> Why is HashiCorp making this change?
>
> We strongly believe in the value of openly sharing source code and enabling practitioners to solve their problems, building communities, and creating transparency. HashiCorp provides feature-rich products to the community for free, and that development is made possible by our commercial customers who partner with us. By shifting to this license, HashiCorp can better manage commercial uses of our source code and continue to invest in our thriving community of practitioners, many of whom are contributors, in a manner that will not impede their work.
i strongly appreciate the FAQ but this part felt weak/not the whole truth. What is not being said? who is hashicorp afraid of? there wasnt a doubt in my mind before and now there is.
indeed i just saw a startup demo today show off a feature that they admitted was just Vault in a wrapper (they even called their thing Vault haha) and that was it, but i would not have thought Hashicorp would mind them at all (its a very new startup)
> indeed i just saw a startup demo today show off a feature that they admitted was just Vault in a wrapper (they even called their thing Vault haha) and that was it, but i would not have thought Hashicorp would mind them at all (its a very new startup)
What about all the cloud providers with their own Vault offering, which is likely just Hashicorp's FOSS Vault with lipstick and other bells/whistles?
People are paying good money for Secrets Management, and probably not to HashiCorp (directly or indirectly). If your cloud provider offers a turn-key solution and it's priced right, why would you bother with an external 3rd party?
HashiCorp recently rolled out a "Free Tier" to their HCP service[1]. They're clearly trying to get more people to use their first-party services.
> Organizations providing competitive offerings to HashiCorp will no longer be permitted to use the community edition products free of charge under our BSL license. Commercial licensing terms are available and can enable use cases beyond the BSL limitations.
Looks to me very similar to (A)GPL + commercial dual licensing, for instance.
GPL permits this: "Organizations providing competitive offerings to HashiCorp will no longer be permitted to use the community edition products free of charge"
because there's a contention between the people developing the software and the startup community.
it's obvious that for a company (money-making entity), that they're going to want to have a monopoly in providing the software aaS. That's the monetization strategy on otherwise free software.
I don't think this is surprising. We saw this years ago with AWS and MongoDB. Yes, a startup can offer Vault cheaper since they don't have to pay for developers to build the software, and, in fact, they get to offshore their support costs to the developing company too ("yay" OSS).
I don't like it, but for a corporation that is trying to develop OSS, it makes perfect sense.
Hashicorp wouldn’t be in the position they are without being open source in the beginning.
Think about all the reduction in sales cost their open source model resulted in. Because they were open source, they had a foot in the door and in-built evangelism.
Once that stopped being an advantage and they had utilized all the community goodwill by being open source, they make this change.
SaaS itself is against the spirit of open source, if not the letter of the license. It is the most closed model of providing software, far more closed than closed source binaries. Whether it runs on open source behind the scenes doesn’t matter; your data is controlled by the provider and you have no privacy or ability to run anything on your own terms.
At the very least anyone using open source to run SaaS for profit should be giving something back to the authors of the software. That’s the least they can do given the user hostility of the model as typically implemented.
Open source is stuck in the 90s and has failed to respond to the rise of SaaS or “the new closed.” The big mechanism of restricting freedom now is closed execution, ownership of the network effect, and closed data not closed source. Google could open every bit of their source and nothing would be gained freedom-wise.
SaaS is not software; SaaS is a service. The spirit of free software is giving software away as a gift and a tool for people to use to do whatever they like with it, business included.
Running a service based on free software is absolutely within the spirit of free software. Free software isn't about a circle of gifts, it's about software freedoms. You're not obligated in spirit to "give something back" because you use free software.
Yes it's ok to use OSS to operate your business. That's a sound and intended way of using OSS. Everyone benefits.
No it's not ok to provide a competing product to the very people that you get the core of it from. That's literally stealing if not fraud. At least it is ethically dubious.
I'm not saying it's literally a yes/no decision, but this is the baseline.
I think OSS projects should offer a paid for "integration license" by default.
i strongly appreciate the FAQ but this part felt weak/not the whole truth. What is not being said? who is hashicorp afraid of? there wasnt a doubt in my mind before and now there is.
indeed i just saw a startup demo today show off a feature that they admitted was just Vault in a wrapper (they even called their thing Vault haha) and that was it, but i would not have thought Hashicorp would mind them at all (its a very new startup)