ikesau 1 year ago

Do I have this right?

Organic Maps had a private (but MIT-licensed) Cloudflare Worker in a repo called meta. Alexander Borsuk (an Organic Maps maintainer, and co-founder of maps.me) surreptitiously removed the license and added logging to the worker.

Roman Tsisyk, another maintainer of Organic Maps, noticed this. He undid the changes, made this post, and has now been booted from the organization?

  • LikeAnElephant 1 year ago

    That's my understanding as well.

    Definitely will follow this, I was really disappointed when Maps.Me started getting enshittified. Hope it doesn't happen to Organic Maps as well.

  • itake 1 year ago

    "from the organization"? which organization?

    The https://github.com/organicmaps/meta 404s for me now. I still see Roman listed as a member of organicmaps: https://github.com/orgs/organicmaps/people

    I guess he was in both maps.me and organic maps? Which seems odd.. I thought these were completely separate organizations with different priorities and goals. That seems odd they would have leaders contributing in both products.

    • andrewshadura 1 year ago

      They founded MapsWithMe, then they sold it to mail.ru who renamed it maps.me, then open-sourced and eventually sold it to someone else.

  • resoluteteeth 1 year ago

    I don't understand this at all. Can someone explain how/why this conflict is happening within organic maps?

  • Vegenoid 1 year ago

    > has now been booted from the organization

    To clarify, Roman claims that he has had some permissions revoked from the Organic Maps organization on Github in response to this. Alexander Borsuk stated that he "will return access if we solve the problem of Roma making decisions alone".

  • pastk 1 year ago

    Some facts: Alexander Borsuk, Roman Tsisyk and Viktor Havaka are co-founders of Organic Maps which is a fork of Maps.Me. Alexander and Viktor were co-founders of Maps.Me as well. All of them are not working for Maps.Me anymore and Organic Maps (OM) is independent project since its inception.

    Now, the current situation: OM's map server (CF worker) albeit under MIT license was de-facto closed source all this time. Roman opened the repo for public access. Alexander revoked Roman's GH permissions and closed the repo again.

    (I've been actively contributing to OM for 3 years and I thought that all parts are open source. Until very recently..)

    • fsckboy 1 year ago

      >OM's map server (CF worker) albeit under MIT license was de-facto closed source all this time. Roman opened the repo for public access. Alexander revoked Roman's GH permissions and closed the repo again.

      I'm not sure if there is some distinction between software and map-data entailed in the discussion of this "server", "software repo", etc. but assuming it's all one thing:

      if the content in question was MIT-licensed as specifed by the license in the repo, any one of the members of the project with access to the material would be within their rights to make copies public. There is no de-facto closed source wrt open licenses.

      • Brian_K_White 1 year ago

        There is de-facto anything wrt anything. All it means is "as good as" or "might as well be" or "no different from" or "in effect" etc.

        If no one is publishing a copy of something with an open license, then that is the definition of de-facto closed.

        de-facto means what is the reality vs what is the theory.

        In theory you can get a copy because it has a license that says so.

        In reality you can not get a copy because you are not one of the people with physical access to some existing copy.

        It is de-facto closed while that set of facts is true.

        • escape_goat 1 year ago

          This sounds like it is de-facto true but it isn't. A private file repository with a closed source license is in-facto different than a private file repository with an open source license. The license is not altered by the access permissions of the repository, and the access permissions of the file repository are not altered by the license. A compiled version of code in a private repository with a closed source license can be released publicly without that code. The same is not true if the private repository contains code with an open source license.

          • Brian_K_White 1 year ago

            I don't know how you can still be so confused about what de-facto means. But you are.

            • escape_goat 1 year ago

              I'm not confused, I'm pointing out that the license in a private source repository changes the legal rights of the person with respect to distribution of the software defined by the contents of the repository, and than therefore a private repository with open source code inside is not a de facto closed source repository.

              • tga_d 1 year ago

                In your view, what would be an example of code that is de jure open source but de facto closed, if not a case where people have the legal ability but not the technical means to access it?

                • escape_goat 1 year ago

                  I'm rejecting the idea that software distributed in any way that has an MIT license can be "de facto" closed source. I think that this is a conceptual misapplication of the term "de facto," which implies an argument of equivalence in a situation where that equivalence does not exist. The question is not whether or not we can access the source code; we can now access the source code. The question is what the license was. To say that the license was "de facto" closed source before the software was distributed without the repository controller's knowledge or intent is to make a legal argument about that license. That argument was false. It just just as false as the argument that an electrical fire in the wall of your house that you could not see occurred 'before' your house was on file.

                  • Brian_K_White 1 year ago

                    Calling it defacto closed while it was physically inaccessible, is exactly not making any legal argument. That's the whole point of the term is to say "it's not really closed legally, it just has the same effect as being closed, because for some other reason besides it's license, no one can have it.

                    There are these books that explain the meanings of terms. We don't have to guess and have random individual ideas about what words mean, and then wonder why no one can communicate.

              • Vegenoid 1 year ago

                > A private file repository with a closed source license is in-facto different than a private file repository with an open source license.

                Yes, and "in-facto" is not the same as "de-facto".

                De-facto means "describes practices that exist in reality, regardless of whether they are officially recognized by laws or other formal norms". It is not a precise term.

                I have some code on my server that I wrote with an MIT license. You have no way of accessing my server, and the code has not been made available elsewhere. You can't even know that the code exists, much less that it has an MIT license. To you, it is for practical purposes the same as closed-source software, in the sense that you cannot obtain the source code of the software, despite it having an open source license. This is an applicable situation for "de facto" by its common meaning.

                "Open source" is not even a precisely defined term, although people who are persnickety about the definition refer to the OSI definition, which includes "Where some form of a product is not distributed with source code, there must be a well-publicized means of obtaining the source code". By this definition, code with the MIT license held secretly in a private repo is not open source. It became open source when Roman made it public, as was his right to do by the license. The license is one component of what makes software open source, but there are other components as well.

        • fsckboy 1 year ago

          the definitions of closed source and open source that you are using are not de facto correctamundo. If I download a copy of your copyright noticed and unlicensed closed source software from your server, no matter how I got access, it's still closed source and I am not entitled to even the copy I have. de facto, and ipso facto: in fact-o

          • Brian_K_White 1 year ago

            How the F are people so confused about the definition of this simple term for this simple concept? Go find a dictionary or something FFS.

        • Vinnl 1 year ago

          So am I understanding correctly that there was a private repo that had original code, and in that private repo, someone added the MIT licence? Which didn't make the code open source, because that licence hadn't actually been given to anyone*?

          And then Roman made the repo public, effectively distributing the licence to people and thus making it open source, without coordinating with the other contributors?

          I don't see any replies by Alexandr, but it feels like this could have easily been resolved with a less antagonistic response by Roman - but of course, I don't know what other history they have.

          * I guess technically, it was given to the other contributors with access to the private repo - i.e. Roman did have the legal right to distribute it further under the MIT licence. Presumably, the original contributor (Alexandr) just applied that licence by mistake.

          • pastk 1 year ago

            The MIT license was added by Alexander himself in the initial commit in June 2021. Since then Roman has contributed actively to the code and Viktor started to contribute more recently.

            So there are people who contributed the code under the MIT license, so its not a sole work of Alexander and the license was not added as a mistake.

            IMO from a legal standpoint Roman is absolutely in his right to redistribute the code.

            • Vinnl 1 year ago

              Yes, as I mention in my footnote, Roman was absolutely legally in the clear. I'm just saying that Alexandr's initial adding of the licence was probably a mistake in the sense that he did not intend to do that (that led to people contributing under different assumptions), and one they probably could have found a way to resolve had he communicated about the difference in assumptions.

    • zelphirkalt 1 year ago

      Another example of a pushover license failing the purpose a developer wants it to serve. Should have used some copyleft license, that mandates sharing of modifications. The one that comes to mind is of course AGPL, which would have avoided the whole scenario of it being closed and hidden in the first place. Maybe someone will learn a lesson now.

  • biodranik 1 year ago

    No, you got it wrong.

    Roman supported the private repo and was aware of the temporary (last 3 days only) CF logs to address CDN abuse. However, several hours ago, he (or someone else using his account?) unexpectedly made the repository public without discussing it with the project's maintainers. As a result, his account rights were temporarily restricted to clarify the situation.

    There is still no response from Roman regarding his motivation for ignoring the usual governing board rules. Previously, all similar important project decisions were always discussed with maintainers/active contributors before being executed.

    I hope that we resolve this strange situation successfully soon.

    • cmeacham98 1 year ago

      As you seem to be Alexander Borsuk...

      Why the removal of the MIT license?

      Was that decision put to a vote like "all important project decisions" are? I assume it can't have been unless Roman is blatantly lying about only noticing it a few days later.

    • rtsisyk 1 year ago

      Removing the MIT license from the repository and claiming it as 'my code' is not how open source works.

      • Vinnl 1 year ago

        It's sound like the person who removed the licence also originally wrote the code, and just didn't intend to add the MIT licence to it?

        • viccuad 1 year ago

          Though luck. Be more careful next time. That's how licences work (not only open source ones, or software ones).

        • pastk 1 year ago

          Nope, Roman has actively contributed to this MIT-licensed code since its inception in 2021.

          • Vinnl 1 year ago

            Yeah I mean, of course technically that's not how it's supposed to be done, but if they initially added the code and the licence (the latter by mistake), then I can see how the internal narrative is "here's my code (that Roman has contributed to) and I accidentally added the licence to it - oops, let me remove that before we accidentally make it public".

            Of course at that point they should have realised that they weren't the only author of the code any more and that Roman understandably would have the wrong idea. But I see how it's an easy mistake to make, and it would probably also have easily been resolved had Roman reached out about it, rather than just instantly making it public and implying nefarious behaviour ("quietly made a change...discovered by me").

    • pastk 1 year ago

      How come the server code was (is?) de-facto closed source and this fact was kept hidden?

      In a project that claims to be open-source, privacy-focused and community-driven.

  • bmicraft 1 year ago

    It looks like that code was never actually MIT licenced but had the licence-file in there by mistake. Then Roman made the repo public after the faulty licence got removed, because he (wrongly) believed the code actually was MIT-licenced before the change.

    That's how I read it. Is it true? No idea but it might be.

    • esperent 1 year ago

      If the code is in a repo that has been shared with other people and with a license file saying "All code in this repo is under MIT license", then the code is MIT licensed. You can't come along later and say "I changed my mind" or "I made a mistake". Hard luck, be more careful next time.

      The only exception would be if you ask the people whom it was shared with if they're ok with retroactively changing the license.

      • bmicraft 1 year ago

        It's not like anybody except for the core team had had access before.

    • pastk 1 year ago

      The MIT license was added by Alexander himself in the initial commit in June 2021. Since then Roman has contributed actively to the code and Viktor started to contribute more recently too.

      So there are people who contributed the code under the MIT license, so its not a sole work of Alexander and the license was not added as a mistake.

  • rtsisyk 1 year ago

    > Roman noticed this. He undid the changes, made this post, and has now been booted from the organization?

    Correct.

vr46 1 year ago

Opportunity to give Organic Maps a shout for being brilliant and wonderful.

  • benatkin 1 year ago

    Indeed. It should be the default to have a full map of your area downloaded. But no, Google wants everyone to be dependent upon them on a second-to-second level. (Yes I know Google has offline maps and unlike YouTube the offline support is free as in beer, but it’s in an untransparent and a much less powerful manner, and if you’re online it will use the network heavily)

    • vr46 1 year ago

      I was in a chunk of the world where roaming was prohibitive this summer, and Organic Maps took us everywhere, found us incredible viewing spots to photograph from, and basically gave us a real connection to the landscape around us. The UI was slightly confusing, but forgivable, and if I had any money I would give it to them.

      • nathancahill 1 year ago

        > found us incredible viewing spots to photograph from

        Curious to hear more about this? Something specific to Organic Maps? I spend a lot of time studying maps when I'm on a trip for this purpose.

        • vr46 1 year ago

          Just easy to see on the map, I guess - look for the binoculars!

        • Fauntleroy 1 year ago

          Depending on where you are, Organic Maps can have far far finer detail, especially when it comes to walking paths. I used this a couple times in Japan and Korea to find my way through densely packed shrine complexes, or over less-traveled hiking paths in the mountains.

          • pedrogpimenta 1 year ago

            I once saw "sneaky entrance" near a temple/park in Bali and we got in for free :)

            • andrewshadura 1 year ago

              Thanks for reporting it. I’ve removed it, since personal notes do not belong in the map data.

            • dTal 1 year ago

              Next time don't blab!

          • andrewshadura 1 year ago

            It's all data from OpenStreetMap, you know :)

            • benatkin 1 year ago

              Indeed. And it's a social thing, which makes OrganicMaps a SoLoMo app :)

            • vr46 1 year ago

              Absolutely, but the data is not the map, and there are so many average uses of the original data. Organic Maps is so much better than the OSM mobile site, for example, both visually and in providing the appropriate language for the user. And you can contribute useful data back to OSM, so it’s certainly my favourite map application even while I wouldn’t use the original site.

      • throwaway81523 1 year ago

        I thought the map data was OSM, and organic maps is navigation software that uses the map data.

  • dade_ 1 year ago

    And it is accurate in the Caribbean, unlike Google Maps that insists on sending me over cliffs to my death, people’s back yards, non existent or dead end roads, as well as other areas best avoided.

    • david-gpu 1 year ago

      You have OpenStreetMap to thank for that. It is a Wikipedia-like crowd sourced map that anybody can contribute to. The immense majority of navigation apps use OpenStreetMap data, including Strava, RWGPS, OsmAnd, and OrganicMaps.

NelsonMinar 1 year ago

Ugh, maps.me. That used to be the nice free OSM map viewer until the company went in a sleazy direction. And, among other things, creating a cryptocurrency token. Because that's what you want in your free community map viewer.

So now Organic Maps is the nice free OSM map viewer. I can't tell from the rest of the discussion: is still OK? Or has it been corrupted somehow?

  • Vinnl 1 year ago

    Sounds like there was just some miscommunication, and as far as I see, the "added logs" were to detect CDN abuse, so nothing shady so far. Still, would be great to see contributors aligned :)

  • euroderf 1 year ago

    I haven't noticed any great deterioration in maps.me

    But then also... I want to try Organic Maps more, but how do I feed it all my user-supplied info from maps.me ?

    • pastk 1 year ago

      You can export your bookmarks as KML files and import them into OM.

lucideer 1 year ago

There's two opposing perspectives to consider here:

1. We don't know the details of the internal politics between the approved maintainers of this private repo, but, licenses aside if someone decided to make a private repo I created public without consulting me I would be pissed. I would consider that at best rude & at worst misconduct.

2. It seems evident that the original creator of this repo was extracting labour from other volunteers(?) under the facade of it being an open source project. Attempting to undo that retroactively is drifting toward fraud & at best heavily outweighs the severity of anything in (1) above.

Really hope OrganicMaps survives this, absolutely beautiful, invaluable app.

yencabulator 1 year ago

The Cloudflare Worker in question sounds darn trivial, just redirecting to a regional server. In fact, Cloudflare or Fly.io would probably do this with just their built-in DNS, automatically.

This is not a fork of Organic Maps.

Makes it all sound very petty.

greatgib 1 year ago

Even if the repository was closed to the world, it was open to some individuals. Some individuals got the work under the MIT license that allows them to do whatever they want, including opening it to the world.

What is not right is that once it was MIT with contribution from multiple authors, it is theoretically not possible (even for the original author) to change the license to something else than MIT without the agreement of the other authors.

Things would have been different if it was the private repo of a company only used by employees of this company, and having contributors bound by a special contract like a NDA.

JPLeRouzic 1 year ago

Isn't the title wrong?

What I understand is that the fork is about a Cloudflare Worker used to connect the user to the closest DNS. The title IMO suggests the fork is about Organic Maps itself.

fnfjfk 1 year ago

I’ve used this app as an offline maps tool for travel for a long time, when I got it I thought it was just a fine OSM client.

Then years later I hear it was running crypto nonsense (what) and was involved in FTX (what), but out of laziness I’m still using the thing because it can’t do any upsells when I am offline anyways.

Any recommendations for a good iOS offline map app that’s just a map app?

  • itake 1 year ago

    Not exactly sure what you mean. My understanding is Maps.me started trying to extract value from users (via the mentioned means) and that Organic Maps [0], took an old open-licensed fork of maps.me from before Maps.me went bad.

    I currently use organicmaps.app as a nice offline back up for my traveling. I don't know how this current drama impacts organicmaps. I didn't realize that maps.me was also a contributor to organicmaps.

    [0] - https://organicmaps.app/

  • fizwidget 1 year ago

    By “this app” I assume you’re referring to Maps.me.

    I can recommend Organic Maps. It has none of those crypto shenanigans and is a great offline OSM-based app.

    • fnfjfk 1 year ago

      Yes maps.me

lucideer 1 year ago

Something odd about this story is looking at Alexander's Github activity history. He started being active on Github in March 2021 - around the start of this project - & since then has been extremely consistently very active right up to September 2024, when his activity dropped off severely, a month or two before he made this license change.

L29Ah 1 year ago

osmand is better anyway :>

  • david-gpu 1 year ago

    I use OsmAnd, but perusing both of the repos it is apparent that OrganicMaps has better code.

    What I like best about OSMAnd is that you can tweak the routing algorithm without recompiling the code, as the rules are stored in routing.xml.

  • Vinnl 1 year ago

    I use both and they're both great, but also not drop-ins for each other. OSMand has more features, but is way more confusing and quite a bit slower. So I have OrganicMaps cover my basic navigation needs, but if e.g. I want to access offline Wikivoyage travel guides, I use OSMand.

  • szszrk 1 year ago

    Still a wonderful and stable solution. It has some killer features as well: unlike OM, it let's you route anything. In OM good luck routing without proper GPS fix (from a parking, etc), in Osmand you can do pretty much anything.

    It's insane how feature rich Osmand is, up to a point where it became a bit too complex for some.

stevage 1 year ago

This item title seems to be editorialising.

metalman 1 year ago

downloading from fdroid as I type this how did I not know? awsome what contreversy can do! exactly the oposite thanks

Mr_Bees69 1 year ago

****, i use organic maps, we need to get more eyes on this.

sandbx 1 year ago

Organic Maps is great