Hashicorp did it backwards
Hashicorp recently announced they’re changing the license of Terraform to a source-available license, BSL1.1. Source-available as in not OSI-certified “open-source”, and very much not Stallman’s definition of free software.
Terraform was open source for a long time. Meaning, every version of Terraform prior to the license shift was released with a little LICENSE file specifying that the code was open source under the OSI-approved Mozilla Public License. You can see where they changed that here.
All previous versions of Terraform, before they changed the license, are still open-source. If you want you can even still get open-source Terraform from their Github organization — have fun.
The problem is that a lot of people contributed to Terraform, and adopted Terraform, on the understanding that the project was open-source. A lot of people built businesses using Terraform on the understanding that the project was open-source. Unfortunately the license does not apply to the project, but to the version of the code released at a given time.
However, the Terraform brand, and Terraform’s mindshare as a developer tool, is not tied to any particular version. Those things grow as usage of the project grows, and don’t go away as versions change. Unlike brand and mindshare, which Hashicorp is fortunate to hold in abundance, people’s rights as users of Terraform do change when they upgrade from v1.5.6 to v1.6.0 .
I think this is the heart of the Terraform license changing issue. The non-Hashicorp contributors who worked on the Terraform project helped Hashicorp gain developer mindshare and improve their brand, and they had an implicit and entirely reasonable assumption that they were doing so because the code was open-source.
Hashicorp is well within their legal rights to change the license from version to version, but they’re the ones that get to retain the Terraform mindshare and brand that was built under the old license. Those don’t go away.
At the heart of this, I think changing from OSI-approved licenses to BSL is just not the best way for a project to evolve. Generally speaking licenses should probably become more permissive over time…start BSL and then choose to go OSI-approved later. That way you’re never breaking the implicit assumptions of trust that run in open-source communities.
The backlash makes sense. Hashicorp’s side makes sense, too. Who is taking advantage of who, anyway? Hashicorp funded the majority of the development of Terraform. Shouldn’t they be able to profit from their risk taking, and their effort? Isn’t that what drives American innovation?
On the other hand, Terraform’s contributors worked on Terraform for free. They just gave to the project with no expectation of reward, under the ethos implied by the OSI-license tagged to the software. Now, Hashicorp is changing the rules of the project for future versions for their own profit.
The beautiful thing about this whole situation is that these contributors are well within their rights to self-organize, fork Terraform into their own foundation, and keep the dream alive. And they’re doing so, and we get to see how this evolves.
My main takeaway is…if you want to start a business building developer tooling and you’re concerned about competitors using your work, you should probably start source-available (BSL) and then go for a license that is OSI-approved. That way, expectations are clear and understood from the beginning.
Full disclaimer: I’m building a developer tool business and we’ve been source-avalailable, BSL1.1 licensed from our first public launch: https://github.com/kurtosis-tech/kurtosis
Hashicorp did it backwards
There should be a way to only provide improvements to the source code if the software remained free and open source. If it changed to a closed/restricted license the contributions should e rolled back or erased somehow.