Open source software is the foundation of modern software infrastructure everywhere. But with the increased growth of large open source projects, a new trend has emerged: switching an open-source project to a source-available license. Let's have a closer look at what that means and the consequences such as switch typically has.
What is open source?
True open source software (aka Free Open Source Software or FOSS) is software that is licensed under one of the OSI-approved open source licenses, following these principles:
- Free Redistribution: No restrictions on selling or giving away the software
- Source Code Availability: The source code must be included or readily available
- Permission for Derived Works: Modifications and derived works must be allowed, and they can be distributed under the same terms
- No Discrimination: Licenses must not discriminate against persons, groups, or fields of endeavor
- License Durability: Rights must not be dependent on specific software packages or tied to additional agreements
OSI is the Open Software Initiative, tasked with governing licenses around the open source ecosystem and providing information about the approved licenses. While some licenses such as MIT, apache 2.0 or LGPL are widely used and well-known, there are also many lesser-known (or superseded) ones, which is why you can check if any given license is a real open source license directly on their website.
How is source-available different?
In simplified terms, a source-available license is a more restrictive version of an open source license, granting only some of it's rights and freedoms.
The restrictions mostly apply to offering commercial products based on the licensed software and restrict use cases like offering hosting solutions or limit the size of clusters before requiring a commercial license.
The source-available licenses may seem very similar to users, as they use the same words but refer to different definitions. Seeing words like "free" and "open" will convince most unsuspecting viewers the license is open source, but they don't mean the same thing as the open source licenses:
- "Free" means freedom to use, modify and share in open source licenses, source-available instead defines it as "no cost".
- "Open" means the code is freely accessible and unrestricted in use for open source licenses, source-available instead interprets this as only "openly readable".
This play on words has confused many users and even fooled some into believing that the new licenses are still open source, when they don't provide the same permissions in reality.
Uncertainty
Changing a project's license from an open-source to a source-available license brings a lot of uncertainty to it's users, adopters and the community around it. The vast majority of open source projects never change license, and users have come to expect that the license in place today won't change in the future.
By making such changes, users are now left with a lot of uncertainty: What if the license is changed again? What if the new license is adjusted in some way? Do i need to re-evaluate my own use case every time the license is touched? How often will that be? Will the next change shut the door on my use case too?
By demonstrating to users that the project prioritizes commercial goals over stability and the concerns of the user base, it actively alienates a significant portion of existing users and would-be adopters, which are now likely to look for alternatives.
Legal compliance
The law is a complex beast to manage, which is why legal departments in larger companies set rules for which software may be used internally. In most cases, this is done by vetting a specific license, then either allowing or banning it's use internally. Developers in such companies may only choose projects whose licenses got approved beforehand, sot hat the company does not expose itself to legal risks.
Since source-available licenses are not well understood and include restriction son usage, they may be fine to use in some circumstances, but not in others. Legal departments don't have time or resources to re-evaluate the license for each project, so to minimize risks and exposure to lawsuits, they are more likely to just ban the license from use in their company.
In addition to these problems, many source-available licenses use vague wording that is not well-understood and can be difficult to comply with, even for legal professionals.
For small businesses in particular, this complexity is entirely too much to consider, so they are likely to look for alternatives, slowing down the future adoption and growth of the software significantly.
Fragmentation and loss of momentum
Switching a software license to a non-open-source variant will inevitably alienate a significant portion of it's community, with many of them turning to competing projects instead. If no such projects exist yet, a community will inevitably form to fork the last open source licensed version of the software and create a competing open source product from it.
Having multiple versions of the same software splits the community between them, slowing down the momentum of all of them.
Decreased stability and security
By alienating a large chunk of their community, the project will struggle to maintain the same level of quality with a reduced workforce of contributors. While the development/bugfixing capabilities could be fixed by adding more paid developers, other needs aren't met as easily: A smaller community means less people adopting and trying the software in new environments to report stability bugs, less scrutiny on the source code to find and report vulnerabilities, and less issues/tickets opened to report problems and provide debugging information.
Especially operators will have to worry how the software may develop in the future. For open source software, they can look at the past track record and make a reasonable assumption, but for a project that just changed license, that track record by no means represents it's future progress, effectively forcing new adopters to make a wild guess based on gut feeling instead of an informed decision.
The cost of source-available
Most companies switching their licenses to source-available claim to do it as a way to protect the software. A common argument here is that the company must survive financially, which it can't if competitors "freeload" on their work by offering it as a hosted service. This is blatantly hypocritical, as the software product itself is (almost always) based on numerous open source tools and libraries, written in open source programming languages and only grew to the point of popularity through the open source community, volunteer contributors and countless issues reporting bugs and asking for features. It is guilty of the same crime it accuses others of.
The goal of "protecting" the software through more restrictive licensing falls short as well, as the primary effect of such moves is either the accelerated growth of a competitor, or the creation of a competing software product in case there is non yet. This has happened time and time again:
- MongoDB relicensed under the SSPL in 2018, prompting the creation of FerretDB, a proxy that converts MongoDB driver instructions to PostgreSQL statements to allow MongoDB users to shift away from the service.
- Redis labs modified it's licensing in 2018, leading to the creation of a fork named KeyDB, offering heavy performance improvements and features, later followed by the ValKey fork in 2024, which quickly gained backing from large cloud providers.
- Cockroach Labs' relicensing of the CockroachDB database in 2019 produced heavily accelerated growth in community size and enterprise backing for it's competitor YugabyteDB.
- Switching ElasticSearch to a dual license of SSPL and Elastic License resulted in the creation of the OpenSearch fork, with significant industry backing.
- HashiCorp's decision to change their product licenses to BSL prompted the forking of TerraForm into OpenTofu, and Vault into OpenBao, with both seeing rapid growth and adoption.
Every time an open-source company changes their license to a source-available variant, they spawn a competitor in the same space. The names in the list above used to be industry leaders, with products practically defining and entire use-case with no reasonable alternatives. With the switch of a license, they are now just one of multiple competing softwares for the same use case, with dwindling community size and slowing momentum.