One of the pillars of software development is: never reinvent the wheel. Why invent a new algorithm or write a piece of code to achieve a particular objective, if something already exists? To adapt a well-known metaphor: new code should ideally be built on the shoulders of giants. Libraries filled with amazing functions, written by world-class software developers, can and should be the basis on which new projects and new pieces of software functionality are engineered.

These are among the concepts that have helped to make open source software development the most efficient way to create new code. As Computer Weekly has previously reported, some open source companies are finding that their business models, based on deriving a revenue stream from managed services, are being eroded by the public cloud providers offering rival hosting services. The result has been amendments to licensing clauses to prevent such services from being able to use the source code freely. Does this spell the end of open source?

“The modern software deployment landscape is worlds away from what was predicted when the first free software project was released over 40 years ago,” says Justin Reock, chief architect at OpenLogic. Since that time, he says, advances such as cloud-native applications have presented challenges to the altruistic obligations that complement free software.

A definition of free Before delving further into open source business models, it is worth exploring a few key concepts, such as what does free, open source software actually mean? Peter Zaitsev, CEO of open source database management and monitoring services company Percona, says: “The terms of free and open source software are not trademarked, like organic labels are for food products. “There is a general understanding of what open source software is, along with a few published (and respected) definitions: The free software definition by Free Software Foundation, Open source software definition by Open Source Initiative (OSI) and Debian free software guidelines. Out of these, only OSI takes an active role in this – you can submit a licence to OSI for evaluation and receive an OSI badge of approval for your licence.” But in recent years, the black-and-white nature of free and open source software definitions is being rewritten by some open source businesses. GitHub chief operating officer (COO) Erica Brescia says there is now an “increasing tension” between open source projects and those that are building services on top of open source, such as cloud suppliers with their database services. As with other industry experts Computer Weekly contacted, Brescia notes that licences applied to open source projects a decade ago did not consider the possibility of a cloud supplier delivering an as-a-service SaaS layer using the project without contributing back to it. This, she says, leaves some open companies in a difficult position. On the ethical side, free and open source software is not placing any restrictions on how software can be used, which can be for good as well as for evil, a concept that some activists find repugnant, says Zaitsev. The OSI frequently-asked-questions document states: “Giving everyone freedom means giving evil people freedom too,” but Zaitsev says: “It is the more nuanced cases that expose the cracks in the system.”

A question of licensing According to Rhys Arkins, director of product at open source licence management and security solution company WhiteSource, there has been a shift in open source licensing away from the original GNU Public Licence (GPL) style, which was quite restrictive. In effect, contributors are required, under GPL, to make their code available to the open source community. This is called “copyleft”, and some experts believe it has inhibited many enterprises from becoming major open source contributors. He believes that as open source becomes more mainstream, there is a shift away from copyleft to a more permissive form of licensing. Open source activism In August 2018, Jamie Kyle, a maintainer of the open source Lerna Javascript tool, amended the licence terms for the tool to prevent any company that collaborated with the US’s Immigration and Customs Enforcement agency from using it. The change was fairly quickly reverted amid doubts about its efficacy and whether most authors of the project had agreed to it. Despite the u-turn, open source licensing can be used by activist developers to put pressure on organisations they want to influence, says Luis Villa, co-founder of Tidelift. He writes: “Free software, as advanced by Richard Stallman and the Free Software Foundation, has always been about ethics – a very specific set of ethics that held that source code access was the key to human freedom and used licensing to achieve that goal. “But since those early days, the open source movement has become bigger and broader. In particular, it has gone from a niche interest of a handful of developers to a mandatory skill for everyone who participates in the software industry. This means that participants are now much more diverse, many with very different ethical perspectives than early participants. “As software eats the world, much like Marc Andreessen predicted, it becomes inextricably linked with everything – including political headlines and moral challenges. One thing is certain: no matter where you fall on the political spectrum, there are now FOSS [free and open source software] developers who hold different views than your own. “This combination has led us to the current moment – where many developers are participating in FOSS while questioning traditional FOSS beliefs – in particular, the historical belief that any use that complies with the terms of traditional licences, like MIT and GPL, is unquestionably ethical.” Arkins says: “Open source has become an integral part of business, so the question isn’t whether an organisation will use open source, rather how to ensure that an open source component is accessible and easy to share. When we look at the types of open source licences that organisations choose, we see that most users choose permissive licences – the open source licences with the fewest strings attached.” Research into open source licensing trends from WhiteSource in 2019 found that permissive open source licences are gaining popularity, while the use of copyleft licences, especially the GPL family, continues to decrease. “Permissive MIT and Apache 2.0 licences remain first and second on our list of top 10 popular open source licences of the year, each continuing to trend,” says Arkins. “According to our data, 67% of open source components have permissive licences, while only 33% of the 10 most popular open source licences are copyleft, compared to 59% in 2012.” The old open source licence agreements were there to protect contributors from the big commercial software firms. But, as Arkins points out: “With companies like Microsoft and Google behind today’s most popular open source projects, the ‘us versus them’ mentality from open source’s early days is no longer relevant.”