License warning
-
While setting up Cal, it asks you to choose between the AGPLv3 and an Enterprise license, and warns that with the AGPLv3 you can't resell the software easily.
I've read the AGPLv3 and also asked ChatGPT to highlight for me anything that might be an issue on that front. Can someone clue me into to what I might be missing?
Is there anything in this license that precludes me from selling access to my hosted version?
No, the GNU Affero General Public License Version 3 (AGPLv3) does not preclude you from selling access to a hosted version of the software. In fact, the AGPLv3, like other open-source licenses, allows for commercial use, which includes the possibility of charging for access to the software. However, there are a few important considerations to keep in mind:
1. Source Code Availability: If you modify the AGPLv3 licensed software and host it on a server, the license requires you to make the modified source code available to your users. This is a unique aspect of the AGPLv3, aimed at ensuring that users of networked software can access the source code.
2. License Compliance: You must comply with all terms of the AGPLv3. This includes providing any required notices and making sure that any distribution (including selling access to the software) adheres to the terms of the license.
3. No Restriction on Charging: The AGPLv3 does not place restrictions on the amount you can charge for providing access to the software. The pricing strategy is entirely up to you.
4. Pass-Along Requirements: If your hosted software includes AGPLv3 licensed components, you are required to make the source of these components, including your modifications, available under AGPLv3. This means that your customers could theoretically use your modifications to set up their own competing services.
In summary, you are free to sell access to your hosted version of AGPLv3 licensed software, but you must comply with the requirements of the license, particularly those related to the availability of source code for your users.
-
@jordankrueger
perhaps they just mean the restrictions under 4 above, who knows. Perhaps ask them for clarity via twitter or their github issues? -
@jordankrueger said in License warning:
you can't resell the software easily
They warn that you "can't" resell the software or specifically you "can't ... easily"?
Because the latter really means you can, only that it's not easy to do so. There's a difference you see.Ho boy been dealing with this for a looong time.
I believe the 'confusion' with GPL licensing model is because people are so poison-minded by the -win-DOZEs- of this world and their closed systems, they just cannot believe (and are exactly minded as is) what they read in the license. let alone even simply understanding what General Public License means, really.
And I'll tell you a secret, even MOST coders don't even really understand, and several even jump all over the place when they find out for the first time their code has been copied all over without even their knowledge. It's likely where they return to read again, ATTENTIVELY, the license under which they've published their code.
And that has also the consequence that many, MANY, developers ARE violating this license under which they license their code, in many different ways and you might be surprised at who does, or would you... Well, they're mostly obvious when you start to really understand the license.
Now, briefly, not only you CAN resell the code in any way, under the stipulated conditions, but it also MUST BE MADE AVAILABLE to the users as well.
What people really don't grasp is that this is A CONTRACT and once you accept it, by installing the software, YOU as well as the developer are BIND by law. GPL licensing even if it's basically a FREE OPEN LICENSE for the GENERAL PUBLIC is still a LEGAL DOCUMENT under which you are bind by the use of the software.
And, EVERY f.....g word is the most important.
The 4 points above really mean what it means, it's a fully lawful contract, and that also means no matter what the developer says, publishes on its site or try to dictate, like what you can or cannot do with the software, the only thing that counts is the WORDS written in the license, aka CONTRACT.
So, by definition NO, the developer in question cannot even make it NOT EASY, in any way to get a COMPLETE copy of the software.
Hope that helps a little, it's far from exhaustive. Have a nice day.
-
@jdaviescoates said in License warning:
@jordankrueger
perhaps they just mean the restrictions under 4 above, who knows. Perhaps ask them for clarity via twitter or their github issues?There's absolutely NOTHING to clarify, if they publish their software under that license they're bind and must comply, no matter what they say or do.
Hence they MUST provide a full copy of the code as stipulated by the CONTRACT (license)
-
Just to chime in: AGPL is a „copyleft license“:
The idea behind the AGPL License was to address the “application service provider (ASP) loophole,” which both Henry Poole and Stallman believed existed in the GPL. The ASP loophole meant that software-as-a-service (SaaS) providers
[<— someone running Cloudron and making the software available to others]and other software that ran primarily over a network were exempt (or could potentially argue exemption) from the terms of the GPL license. This is because they didn’t technically “distribute” it in the traditional sense.Let’s say you create a software program. Another developer takes and modifies it, and then provides access to that modification to paying customers through a software-as-a-service model.
[<— again, someone running Cloudron and making the software available to others]Under the GPL v3, that modification would essentially become proprietary ** because it wasn’t technically distributed. Under AGPL, however, that developer would need to make their modified source code available for download.**Source: https://fossa.com/blog/open-source-software-licenses-101-agpl-license/
This can result in a requirement to essentially make available your business secrets (e.g you write a whole software suit that you don’t want open sourced and use one tiny library under AGPL that could „infect“ the rest of the code) - in my experience as a lawyer, larger companies try to avoid copyleft as much as possible.
-
Maybe this is just a bigger question than this forum is intended for but I guess for my use case, I'm just wondering how the copyleft requirement has to be executed. If I'm just hosting the package in its default state, isn't the source code on GitHub satisfying the requirements?
-
@jordankrueger said in License warning:
If I'm just hosting the package in its default state, isn't the source code on GitHub satisfying the requirements?
Yeah afaik the requirements only kick-in if you make derivative versions, which you wouldn't be doing.
-
@necrevistonnezr huh?
Personally I would not agree and do not believe, imho, that "someone running Cloudron" would enter in this category because the AGPL addresses the developer's of the FOSS, which Cloudron is NOT, Cloudron is somehow only RE-distributing, or conveying "verbatim" copies of the software from other developers' it maintains and so Cloudron is NOT a SaaS provider technically speaking.
There are many FOSS developers who are running their software as a SaaS nowadays, Mautic, WordPress, NextCloud etc. just to name a few, those are the ones to which this license type is addressing, I believe.
-
@micmc
No, I said „ someone running Cloudron and making the software available to others“ is the SaaS-Provider, not the team creating Cloudron or apps. If you‘re running Cloudron and let your users use e.g. Hashicorp Vault (and even let the, pay for such access / use), you‘re making available Vault as a service - in direct competition to Hashicorp itself, btw, who provide such paid access / use themselves. You’re no different than e.g. Amazon when they provided Elasticsearch instances (Elasticsearch and Hashicorp both switched to licenses that forbid such direct competition, since).
Or did I misunderstand your point? -
You’re not choosing between the AGPL and another license, and yes, with AGPL lets you eg charge for hosting. If you make any changes you are obligated to contribute them.
The core of Cal.com is licensed under AGPL. This changed in September 2021 https://cal.com/blog/changing-to-agplv3-and-introducing-enterprise-edition
They have two commercial license offerings with additional features that are not AGPL. The enterprise license (support, branding, and features for enterprise) and the platform license (fully integrate into your saas offering with full white labeling - their example is a Tele-health platform).
Cloudron installs the AGPL components. And, you can contact Cal.com and pay them for an enterprise license to unlock those features.
-
@necrevistonnezr said in License warning:
@micmc
Or did I misunderstand your point?Nope, you've got me correctly.
Though I'd still disagree but, here we'd certainly be facing a very interesting point of interpretation
If you read correctly the license the term used is "to convey" and "conveying" "copies of the software" and only that could bring a headache or two. But, the added phrase "someone running Cloudron and making the software available to others" here above whether it's direct from the quote or added by you it is still only an interpretation of the license and not specifically stated as clearly as it may sound.
Hence, that's why I believe 'Cloudronners' would not necessarily enter the same category has the 'developer-provider'. Especially as those providing services with their Cloudron don't even modify nor touch the code in any way, moreover we know that the core codes in the Cloudron system are read only and thus not modifiable.
At the very worse, IF ever a client would CLAIM anything from the non-developer service provider through a system like Cloudron, in regards to getting a copy of the FOSS running on its server, what else can the provider do than tell him; "sure is the link to the developer's repository where you can find the latest updated copy of the software!?
All that said, I sure understand the other part's interpretation, and thus I can envision that cloudronners 'could' fall in the same category as developer-providers, however as explained my own interpretation is the opposite.
As usual, anyway, there's still a lot of place to debate in that field.
