If you're a paying customer, you are probably fine.
If you're using SSPL'd Elastic (or Mongo DB, the risks are the same) for anything serious -- i.e. beyond a hobby, get legal advice ASAP.
SSPL isn't an OSI certified license; many would call it at best a 'shared source' license because of the riders attached.
[DELETED because, as user `gpm` points out, OSI doesn't own 'open source' as a trademark, sorry about that -- the need for legal advice doesn't go away, however.] In fact given their kvetching about Amazon and their trademark, Elastic's cheerleading of open source in this and the original blog post seems to be a bit misleading and doing OSI's trademark a disservice.[/DELETED]
OSI does not have a trademark on the term open source, they tried and failed to acquire one.
Trademarks are not a requirement for defining terminology. The word "cake" is not trademarked, but if I sell you a used car tire when you buy a "cake" from me, I still lied and misled you about the product.
I think they need one.
Comically, this is why trademarks exist to prevent people from confusing the market with similar and reused terms.
I think we need a CreativeCommons-like trademark for open source software before it’s too late.
I think "OSI Approved Open Source License" could easily be an OSI trademark, if it's not already.
Ironicallly, like many other organizations, Elastic themselves have used OSI's approval as a benchmark for 'open source'[1]:
> Is X-Pack now open source?
> Updated on 2018-04-24 with a link to the Elastic License
> Open source licensing maintains a strict definition from the Open Source Initiative (OSI).
> As of 6.3, the X-Pack code is open under the Elastic License. However, it will not be 'open source' as it will not be covered by an OSI approved license. The interaction model for open X-Pack will be identical to the open source Elastic Stack, including the ability to inspect code, create issues and open pull requests via our existing GitHub repositories.
[1] https://www.elastic.co/what-is/open-x-pack
> I think "OSI Approved Open Source License" could easily be an OSI trademark, if it's not already.
Something along those lines is trademarked
https://opensource.org/trademark-guidelines lists OSI's policy for trademark usage.
3. Usage that Require Prior Written Approval 3.1. Distributing software under a license approved by OSI ("OSI Approved License")
I think there are valid differences in opinion in what “open source” means and an organization with an agenda shouldn’t try to own the terminology.
> I think there are valid differences in opinion in what “open source” means
Disagree. It's a well standardised term of art: it means what the OSI define it to mean. It's pretty precise, and is not a meaningless marketing term like premium. Similarly free software (and especially Free Software) means what the FSF defines it to mean.
When people start using these terms to mean whatever they feel like it should mean, it muddies the waters for those of us trying to have serious discussions about these topics. Tellingly, such redefinitions are generally broader than the accepted OSI definition, so as to include whatever product someone is trying to push.
> Tellingly, such redefinitions are generally broader than the accepted OSI definition, so as to include whatever product someone is trying to push.
I disagree. In fact I'll present the counter example of "myself". I don't agree with the OSIs definition of open source, I think it run contrary to the plain meaning of the term, and is contrary to pre-OSI use of the term. I've argued that numerous times on this forum (and I'm going to avoid repeating these arguments in depth here, just google "gpm Open Source site:news.ycombinator.com"/"gpm Open Source site:lobste.rs" and you will be able to find the arguments).
I have never pushed a product claiming to be open source that does not meet the OSIs definition, nor do I anticipate I ever will, since that seems to be a great way to make discussions about the product devolve into arguments about licensing, which is terrible advertising.
The fact that these arguments usually only come up when there is a reason to argue, i.e. someone has used the term in a way outside of the OSIs definition, does not mean that people only think the right definition of the term is something else when it's for their own benefit.
Frankly I don't get why OSI proponents are so angry about the use of the term Open Source, when they can just unambiguously use "OSI Approved License" instead.
It's borderline gatekeeping and it irks me to no end.
> It's borderline gatekeeping
No, it's a term-of-art. When people muddy the waters and try to undermine the standard terminology of a field, it's not some righteous struggle to liberate a term, it's just an obstacle to clear communication.
In aviation, flap is a precise term-of-art, and is never used interchangeably with aileron, despite that an aileron is plainly a kind of flap (in the colloquial sense). If you adopt your own definition of flap, to refer to both flaps and ailerons, no-one is going to sue you, but no-one is going to know what you're talking about. Your use of the term will be considered not merely different, but wrong.
Similarly, you could try telling a physicist that you consider the words power and force to be interchangeable. They're not going to sue you, but they're also not likely to entertain your deliberate misuse of standard terms.
Are pilots and physicists gatekeeping by being so insistent that you use their terms their way?
But it’s not a term of art, when it was first used it had a broad scope for more or less anything where source was made available to users of software.
The OSI definition is a newer more narrow definition adopted long after the term was in broad use.
And fundamentally, the literal meaning of the words open and source do not have connotations beyond the source being available for viewing.
Please cite this supposed earlier pre-OSI usage. Can you?
Apparently the OSI was founded February 1998, the same month the term open source was first coined [0][1]. The OSI says [2] The Open Source Definition was then created during the launch of the OSI in Feb. 1998 by revising the DFSG and removing Debian-specific references.
This seems to indicate that the OSI's precise definition was pretty much there from the beginning, unless they didn't really coin the term open source and it was floating around beforehand. I've heard from others that open source was in use before the OSI definition, so perhaps that's the case.
As I mention in my response though, I don't think the term's early history much matters.
[0] https://en.wikipedia.org/wiki/Open_source#Origins
[1] https://web.archive.org/web/20021001164015/http://www.openso...
[2] https://opensource.org/history
You say you’ve heard that but you cannot find the proof, because if it was in use, it was only used occasionally. They coined the term and they gave it the definition.
> when it was first used it had a broad scope for more or less anything where source was made available to users
I'm not sure the early history of the term really matters. Presumably early aeronautical engineers and early physicists had to all agree on the terms of their field. It's fortunate that they did so, and now that their field is mature, their terms are clear and unambiguous.
Someone without an education in physics might not be able to intuit that physicists use the terms strength, hardness, and toughness in distinct and precise ways.
> The OSI definition is a newer more narrow definition adopted long after the term was in broad use.
I'd say it's a more considered, more precise, more meaningful definition.
> the literal meaning of the words open and source do not have connotations beyond the source being available for viewing
I already gave the example of flap, a precise term-of-art in aviation that reuses a non-technical English word in a way that cannot simply be intuited.
I also don't see that open needs to be a synonym of viewable. I think it's fine that open be used to refer to something broader, as in the Open University for instance. [0]
[0] https://en.wikipedia.org/wiki/Open_University
I don't think we really need that. The current solution works relatively well: anyone using open source in a sense other than that described by the OSI, is reliably met with a hailstorm of criticism on HackerNews for being disingenuous. That's as it should be. It's a term of art in the software world, and we don't insist on legal enforcement of every term of art.
I tend to capitalise the term, Open Source, to emphasise that I'm using it an a precise way. I do the same with Free Software. Not ironclad, but I figure it probably helps.
With all of that said, I don't think anyone should be permitted to deliberately mislead people when they're pushing a product. It's obviously right that false advertising is forbidden by law.
That’s what I used to think, but now more companies use “open” with non-OSI licenses and they aren’t run out of town and told STFU.
Personally, any project using “open” in the name that’s not OSI, I pretty much ignore. But it seems to be growing (eg, “open core”, “openai”, stuff like this taking about open with non-open licenses).
It’s getting hard to filter out. One of the benefits I think to CCn is that it clearly lets users know what is and is not allowed. Having OSIn might help with people who don’t read licenses for fun.
OpenAI is a good example, see this comment from yesterday: https://news.ycombinator.com/item?id=25820080
It's especially ... ironic, that they think Amazonification is not-ok, but Enterprizificaion (open core) is a-ok.
That said hosting ES is basically the same as building a carwash, or a gas station, or let's say a printing house. You get the machinery and build your own support services around it.
Even the unit economics are not that different. AWS spent probably millions of dollars to push the marginal price down. The initial cost of procurement for machinery might be zero for ES as opposed to buying a printing press, but none of the aforementioned sectors are limited by the cost of machinery. In case of brick and mortar services the cost of land, labor, construction, and logistics are all a lot more important.
Yes, okay, but what about AWS's advantage, their "moat"? Elastic will never be able to match that. This is the same problem that plagues the browser, phone OS (and other) markets. Google can easily spend a billion USD each year on fiddling with Chrome and Android. Mozilla, Canonical, KDE, and others can't.
AWS has the platform advantage, Google has money.
It seems these market forces virtually force ES to become a "public good" like the Linux kernel. (Or Elastic could try to fork it and stop using any kind of free/open/available license. And try to find business niches.)
But at this point the cat is out of the bag. Likely no amount of license engineering will be sufficient to overcome AWS' advantage.
The cloud providers would just build a competing service if they couldn't co-opt an existing popular open source solution. Or anoint an adjacent solution, like solr in the case of elasticsearch. But what can be done and we really haven't seen a "open-core" type infra component try this yet: is require open-sourcing changes. The opendistro approach sorta gets us there, in a hard-fork sense, but seems in adequate and is really only being done for connivence rather than licensing requirements. But we already have a licensing solution: the AGPL. But no enterprise or saas startup wants to touch AGPL software for the fear of it contaminating proprietary code. So it seems to me the solution is a hybrid APGL for cloud providers and apache/mit for others approach. Such a license seems feasible to write and would be superior to open-core for most users.
... a bit theoretical, but how is the GPLv3 with the anti-Tivo provision okay?
OSI definition 10: License must not restrict interface, and def. 9. License must not restrict other software it gets distributed with. (So I can't put my encrypted bootloader and verifier into the same thing.)
"OSI certified" doesn't mean shit regardless in a legal manner. It's just toilet paper. Always have your own legal review by IP lawyers.