|
|
Subscribe / Log in / New account

Redis is no longer free software

The Redis in-memory database system has had its license changed to either the Redis Source Available License or the Server Side Public License (covered here in 2018); neither license qualifies as free software.

Under the new license, cloud service providers hosting Redis offerings will no longer be permitted to use the source code of Redis free of charge. For example, cloud service providers will be able to deliver Redis 7.4 only after agreeing to licensing terms with Redis, the maintainers of the Redis code.

Distributors like Fedora are already looking at removing Redis as a consequence. (Thanks to Emmanuel Seyman).


to post comments

Redis is no longer free software

Posted Mar 21, 2024 7:53 UTC (Thu) by LtWorf (subscriber, #124958) [Link] (7 responses)

I wonder if a fork will emerge and distributions will just switch to that.

Redis is no longer free software

Posted Mar 21, 2024 8:12 UTC (Thu) by josh (subscriber, #17465) [Link] (4 responses)

There are already several forks of Redis, such as KeyDB. There's also the Redis-compatible Garnet, just released a few days ago.

Redis is no longer free software

Posted Mar 21, 2024 11:20 UTC (Thu) by gray_-_wolf (subscriber, #131074) [Link] (1 responses)

> Garnet

Written in C#, which is somewhat annoying due to the horrible bootstrap story.

Redis is no longer free software

Posted Mar 25, 2024 1:34 UTC (Mon) by jmalcolm (subscriber, #8876) [Link]

What do you mean?

Redis is no longer free software

Posted Mar 25, 2024 11:01 UTC (Mon) by frankie (subscriber, #13593) [Link] (1 responses)

Another fork is now Redict.

Redis is no longer free software

Posted Mar 25, 2024 14:45 UTC (Mon) by zdzichu (subscriber, #17118) [Link]

It is too soon to know if any of those forks will be maintained.

Redis is no longer free software

Posted Mar 21, 2024 12:29 UTC (Thu) by zdzichu (subscriber, #17118) [Link]

It's sad Redis won't be available in distributions, but frankly almost 100% of deployments I saw use official container images. Nothing will change, really.

Redis is no longer free software

Posted Mar 25, 2024 12:57 UTC (Mon) by rnestler (guest, #160299) [Link]

There is a fork currently called placeholder-kv: https://github.com/placeholderkv/placeholderkv

Redis is no longer free software

Posted Mar 21, 2024 8:21 UTC (Thu) by ddevault (subscriber, #99589) [Link] (16 responses)

Yet another example of why you should *never* sign a CLA. It is always a promise that, one day, your hard work will be taken from you and incorporated into someone non-free commercial software.

Redis is no longer free software

Posted Mar 21, 2024 9:06 UTC (Thu) by je.r (subscriber, #113267) [Link] (15 responses)

There was no CLA on Redis prior to this.

Redis is no longer free software

Posted Mar 21, 2024 9:09 UTC (Thu) by ddevault (subscriber, #99589) [Link] (13 responses)

Sorry, you're right. RedisLabs used/uses a CLA for many of their other Redis-related projects (which they had done a similar rug-pull on in the past), but not for Redis itself.

Redis is no longer free software

Posted Mar 21, 2024 10:38 UTC (Thu) by leromarinvit (subscriber, #56850) [Link] (12 responses)

Then how are they able to change the license? Did they never take any or remove all outside contributions? Or did they ask for (and get) permission from every contributor?

Redis is no longer free software

Posted Mar 21, 2024 10:40 UTC (Thu) by ddevault (subscriber, #99589) [Link] (11 responses)

Redis was permissively licensed, so it does not require any special steps to relicense it. Explained here:

https://writefreesoftware.org/learn/participate/copyright...

Redis is no longer free software

Posted Mar 21, 2024 10:47 UTC (Thu) by leromarinvit (subscriber, #56850) [Link] (8 responses)

Ah yes, of course - I missed that bit. So BSD still applies to any earlier outside contributions (since only the copyright owner could change that), and they need to follow it for those - but they're free to continue incorporating them into a now differently licensed Redis.

Redis is no longer free software

Posted Mar 21, 2024 11:03 UTC (Thu) by aragilar (subscriber, #122569) [Link] (7 responses)

It does look like they may have messed that up for now though (if this comment is correct): https://github.com/redis/redis/pull/13157/files/17a6ddc2a...

Redis is no longer free software

Posted Mar 21, 2024 15:18 UTC (Thu) by Wol (subscriber, #4433) [Link] (4 responses)

OUCH !!!

That's what AT&T did - they removed the BSD copyright notice, and lost all rights to Unix in the process ...

Somebody (a copyright holder, of course) ought to send them a nastygram and point out that they have just succeeded in the rather tricky task of placing themselves in breach of the BSD licence. And they need to fix it, pronto!

Cheers,
Wol

Redis is no longer free software

Posted Mar 21, 2024 21:35 UTC (Thu) by flussence (guest, #85566) [Link] (3 responses)

This could get interesting. There's already two copyright owners in that pull request pointing out the violation of *their* license terms, and BSD is just like GPLv2 in that it has no amnesty clause for “oopsie, we screwed up” — violating it is a rights-terminating suicide option that falls back to statutory copyright infringement, which can only be undone by an explicit re-granting from every actual rightsholder.

The company had better pray nobody they've wronged here feels inspired by Patrick McHardy…

Redis is no longer free software

Posted Mar 22, 2024 7:49 UTC (Fri) by NYKevin (subscriber, #129325) [Link] (2 responses)

> This could get interesting. There's already two copyright owners in that pull request pointing out the violation of *their* license terms, and BSD is just like GPLv2 in that it has no amnesty clause for “oopsie, we screwed up” — violating it is a rights-terminating suicide option that falls back to statutory copyright infringement, which can only be undone by an explicit re-granting from every actual rightsholder.

This is perhaps slightly misleading:

* GPLv2 has a clause which explicitly terminates the license if you violate it, and contains no provision for automatic reinstatement upon cure. So by the strict terms of the license, any violation can only be cured with the consent of the licensor. Depending on jurisdiction and the facts of the case, a court might decide that this is unreasonable and apply equitable principles or the local equivalent, but if not, then the license is terminated and the infringing party is required to cease using the software. Some jurisdictions have previously ruled that GPLv2 can only be enforced through contract law and not through copyright law (usually because those systems prefer to limit "infringement" to cases where there was never any valid license at all), but that doesn't necessarily make a difference in terms of what the court ends up ordering.
* BSD-3 (and most other versions of BSD) says that permission is granted "provided that the [...] conditions are met." This is much more vague, but at the same time, it is fairly conventional as contracts go. The conditions are a form of consideration, and when a party fails to meet them, they are in breach of contract. Unfortunately, this clause is an excellent example of why software engineers should not be in the business of evaluating licenses: It probably does not imply termination, at least in common law countries, because those countries have a theory of contract law which promotes "efficient breach" (the idea that, in some cases, everyone would be better off if one party could breach the contract and pay off the other party's damages, rather than having to abide by the strict letter of the contract). If you don't explicitly specify termination or otherwise require specific performance as a remedy, then courts may be reluctant to order it as a matter of public policy, and instead try to work out how much money your counterparty should pay you for the privilege of removing the attribution (read: how much money you personally lost from not having your name/license attributed properly).

The practical reality, however, is that no BSD case is going anywhere near a court of law anytime soon, because it is so much easier for a company to settle a permissive license case (settlement is basically "put the plaintiff's name etc. in a menu that nobody looks at, and maybe pay them some money to go away") than a GPL case (settlement probably involves publishing code that you never intended to be public, may also involve auditing and other stuff the SFC likes to ask for in their settlements).

Redis is no longer free software

Posted Mar 22, 2024 23:55 UTC (Fri) by geofft (subscriber, #59789) [Link] (1 responses)

Since you seem to know things about things - does it matter that the copyright statements in question were "Copyright (C) 2009 Salvatore Sanfilippo <antirez at gmail dot com>" and not the name of the contributor whose rights are being infringed? Is it harder to claim that you were harmed if it wasn't your name in the removed permission statement anyway? (Assume it was GPL or even SSPL or something if it makes the potential infringement case more real.)

Redis is no longer free software

Posted Mar 23, 2024 2:28 UTC (Sat) by NYKevin (subscriber, #129325) [Link]

It is difficult to make specific statements about what might or might not matter. There are at least a good ~200 jurisdictions in the world that may have an opinion on the matter, but I'm not aware of any relevant litigation, statutes, or case law (which does not mean they don't exist!), so the best I can do is make educated guesses.

My gut says that you can probably get some kind of damages out of a permissive license if you're the copyright holder, even if you're not the person attributed. It's hard to say how those damages should be calculated, and different jurisdictions will have different formulas. Here are some formulas that I could imagine being used:

* Determine the market cost of producing the software from scratch (i.e. "hire [n] software engineers for [k] [weeks/months], and pay them market salaries"). Possibly apply some multiplier or discount to it (which is probably going to be a highly arbitrary number in either case).
* Determine the market cost of advertising equivalent to the attribution. (No, I don't know how they would figure out what kind of advertising is equivalent; probably they would ask both sides to submit proposals and the judge would choose between them or come up with a middle ground.)
* Attribution (to someone other than you) is worthless, so you are only entitled to nominal damages (i.e. not very much).
* Attribution is priceless and/or easy, so you are entitled to specific performance (or some reasonable approximation) even though the license doesn't call for it explicitly.
* In some jurisdictions, authors benefit from a separate legal regime called "moral rights," which specifically protects attribution, and that would have its own system of remedies. However, this theory would make the previous version infringing (since you are not attributed there either), and I'm not sure you want to open that can of worms. Note that in most jurisdictions, moral rights are either difficult or impossible to waive, and it is almost never possible to waive them implicitly (i.e. without the license having very specific legal language explicitly referring to moral rights). On the other hand, some jurisdictions have no (or very limited) moral rights.

Redis is no longer free software

Posted Mar 22, 2024 16:05 UTC (Fri) by jrtc27 (subscriber, #107748) [Link] (1 responses)

No they haven't. They've added a new REDISCONTRIBUTIONS.txt to comply with the BSD-3-Clause requirements.

Redis is no longer free software

Posted Mar 22, 2024 19:12 UTC (Fri) by khim (subscriber, #9252) [Link]

> They've added a new REDISCONTRIBUTIONS.txt to comply with the BSD-3-Clause requirements.

Except that new file doesn't tell which file is licensed from whom and on which terms. The whole point of BSD license is that one sentence: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Which means they did the only thing that Salvatore Sanfilippo (and others) haven't given them the right to do.

And if you include the fact that they clearly have done that to ensure that Salvatore Sanfilippo (and others) wouldn't be able to do anything in the future… it would be interesting to see what will happen, I guess.

Redis is no longer free software

Posted Mar 21, 2024 13:00 UTC (Thu) by ehiggs (subscriber, #90713) [Link] (1 responses)

s/permissively/bait-and-switch/

Redis is no longer free software

Posted Mar 29, 2024 14:11 UTC (Fri) by sammythesnake (guest, #17693) [Link]

While I'm not especially a fan of the "permissive licence" approach in general, I don't think this is really a fair characterisation of anything.

The code is still as available at it ever was, the only thing that's changed is that the Redis *project* has decided to no longer distribute it (or their future modifications) with a licence under the BSD terms.

It's *almost* exactly equivalent to somebody else forking the codebase under a different name and with a new licence regime, which anyone is free to do (and probably have done) within the terms of the BSD which really aren't very onerous.

The only difference is which project gets to use the name "Redis" / associated logos / domain name / infrastructure. The immediate appearance of multiple forks demonstrates that this isn't a *major* impediment, though they have yet to gain much mindshare for the new name(s)

The name is a matter of Trademarks rather than Copyright, and therefore outside the purview of most Open Source / Free Software licences - including the BSD style ones. There certainly are some licences that include trademark verbiage, but it's generally redundant, doing nothing more than reiterating that using somebody else's registered trademark isn't allowed.

Redis is no longer free software

Posted Mar 22, 2024 2:51 UTC (Fri) by timrichardson (subscriber, #72836) [Link]

A CLA doesn't have to allow unlimited licensing, and since Redis didn't have a CLA anyway, your point is misdirected. Instead, blame the BSD licence.

Redis is no longer free software

Posted Mar 21, 2024 10:11 UTC (Thu) by epa (subscriber, #39769) [Link] (9 responses)

Isn't this overstating things a bit? If you are running Redis today it's still free software for you, surely. You can still run it, modify it, and redistribute it under the existing licence. Only new versions (or, if you want to get paranoid, newly downloaded copies of the current version from the vendor's website) are not available under a free licence.

Redis is no longer free software

Posted Mar 21, 2024 12:10 UTC (Thu) by cloehle (subscriber, #128160) [Link] (7 responses)

It's not overstating anything.
The "free software" Redis is effectively EOL and no longer maintained (soon). It's not like you can actually still use it for anything serious.

You might be able to use a fork, but I assume that cannot be named as a Redis project as they own the copyright.

Redis is no longer free software

Posted Mar 21, 2024 13:10 UTC (Thu) by epa (subscriber, #39769) [Link] (4 responses)

I always thought that one of the distinguishing features of free software against proprietary is that it doesn't have a fixed "end of life". If you're using it you can continue to use it, and if it needs changes you can make them yourself.

Of course some applications will be highly security sensitive (or require a high degree of security theatre around CVEs and updates) and so you would not want to keep using it if upstream were no longer keeping on top of vulnerabilities. But that can't be 100% of all deployed Redis instances.

I understand the concern and the wish not to use an abandoned project. But the article and some of the comments are taking it as though Redis and its existing users were entirely under the control of its developer, who has managed to un-open-source it as easily as Apple deleting an app from the App Store, and with equally little the users can do about it. It reminds me of the news articles which told us the MP3 format had become obsolete, uncritically reprinting what the Frauenhofer Institute had announced, when what they really meant was that they prefer you to stop using MP3 because they can no longer squeeze you for patent royalties. Perhaps I am being unfair because the headline of any article can be misleading taken out of context, but "Redis is no longer free software" would have been much better as "The free software version of Redis is no longer being maintained by its original developer". Less eye-catching, I admit.

Redis is no longer free software

Posted Mar 21, 2024 13:49 UTC (Thu) by spacefrogg (subscriber, #119608) [Link] (3 responses)

The phrase "X is no longer open source" has a long-standing meaning, which apparently did not catch on in your case. Everyone around for the last 10 years or longer knows, that it means exactly what you suggested last.

I may be confusing software with service. Nobody can take away software from your personal devices unless both the software and your personal devices are merely services given to you that you do not fully control. So, I maintain, the confusion is on your part, because you somehow assume that "is no longer open source" means "has been made unusable", which it doesn't.

It still is effectively unusable for two reasons: 1) It is, as you say yourself, unmaintained now and cannot be used in serious contexts. 2) It may very well be delisted from well-known Linux distributions making it actually inaccessible to you.

So, on the last point, your ill-deemed meaning might very well still come down to a hard and inconvenient realisation.

Redis is no longer free software

Posted Mar 21, 2024 14:29 UTC (Thu) by epa (subscriber, #39769) [Link] (2 responses)

The headline talks about it no longer being free software. But you still have freedom to use, change, and share it. Another example would be Ghostscript: new releases from Aladdin are non-free, I think, but that doesn’t stop Ghostscript being free software for those people who have it as part of their Linux distribution. For a program to stop being free software you would have to lose the rights you had before — arguably that’s what happened to the old BSD with the lawsuit, but it’s very rare.

Whether a program is free software is a rather different question from whether it’s maintained upstream or has security fixes or is convenient to use. There are plenty of programs which are no longer worked on by their original programmer or anyone else. That does not stop them being free software.

Redis is no longer free software

Posted Mar 21, 2024 15:24 UTC (Thu) by Wol (subscriber, #4433) [Link]

> Ghostscript: new releases from Aladdin are non-free, I think

AIUI, that's actually ALWAYS been the case. Ghostscript as distributed by Aladdin is open source but not Open Source. A year after release, the GPL kicks in.

Or has that changed recently?

Cheers,
Wol

Redis is no longer free software

Posted Mar 21, 2024 15:27 UTC (Thu) by lanodan (subscriber, #169017) [Link]

I'd say the core distinction is between thinking of redis as a mere program, like the stuff you'd have in a textbook.
And the more "modern" (Loosely starting in Winter '95 with AnonCVS) thing of redis as a project on the internet, most of them collaborative thanks to Free Software licences. Redis the software you have installed is and will remain Free Software after all there can't be DRM in a Free software.
But Redis the project, no longer is Free Software, which also means that the new versions (and patches) will no longer be.

Redis is no longer free software

Posted Mar 21, 2024 20:36 UTC (Thu) by atai (subscriber, #10977) [Link] (1 responses)

> that cannot be named as a Redis project as they own the copyright.

you mean the trademark?

Redis is no longer free software

Posted Mar 22, 2024 11:32 UTC (Fri) by cloehle (subscriber, #128160) [Link]

>you mean the trademark?
Yup, sorry, what an unfortunate mistake :/

Redis is no longer free software

Posted Mar 21, 2024 12:12 UTC (Thu) by danpb (subscriber, #4831) [Link]

Redis is complex software and so will inevitably have security bugs. While you can continue running current releases of Redis for now, sooner or later there would be a need to fix security bugs. Distros are unlikely to want to leave the software with unfixed security bugs indefinitely. So either the distros stop shipping Redis, or some group of interested people collaborates to create a new upstream community fork of the last BSD licensed version and commits to providing fixes to it.

Redis is no longer free software

Posted Mar 21, 2024 10:30 UTC (Thu) by makendo (guest, #168314) [Link]

How is MongoDB and Elasticsearch's usage share currently compared to forks?

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 10:42 UTC (Thu) by elboulangero (subscriber, #81193) [Link] (10 responses)

https://redis.com/blog/redis-license-bsd-will-remain-bsd/

> We want to address your questions and be crystal clear: the license for open source Redis was never changed. It is BSD and will always remain BSD.

Apparently nobody added a unit test for that, and now it's broken :/

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 11:48 UTC (Thu) by epa (subscriber, #39769) [Link] (2 responses)

I would say that promise is still true. Open source Redis still exists, it just won't be getting any updates from now on, unless under a new maintainer.

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 12:19 UTC (Thu) by cloehle (subscriber, #128160) [Link]

If that's how you interpret the promise then there is no promise at all, the BSD license already covered that.

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 17:01 UTC (Thu) by mricon (subscriber, #59252) [Link]

> I would say that promise is still true. Open source Redis still exists, it just won't be getting any updates from now on, unless under a new maintainer.

Only in the same way as "I have been -- and always shall be -- your friend. [dies]"

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 13:12 UTC (Thu) by lanodan (subscriber, #169017) [Link] (4 responses)

https://redis.com/blog/redis-adopts-dual-source-available...
> Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD).

This couldn't be more clear, either they are trying to backpedal, or they're saying that they're not revoking the BSD-licensed versions. (I don't think they can but some licences clearly state non-revocable/irrevocable while BSD-3-Clause doesn't, I could see that being jurisdiction-dependent…)

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 13:20 UTC (Thu) by lanodan (subscriber, #169017) [Link]

My bad only saw the "2018" mention now… yay to broken promises from Redis.

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 15:28 UTC (Thu) by Wol (subscriber, #4433) [Link] (2 responses)

> I don't think they can

If the licence does not grant explicit permission to relicence (and BSD does not grant permission) then you can't.

What they have done (see that other comment under this thread) by removing the BSD grant from the source, is place themselves in breach of the BSD - quite an impressive feat!!! So any American BSD copyright holder could sue them for statutory damages!!!

Cheers,
Wol

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 22, 2024 7:54 UTC (Fri) by joib (subscriber, #8541) [Link] (1 responses)

> If the licence does not grant explicit permission to relicence (and BSD does not grant permission) then you can't.

Indeed. You can grab some popcorn and check the comments on the relicensing PR: https://github.com/redis/redis/pull/13157

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 22, 2024 22:33 UTC (Fri) by himi (subscriber, #340) [Link]

Ooh, a quick scroll through that thread and I found this: https://github.com/redis/redis/pull/13157#issuecomment-20... - a contribution where the copyright is explicitly held by the contributor's employer, Red Hat. Also a bunch of comments about contributions from AWS, Alibaba . . .

For all that the BSD licence is pretty hard to violate, it looks like this might be one case where it ends up having some serious force behind it. At the very least a lot more work to make doubly sure that every i has been dotted and t crossed, and possibly more.

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 21, 2024 17:39 UTC (Thu) by jafd (subscriber, #129642) [Link] (1 responses)

“ the license for open source Redis was never changed. It is BSD and will always remain BSD.”

That’s got to be some fancy definition of the term “always”. Apparently, it means “until I feel like changing it”.

Redis’ License is BSD and will remain BSD (2018)

Posted Mar 22, 2024 3:02 UTC (Fri) by timrichardson (subscriber, #72836) [Link]

The claim is true, it is just that all the BSD versions of Redis are now historical. The comment in 2018 was careful not to claim that all future version of Redis would be BSD, only that the future BSD versions would be BSD, which is a comment without substance because they couldn't be otherwise.

Redis is no longer free software

Posted Mar 21, 2024 13:37 UTC (Thu) by paulj (subscriber, #341) [Link] (39 responses)

Everyone is condemning Redis, but what exactly is the right way for a set of developers (e.g., as a company) to avoid the situation where they are putting in their time developing the code, only to see parasitical "cloud" companies dominating the market with their paid SaaS instances of that software, and never giving back?

Cause that clearly is not sustainable for Free Software either.

Redis is no longer free software

Posted Mar 21, 2024 14:07 UTC (Thu) by AlecTavi (guest, #86342) [Link] (28 responses)

License the project under the AGPL. As a copyleft license, it forces parasitic cloud companies to retain the license. More uniquely, section 11 requires any network-available modified instance to provide the source of the instance.

Redis is no longer free software

Posted Mar 21, 2024 14:11 UTC (Thu) by NAR (subscriber, #1313) [Link] (18 responses)

The fact that the source is available doesn't pay any bills...

Redis is no longer free software

Posted Mar 21, 2024 14:39 UTC (Thu) by AlecTavi (guest, #86342) [Link] (17 responses)

I interpreted "never giving back" as "never giving back their improvements or changes to the software." The AGPL addresses that.

If the concern is instead, "never giving back financial support," the solution is non-free software. I.e. disallowing execution / modification of the software without financial compensation. This restriction can be targeted to commercial uses in a custom license while permitting free use by non-commercial entities. You can even allow evaluation periods (shareware).

Redis is no longer free software

Posted Mar 21, 2024 17:16 UTC (Thu) by MarcB (subscriber, #101804) [Link] (16 responses)

> I interpreted "never giving back" as "never giving back their improvements or changes to the software." The AGPL addresses that.

Look at the Linux kernel. Look at PostgreSQL (very comparable position in the software stack). The cloud companies not only give back, they even contribute to the software far beyond their integration work. Where this notoriously fails is "boring" infrastructure, like OpenSSL, but for more complex software, it tends to work.

Redis became more or less commercial in 2015. They picked up venture capital in at least seven financing rounds. They added more and more features to Redis to cover more and more uses cases. Nothing of this was "community-driven". I'd assume that easily 90% or more of all development resources go into those features.

The goal of Redis is not to keep an open source project financed, their goal is to make money.

> If the concern is instead, "never giving back financial support," the solution is non-free software. I.e. disallowing execution / modification of the software without financial compensation.

This is almost impossible. It is absurdly hard to get into the market as a closed source database, or any other core infrastructure, provider. No one will trust you enough to bet their business on your product. No developers will have experience with your product.

This is why all those companies start as open source: To get known, to get picked up by developers and to be used in increasingly important projects. At some point, they conclude there position is now strong enough to make a commercial offer (or their investors lose patience).
I recall a report about the estimated conversion rate to such a commercial offer being off by a factor of 10,000. I think this was for MongoDB.
At that point, the investors get scared, and the companies start looking for other ways to monetize their product. One popular choice is offering it "as a service"; turns out others had this idea before, and those others also run the cloud platforms that the aspiring "as a service" company has to pay for. So the original cloud company will always be cheaper or have a higher margin...

Redis is no longer free software

Posted Mar 21, 2024 17:38 UTC (Thu) by AlecTavi (guest, #86342) [Link] (15 responses)

> Look at the Linux kernel. Look at PostgreSQL (very comparable position in the software stack). The cloud companies not only give back, they even contribute to the software far beyond their integration work. Where this notoriously fails is "boring" infrastructure, like OpenSSL, but for more complex software, it tends to work.

You're right. This fails for boring parts of the Linux kernel as well.

The kernel's license doesn't require these contributions. The companies can stop giving back at any point - it's up to them. Only some of the modifications / improvements make it back to the upstream kernel. If there's an improvement that gives a cloud provider a material financial advantage (such as CPU savings across a whole cloud fleet) compared to competing cloud providers, they will never give that improvement to the public while it's in their overall interest to withhold the improvement.

This situation may be good enough, but paulj was asking about "how to prevent" the lack of contribution that was visible for Redis SaaS providers.

> It is absurdly hard to get into the market as a closed source database, or any other core infrastructure, provider.

Again, you're right. The markets are saturated, and an open-source implementation does increase trust.

Note, however, that I referred to "non-free software" rather than "closed-source software." The source can be publicly available with a license that does not permit commercial use, private modification, or redistribution. You can even accept third-party contributions! This model rarely happens, as license-violations are hard to police; usually a company trying to financially exploit their software capital is worried about squeezing everybody for those license fees, not just the biggest companies.

Realistically, however, you're right: any new software in one of the saturated spaces of core infrastructure will struggle to "get into the market." This seems fine to me. Let's implement our innovative ideas for the public good, rather than market concerns. I want more Tim Berners-Lee and less Mark Zuckerberg.

Redis is no longer free software

Posted Mar 21, 2024 19:18 UTC (Thu) by MarcB (subscriber, #101804) [Link] (1 responses)

> This situation may be good enough, but paulj was asking about "how to prevent" the lack of contribution that was visible for Redis SaaS providers.

If that had been the real issue, the fix would have been obvious: Reach out to stakeholders, set up a "Redis Foundation" or some other open, governing structure and try to make it come alive.

But that was never Redis' model. Redis LTD was a commercial company from the beginning. They later hired the original open source developers.
Why would any company work for another company for free? With a CLA, this is immediately off the table. Even without one (like here), the other company would be very reluctant, especially since there is a lot of precedent for license changes like this. Also, the other company would want some influence on the direction of the project. You don't have that if you only can provide patches that may or may not be accepted for whatever (unspoken) reason.

And this is true for all those "projects" that complain about "cloud providers exploiting the open source community" to justify a license change: The "community" actually is exclusively the company and their goal always was to make real money, not to run an open source community.

> Note, however, that I referred to "non-free software" rather than "closed-source software." The source can be publicly available with a license that does not permit commercial use, private modification, or redistribution.

That doesn't work. "No commercial use" roughly translates to "do not touch". Really, if I come across a license term like this, when looking at some new software, I stop reading. It would fail any approval process and any working time spent on it is wasted.

The immediate goal of these companies is to gain developer attention, including publicly visible attention that they can demonstrate to potential investors. Once this has been achieved, they use the investor's money to hire and to grow rapidly, outpacing the competition, including real open source projects (Redis vs Memcached is a striking example). This usually happens in a circle, with multiple rounds if investment.

But of course, then they are committed to the investors who will have set some undisclosed amount and point in time for their expected returns on investment.

Now, this venture capital thing is not bad per se. Some companies, usually those that started later and had MongoDB, Redis, Elasticsearch and others as warnings examples, play with open cards. They state from the very beginning what the differences between their open source and commercial editions will be.

Redis is no longer free software

Posted Mar 22, 2024 6:40 UTC (Fri) by LtWorf (subscriber, #124958) [Link]

> But that was never Redis' model. Redis LTD was a commercial company from the beginning. They later hired the original open source developers.

AFAIK the original developer hasn't worked ther for a few years. I don't know when they have parted ways and I don't know why that happened.

Redis is no longer free software

Posted Mar 21, 2024 21:41 UTC (Thu) by donbarry (guest, #10485) [Link] (12 responses)

Let's not continue to use Berners-Lee as a model of ethical behavior. His overriding of an immense groundswell of popular opposition to capitulate to the big media companies and ram through Encrypted Media Extensions as an official part of the W3C standard turned the corner of his being a servant of the community to his being a puppet of business interests.

Honor him for what he was, but not for what he is, which only deserves contempt.

Redis is no longer free software

Posted Mar 21, 2024 22:33 UTC (Thu) by bluca (subscriber, #118303) [Link] (8 responses)

You seem to imply that the alternative to EME was no DRM. That is false. The alternative was having to reboot into Windows to watch Netflix. Is DRM bullshit? Yes. But it's not going away because some greybeards on their 0.x% of market share don't have it, so I'd rather have a well-defined common API in the browsers for it, instead of proprietary shitshows that were there before. Already forgot about how much fun it was when the only way to consume media online was Flash, or Silverlight? THAT was the alternative. Thanks, but I'll take EME and widevine any day of the week over Silverlight.

Redis is no longer free software

Posted Mar 22, 2024 0:46 UTC (Fri) by roc (subscriber, #30627) [Link]

This!

Also, the oppose-EME-at-all-costs people predicted that it would inevitably lead to DRM for all Web content. It's been nearly 10 years and there's no sign of that.

Redis is no longer free software

Posted Mar 22, 2024 1:30 UTC (Fri) by IanKelling (subscriber, #89418) [Link] (5 responses)

> You seem to imply that the alternative to EME was no DRM. That is false. The alternative was having to reboot into Windows to watch Netflix.

> Already forgot about how much fun it was when the only way to consume media online was Flash, or Silverlight? THAT was the alternative.

I have a teenager who watches youtube with no EME and doesn't give a shit about netflix. I've lived the majority of my life when netflix.com didn't exist. People without TVs existed, and people without EME exist and are thriving. How does it feel to be/act like a shill? https://www.fsf.org/blogs/community/cancel-netflix-if-you...

Redis is no longer free software

Posted Mar 22, 2024 2:55 UTC (Fri) by dvdeug (guest, #10998) [Link] (3 responses)

I don't use a feature is not an argument for a feature to not exist. If you don't want to use Netflix, that's your choice. The feature makes it easier for certain people who do want to use Netflix to use Netflix.

Redis is no longer free software

Posted Mar 22, 2024 5:37 UTC (Fri) by donbarry (guest, #10485) [Link] (2 responses)

This feature is bowing down to the profit interests of corporations rather than the interests of an open and interoperable web, the entire original justification for which Berners-Lee I was justly celebrated before Berners-Lee II sold out.

"It's easier to capitulate before corporate interests." Well, maybe in the short term. That EME hasn't gobbled up more of the web *yet* is no justification for its existence.

I've never installed it. I've certainly never subscribed to one of the delivery services that would use it. I can't say I've ever missed it, and I also sleep well at night.

Redis is no longer free software

Posted Mar 22, 2024 6:52 UTC (Fri) by Cyberax (✭ supporter ✭, #52523) [Link]

> This feature is bowing down to the profit interests of corporations rather than the interests of an open and interoperable web

It allows corporations to provide an open and interoperable DRM that doesn't require intrusive measures or custom applications.

But it's bad because it allows people to watch TV without intrusive measures or custom applications.

Got it.

Redis is no longer free software

Posted Mar 22, 2024 11:44 UTC (Fri) by bluca (subscriber, #118303) [Link]

We did not have "an open and interoperable web" before EME, we had Silverlight that didn't work on Linux, and Flash that sometimes worked after endless tinkering completely out of reach of non-tech-savvy users.
Thanks to the EME standard interface, and thanks to corporations that maintain builds of the implementation that work, things that people actually want to use nowadays "just work" on Linux too. We are so much better off now than we were before, and it's not even close.

Would it be even better without DRM? Of course, but a strongly worded blog post from a height of 0.0x% of market share is not going to make that happen, because we live in a capitalist society and that's just not how capitalism works.

Pick your battles.

Redis is no longer free software

Posted Mar 22, 2024 7:32 UTC (Fri) by IanKelling (subscriber, #89418) [Link]

Excuse me, I shouldn't have wrote the shill bit. I wasn't thinking as I normally would.

Redis is no longer free software

Posted Mar 22, 2024 7:08 UTC (Fri) by LtWorf (subscriber, #124958) [Link]

It has never once worked for me.

Firefox downloads the proprietary thing, and then it doesn't work.

That's it.

.mkv files on the other hand work very reliably.

Redis is no longer free software

Posted Mar 21, 2024 23:55 UTC (Thu) by Cyberax (✭ supporter ✭, #52523) [Link]

Why is EME bad? It's an option for people who want it. You're totally free to ignore it.

Redis is no longer free software

Posted Mar 22, 2024 1:16 UTC (Fri) by IanKelling (subscriber, #89418) [Link] (1 responses)

+1, no to tbow.

Redis is no longer free software

Posted Mar 22, 2024 9:18 UTC (Fri) by mjg59 (subscriber, #23239) [Link]

This is terrible thread drift, but:

A frequent defense of Richard Stallman is the work he did in the 80s to make free software a reality. If your argument with respect to Tim Berners-Lee is that we should feel free to criticise people based on their current behaviour with no regard to what they achieved in the past, are you fine with criticism of RMS that ignores everything he achieved in previous decades?

Redis is no longer free software

Posted Mar 21, 2024 15:45 UTC (Thu) by paulj (subscriber, #341) [Link] (8 responses)

Does this work if your software is mostly a back-end component, like... say... a memory DB cache... which no interacts with directly? The AGPL only extends the source requirement - beyond "conveyance" as in the GPL - to:

"all users interacting with it remotely".

Does a back-end component (e.g., a Redis instance) have "users interacting" with it, when those "users" interact with a web app, and only the web app on the same host interacts with the Redis instance?

The AGPL is not clearly applicable to many kinds of software that are still key components of "cloud" hosting companies.

Redis is no longer free software

Posted Mar 21, 2024 16:15 UTC (Thu) by DOT (subscriber, #58786) [Link] (6 responses)

I would argue that it doesn't matter how many proxies you put between the software and the user; as long as Redis is a part of the chain that brings the bits from the server to the user's computer, it is being "used".

Of course, that still doesn't fix the problem that Redis Inc. has: making Amazon, Microsoft and Google pay. Sure, moving to the AGPL would undoubtedly cause those to buy a license to make the AGPL go away. But every other company in the world also needs that: AGPL is banned in most companies. And that would introduce tremendous pressure to create an open source fork.

I don't necessarily agree that AGPL should have a blanket ban for most companies, but many companies are fearful that the AGPL would apply to their entire service, not just the small part that is AGPL-licensed. Thus, they ban the license completely.

Redis is no longer free software

Posted Mar 21, 2024 16:31 UTC (Thu) by paulj (subscriber, #341) [Link] (1 responses)

What about the software running the network control plane, that directs the network routers and switches how to get those bits from the server to the Internet, and on to the user?

If the user only ever interacts with a web app on a server in a tech company's proprietary "cloud", would that tech company have to release mods to Free Software infrastructure, like network elements, if licensed under the AGPL? I think it's very unlikely, and hence the AGPL is not useful for a lot of stuff.

Redis is no longer free software

Posted Mar 29, 2024 21:07 UTC (Fri) by sammythesnake (guest, #17693) [Link]

Three ways the AGPL has difficulty achieving its goal:

1) It requires $BIGCORP release the code for their entire operation as AGPL software, so they won't use AGPL software.

2) It doesn't apply require the release of anything behind a paper thin veneer of SaaS interface, so it's not meaningfully different from the "normal" GPL.

3) (This is the biggie, OMHO) It's really not clear whether #1 or#2 (or something in between) is really the case. The wording in the AGPL terms leaves plenty of scope for reasonable disagreement about what it even means. Even identifying the relevant jurisdiction is non-trivial, let alone finding out what ruling might come out of any court action. A quick Google doesn't reveal any suggestion of test cases to learn from...

3½) Is the AGPL's requirement of AGPL-licensed release of code absent distribution (in the copyright law sense - the AGPL uses the term "convey"), even enforceable at all? Again, I don't think this has been tested, but I imagine it would have tough time in the courts, to say the least(!)

Even if none of the above punctures the AGPL, any sufficiently mean spirited $BIGCORP could arrange for their modifications to be be made by a suitable distinct $PUPPETCORP, licenced under the AGPL but only made available to $BIGCORP, who would then not fall into the category of using a "modified" (by them) version, and would have no requirement to release any code at all (section 13 of the AGPL only applies to *modified* versions as I read it)

Honestly, I think the *idea* of the AGPL is not only perfectly valid, but laudable - a software author ought to be able (if they so desire) to provide code under terms that keep it big-F "Free" to end-users as well as recipients,, but I'm not sure there's any way to achieve this under current copyright or contact law. What I am pretty confident of, though, is that the AGPL is not such a way...

Redis is no longer free software

Posted Mar 21, 2024 16:58 UTC (Thu) by AlecTavi (guest, #86342) [Link] (3 responses)

There is tension between freedom and control of software. Freedom includes using, modifying, and redistributing software. Freedom includes private improvements to software that are never given back to the public. Copyleft licenses remove that particular freedom to encourage the growth of the other freedoms.

The financial exploitation of software capital (license fees, SaaS subscriptions, etc.) makes those freedoms contingent on financial compensation.

The companies that ban AGPL are rational to do so: they want to ensure they have no obligation to give their users those software freedoms. They want to retain control of their software to enable it's exploitation as a form of capital. paulj asked how to prevent this private exploitation.

Inevitably, if the software is less-exploitable by private entities, it will be less-adopted by them. This is another tension, between private exploitation and forcing public benefit through the legal system. It's not good or bad, but we developers need to make the choice of which to emphasize for any software project:

  • give people the maximum freedom with widespread adoption but no reciprocation (permissive licenses)
  • retain some control by withholding some freedom that reduces adoption but allows you to demand compensation (copyleft, dual-licensing, unfree software, etc)

Without a mechanism to force the financial or software-development contribution from users of software, some users of the software will choose not to "give back."

Redis is no longer free software

Posted Mar 21, 2024 23:19 UTC (Thu) by Wol (subscriber, #4433) [Link] (1 responses)

> Inevitably, if the software is less-exploitable by private entities, it will be less-adopted by them. This is another tension, between private exploitation and forcing public benefit through the legal system.

And it's not a zero sum game. Do you want a small slice of a large cake, or a large slice of a small cake? The problem with trying to force public benefit is you are then likely to have pretty much all of a very small cake. Go the other way, and your small slice is likely to be much larger than the small cake.

Cheers,
Wol

Redis is no longer free software

Posted Mar 22, 2024 16:33 UTC (Fri) by dvdeug (guest, #10998) [Link]

That's a massive oversimplification. GCC and the Objective C frontend is an older case where the GPL caused the Objective C frontend to be available to everyone. Linux, which became a very large cake, has had decent returns from commercial users; BSD seems to have had relatively little, with the exception of some end-of-life stuff tossed out. Even then, e.g. AdvFS (from BSD-based OSF/1) was released as GPL-2, not BSD, for use with Linux.

Working with giants like AWS and Azure is hard; they have every intent on being compatible with Redis only so long as they have to. They want you locked into Amazon Elasticache or Azure's version. Can a BSD version keep even a tiny slice of cake against that? I'd suspect Redis is going to drift into oblivion as open source users drop it and AWS & friends ignore or duplicate any changes.

Redis is no longer free software

Posted Mar 22, 2024 1:10 UTC (Fri) by pabs (subscriber, #43278) [Link]

> Freedom includes private improvements to software that are never given back to the public.
> Copyleft licenses remove that particular freedom to encourage the growth of the other freedoms.

This is incorrect, copyleft licenses only require giving to your users, not back to the upstream project or the public in general. You can certainly keep improvements private if you don't have any users or your users aren't technical enough to use or request the source or publish it anywhere.

Redis is no longer free software

Posted Mar 21, 2024 16:33 UTC (Thu) by AlecTavi (guest, #86342) [Link]

Section 13 specifically applies to users interacting with the software over the network. So, offering Redis as a cloud service would require disclosure of changes to the Redis software changes to direct users of that service. If Redis were used as a backend component, not offered to public users, then section 13 does not apply. The users themselves do not interact with the licensed software.

Redis is no longer free software

Posted Mar 21, 2024 14:10 UTC (Thu) by bluca (subscriber, #118303) [Link] (4 responses)

Redis is a private for-profit company, not a charity. Did said company share its profits with any number of open source developers who contributed code to their project during its history? If the answer is less than "100% of them" then they are in no position to make such morality-based demands.

Making software proprietary after happily taking in contributions from open source developers, while attempting to latch on the "open source" brand (yes, it is a brand) is also not sustainable for Free Software.

Redis is no longer free software

Posted Mar 21, 2024 14:36 UTC (Thu) by wittenberg (subscriber, #4473) [Link] (2 responses)

Several models have been described as "not sustainable for Free Software". This leads to the obvious question: What model is sustainable for free software"? There are many companies which make a living developing free software. Many of them do a lot of the heavy lifting for important projects. Is there a model in which they can continue to release free software and continue to make a living? Not everyone can afford to donate their labor. It's important for all of us for those companies to be able to make a reasonable living.

--David

Redis is no longer free software

Posted Mar 21, 2024 15:46 UTC (Thu) by mogul (guest, #3163) [Link]

Companies that offer support, consulting, and prioritized feature development for paying customers seem to do well. See for example Postgres.

Redis is no longer free software

Posted Mar 22, 2024 3:50 UTC (Fri) by timrichardson (subscriber, #72836) [Link]

It is partly the model, and partly the context, I think. There are definitely sustainable open source projects. I would be surprised if you could predict their success from the exact model or licence, but I am quite confident that you could predict their success quite well from the context. By definition, a sustainable open source project has a broad base of unrelated contributors, so any model that doesn't support that won't work but I am not sure about the causal relationship. Models that encourage many developers and reduce the power of individuals or for-profit entities may simply be the outcome of sustainable projects that had no grand ideas about models.

As to why sustainable open source projects exist at large scale with commercial, for-profit contributors: the answer is pretty simple. It makes financial sense for them to contribute: if the software does not have a lot of added value (such as an in-memory database that your end users have never heard of) why pay $100 of developer time to reimplement it when all you need to is to pay $1 to fix a bug or $10 to add a new feature? When lots of contributors make the same decision, you have a sustainable open source project, although it's hard to see this making any one very rich. From the point of view of the Redis investors, they can't be worse off going proprietary, so why not?

Redis might turn out to be pretty generic and it might not be worth very much to people like me, who use it. You can run Windows servers in AWS, but who does? But I guess for the investors there is not much else to try, now that they have learnt that you can't beat AWS at hosting.

Redis is no longer free software

Posted Mar 21, 2024 15:25 UTC (Thu) by paulj (subscriber, #341) [Link]

I'm kind of assuming that Redis Labs/Ltd. came into existence to directly support the author of the Redis software - though, he's no longer with them it seems - and continues to support all, or at least the bulk of, Redis developers.

But even if that assumption is incorrect, and Redis Ltd/Labs itself is also taking advantage of the software devs, my question still applies generally: What is the correct structure - legal entity and licence wise - to support the developers of some Free Software.

(I myself once worked for a 501.3c that had - I /thought/ - been setup to support the Free Software I helped maintain; but only for about 6 months - and now I think that kind of structure is not really ethical, and certainly at risk from perverse motivations and conflicts of interest).

Redis is no longer free software

Posted Mar 21, 2024 16:01 UTC (Thu) by Wol (subscriber, #4433) [Link]

> Everyone is condemning Redis, but what exactly is the right way for a set of developers (e.g., as a company) to avoid the situation where they are putting in their time developing the code, only to see parasitical "cloud" companies dominating the market with their paid SaaS instances of that software, and never giving back?

Use the MPL?

Or - and this is compliant with the first two freedoms - ask for a CLA that allows the developers to sell proprietary licences provided the software is provided AS SOURCE. As far as businesses are concerned, the last two freedoms are pretty worthless, anyway.

You probably also ought to go down the Aladdin / Qt route - a poison pill or similar kicks in in the event that the software becomes closed - such that everybody in possession of the software gets a Free licence (GPL after a year in the case of Aladdin, BSD in the event of an unfriendly change of management in the case of Qt).

The purists might scream that it's not completely Free, but I just see it as "looking after your customers", including making sure they're okay if anything happens to me.

Cheers,
Wol

Redis is no longer free software

Posted Mar 21, 2024 16:41 UTC (Thu) by MarcB (subscriber, #101804) [Link] (2 responses)

It is perfectly sustainable for free software, because the oh so evil cloud providers and other commercial entities benefiting from the software give back what free software projects need: Bug reports, patches and paid development time.

Take PostgreSQL as an example: https://www.enterprisedb.com/blog/Which-Companies-Support...
The cloud companies *are* contributing to actual free software projects. Alternatively look at Linux.

Of course, this does not work for all software. OpenSSL is a prime example: It has to implement the latest TLS specs reliably, and that is all. You can't really run an "OpenSSL consultancy" that adds features your customers need, or that tunes their setups, and use that to finance one or more full-time developers. Their simply is no way to make (much) money out of it. Also, "going commercial" would not help. The only viable niche for commercial TLS libraries seem to be embedded systems that also need FIPS or some other certification.

But for Redis, an approach like PostgreSQL could have worked perfectly.

However, they went the route of venture capital and essentially became a regular software company that mostly uses (or now: used) Open Source to get a foot into the door at potential customers. One of their approaches to make their investments worthwhile is becoming a cloud provider themselves, but obviously - since they have to pay for the cloud infrastructure - they cannot compete with the underlying cloud providers that also offer Redis. So they now try to get them out of the loop.

This almost certainly was not the goal of the original Redis developers, but that's what it has turned into since 2015. We dropped Redis in 2019-2020, because a development like this seemed inevitable. Also, Redis was (almost certainly still is) suffering from tremendous feature and even scope creep, with most of the features initially having very questionable quality.

Redis is no longer free software

Posted Mar 21, 2024 21:55 UTC (Thu) by raven667 (subscriber, #5198) [Link]

This is the fundamental thing, companies, universities, small consultancies and consortiums, pooling resources to maintain shared infrastructure works for FOSS but there are only a few firms that make billions from it, maybe only Redhat, and injecting VC funds into a project leads to eventual enshitification when they want their 10x return on the investment at some point. I would also say that the features added by VC funding tend not to be sustainable and useful for the community but are often an attempt to corner and monopolize a market for the eventual imposition of rents, or the features are only attractive to other organizations trying to monopolize and to scale to billions of users when a much simpler and less complex software could have done the job sustainably using far fewer resources and with far less effort.

I see the threads between the push for SPAs and React and Kubernetes, containers and micro services, large clustered nosql databases, graphql and API-first design and funding from VCs with zwro-interest-rate money to throw around, crowding out simpler and more sustainable application development. How many apps which need layers of proxies, caching and clustering could just be a Django CRUD app on a server if they weren't trying to scale, and weren't taking and infrastructure inefficient way of doing so.

Redis is no longer free software

Posted Mar 22, 2024 14:50 UTC (Fri) by vmpn (subscriber, #55435) [Link]

What did you move to if you don't mind me asking?

Redis is no longer free software

Posted Mar 22, 2024 3:13 UTC (Fri) by timrichardson (subscriber, #72836) [Link]

A project where the added value of the entity paying for it is the software is not sustainable for open source. That's ok.

The business case for open source exists when it is much cheaper to make an open source contribution of 1% than paying to reimplement the 99% just to then pay for the 1% extra (which could even be a bug fix). This is pretty common for infrastructure where you don't even care if a competitor uses your contribution. It can definitely be sustainable. Once you have paid a developer to submit that bug fix so you can keep using the open source database, you are a little bit more committed than before, because now if you decide to reimplement, you also have to reimplement your improvements. Ironically, you kind of get locked in to open source. This is the definition of sustainable.

You'd think a key-value in memory database is pretty much the definition of this sort of project. I use Redis, but I don't contribute. But I assume it has external contributors, and a lot now depends on what they choose to do. As for the investors of Redis, it seems like a risk. They could now lose control and see an open source project start to implement some of their added value, non free components.

Redis is no longer free software

Posted Mar 23, 2024 15:51 UTC (Sat) by cerebus (subscriber, #162576) [Link]

It's funny how news like this, absent anything compelling about the software's new form or features, can really put one off of wanting to touch it. I was just considering trying out Redis in place of where we use RabbitMQ, but now I fear getting invested in a potentially expensive ecosystem, withering due to being locked down, and rife with drama.


Copyright © 2024, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds