Die Free

January 10, 2022

So you’ve made something cool and it’s time to release it. These seem to be the options at hand:

  • Release under a permissive license (MIT, BSD) and:
    • Have everyone and their grandma use it.
    • Die poor
  • Release under a copyleft license (GPL) and:
    • No company is going to use or contribute to it, unless they can somehow clearly separate it from what they see as their intellectual property. Or just hide it where nobody sees it.
    • Die poor
  • Release it under a commercial license and:
    • Get bashed on HN for doing so
    • Nobody uses it
    • Probably die poor
  • Dual license it as GPL and commercial and:
    • Sue everybody as they are just taking the GPL version and never looking back. Especially if they can hide it somewhere.
    • Die poor

taken from jgilias

I guess with the recent news headlines that “Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps” and “No More Free Work”. I thought I would write about this as I currently work on an opensource project but I am paid to do so. Companies use opensource software all day everyday. I don’t think any company in the world can say they don’t use open source software from linux, nginx, and numpy. Everything has a touch of the opensource world. You reading this now is using opensource code. I think some retaliation—against mega-corporations and for profit consumers of open-source projects who often times do it out of passion in the beginning become yesterdays jam. A cost-free and community-powered software solution but we (the software community) know nothing is free someone has to spend time to maintain and manage software at all times these days.

So with the color.js and faker.js version updated to crash large projects like amazon-cdk and others. Marak the maker of these projects did so with the protection of the opensource world as much as they used his code. The protection is that opensource software comes as is with no warranty and no support it is provided as is. The users should know that and yet somewhere this has yet to be said. Companies want free code as they need it for the normal software engineer is not going to have time to recreate the complexities of linux, nginx, and numpy. The companies should know they get the software as is.

So what is the problem… Nothing just the messed up world that we live in that people will have made billions off of free code. So die poor or build something and keep it closed source and hope they don’t copy your api.

G