing it.
GPL was not the right decision at the beginning
If you're looking to turn professional and add support package options, this makes sense.
this is not the case
You can relicense from GPL to AGPL of the same version without receiving permission from contributors. This would not apply retroactively, older versions would still be available under GPL. GPL is not revokable so it's not possible to change the license of older versions
IANAL
> older versions would still be available under GPL.
Of course, not the point.
> You can relicense from GPL to AGPL of the same version without receiving permission from contributors.
What do you mean here ? The copyright holders wrote their contributions under a specific license, I can't just change it.
GPL is written to be relicensable to AGPL without contributor permission http://www.gnu.org/licenses/gpl-faq.html#AllCompatibility
Disagree. That chart is just about compatibility between the licenses.
You need permission from the copyright holders to change the license they have placed on a work. (There are multiple possible ways to get that permission, but you still need to get it.)
Can't change the license, but can definitely distribute GPLv3 code as part of an AGPLv3 software. Which for all practical purposes has the same effect. So OP's solution #2 would work: contribute a small part under AGPLv3-only, and the entire software would be effectively AGPLv3-covered as long as it includes that part.
Yup ! I def agree.
I personally will go with the first option. I remember plausible doing something similar when migrated to AGPLv3 (see https://plausible.io/blog/open-source-licenses).
side note: Another license you may want to consider is the Elasticsearch/Mongo SSPL (https://www.mongodb.com/licensing/server-side-public-license/faq)
Indeed, that would be the best if possible. Great write up !
'SSPL': They are not open source licences. Be careful if you go down that path.
Might be a lot different from your case but NEO4J did do a similar excersise, you can read up here https://neo4j.com/open-core-and-neo4j/
Quoting whole link, one part of NEO4J write up, it seems you need to talk to the contributors whoes access will now be revoked
Are You Taking Software Written by Your Contributors and Making It Closed?
We’ve looked at this question very carefully, out of deep respect for the Neo4j community.It may surprise you to know that >99% of Neo4j Enterprise Edition code was written by individuals on Neo4j’s payroll – employed or contracted by Neo4j-the-company. As for the fractional <1%...that code is still available in older versions. We’re not removing it. And we have reached out to the few who make up the fractional <1% to affirm their contributions are given proper due.
3 is pretty common in my experience. Challenge is in differentiating new functionality from old code enough to substantially devalue the older release.
Of course.
All 3 seem good. Start with #1, fall to back to #3 if you can't, and either way, do #2.
AGPLv3 and GPLv3 are explicitly compatible with each other, so you just need buy in from the other contributors.
thanks
I have an AGPL project, so this topic interests me. So after a bit of googling.. it seems if you're GPL v3 licensed, then you can do option 3 with no fuss: you don't need contributor permission since AGPL is already compatible, but if you're GPL v2 then it might be a problem since v2 is not compatible. Which version of the GPL are you using?
This is correct and the project is currently GPLv3, so all good
We recently switched from GPL v3 to AGPL v3. You just have to get the permissions from existing contributors.
I've written a blog post on why and how we did it: https://blog.tooljet.io/changing-license-to-agpl/. Feel free to message me if you need any help.
Thanks for sharing !
I'd probably suggest doing both 2 and 3 at the same time. 3 is something of a "no-brainer"; you can't put the genie back in the bottle, but at least you can stop them taking advantage of new versions.
Combine that with actively relicensing any parts of the code which are discrete enough to track down all contributors; as you say, any module or file (important or otherwise) which was the work of a single or small number of contributors would do.
Between the two approaches, you should be able to make forking any later versions (without following AGPL practices) impractical.
ok