this post was submitted on 28 Apr 2024
8 points (78.6% liked)

Opensource

1421 readers
13 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

CreditsIcon base by Lorc under CC BY 3.0 with modifications to add a gradient



founded 1 year ago
MODERATORS
 

Feedback on open source royalty license?

I'm about to release a library, and do not want to use a normal free license like the MIT, Apache, or the GPL. I want to keep the license simple and easy to understand. It also would be considered a non-free license, as it requires a royalty payment. Though, the royalty would not be directly to this library, but open source repositories in general. This is what I had considered so far.


  • 5% of generated income (per profit generating product) paid as royalty yearly to "approved open source repositories" if income is above $1,000,000/year. It's free if income is below that amount. The goal is to be similar to Unreal's license.
  • All repostiories on GitHub.com that meet these requirements are "approved open source repositories"
    • They have more than or equal to 1000 stars
      • I'm aware that stars can be purchased, but this is against GitHub's TOS and the case for fraud is more obvious. Intentionally purchasing stars with the intent of not paying royalty is similar to just not paying the royalty
    • The royalty must be paid between at least 10 repositories, with no more than 10% to a single repository
      • I might provide some lists with easy methods for averaged mass payments to like 100s or 1000s of repositories, but if they want to use discretion, it's allowed. They are just prevented from contributing everything to 1 repository.
    • They cannot be the same repository or project that is paying a royalty, but the same organization is approved as long the individual repository meets the requirements
      • The intent is to partially reward companies with many highly starred open source contributions, but their use level is on their own PR. I also dislike the idea of verifying and tracking identities of different library authors, as I like to create repositories without them being associated with my name. Though, I do think that it makes sense for stars. (The developers providing stars would technically be voting on who should be elgible for financial contributions)
  • After 5 years, the license transitions automatically into MIT or public domain for the version used. Though, new versions could still be under the same license.
  • License is automatically compatible with licenses that use the same wording.
    • No extra royalty if another dependency also uses this license
    • If the other license raises or lowers the royalty rate, it's still compatible, with the royalty rate being the higher of the two.
    • It's also compatible if the amount of repositories is raised above 10 by limiting percentages more.
    • And, also compatible if the star threshold is raised.
  • If GitHub removes stars, the existing approved repositories at the time of removal will persist as royalty options, but no new options will be automatically defined. (As the copyright holder, I still maintain the right to increase approved repostiories at anytime by issuing under a new license)
  • No liability. The liability is still similar to MIT, Apache, GPL, etc.
  • Royalty is paid by taxable year, follows tax season for US.
    • Chosen repositories by the payer must be listed on the license
      • Inclusion must link GitHub URL, payment amount, year
    • The license must be distributed in the same location as all other distributed licenses in their application
  • Just like the MIT or Apache license, the license cannot be revoked unless the licensed company decides to break the law, sue the license issuer, etc. No expectation of support, etc.
  • The source can be modified. Usage of it does not need to stay open source.
  • (Maybe, if possible) - Provide GitHub the ability to sue companies in noncompliance for a 10% reward of the settlement after lawyer fees.
  • (Maybe) - Include Codeberg too. Though, I'm concerned other developers will be less likely to use a license of this type if they don't recognize the organization.

The motivation is just that I believe it's possible for a license like this to work. Tech companies frequently use a similar income model for their products and do not have issues paying Apple their 30% tax. There's often a expectation that companies contribute back to open source repositories, so I view 5% as an easy amount to meet. (Companies should already be contributing back at a level to where this license is viewed as free) Though, I don't expect any large company to move fast on a license of this type.

I've considered a license like this in the past, but thought about it again when Microsoft requested support for FFmpeg when their engineer hadn't read documentation. When requesting a support contract, Microsoft offered $2000. This was viewed as insulting to the FFmpeg developers as Microsoft generates billions of dollars in income every year while using their software in their products.

Large companies, like Microsoft and Google, pay Apple 30% to list their products. (30% of a billion is 300 million, 150,000x more than $2k) I don't think spending the money is the issue, they just frequently refuse until they are without options.

I haven't consulted a lawyer for it. I'm just interested in understanding how it is perceived. I also am willing to consider significant changes, but I haven't had better ideas for creating a license for funding open source.

As for my library

  • It's unimportant, in a niche, and blockchain related
  • I wrote it for personal use
  • It won't bother me if the license just completely fails or is impossible to enforce. (Though, Unreal Engine uses a 5% royalty license that seems successful)
  • It also won't be elgible for part of the royalty until it meets the same requirements.
  • I expect developers who might use it will not be generating above $1m, so they won't care that it's not under MIT, Apache, GPL, etc.

Any suggested changes if I decide to do something like this? As an example, larger/lower star requirement? (I was concerned of excluding really high quality software that just hasn't received notice by other developers) I also like the idea of changing the maximum contribution to 1% per repository as I think it could become difficult for companies to exploit. (Though, I was concerned that companies acting in good faith would be encouraged to not support really good projects that badly need financial contributions) I also think same organization contributions seem bad to approve, but my opinion for allowing it is because developers are rating these repositories as highly appreciated. (They're contributing really high quality open source software) Is this a bad idea or seem too complicated?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 10 points 6 months ago (1 children)

For something simple, it seems an incredibly complex affair for both the licensee and enforcer.

[–] [email protected] 1 points 6 months ago

It's just difficult to think about royalty based licenses that pay back to developers. I don't think there will ever be a perfect system, but I do think it's possible to create something that raises more income than what is available now.

[–] [email protected] 6 points 6 months ago* (last edited 6 months ago) (2 children)

Software cannot be Open Source and require royalties.

The word you're looking for is "source available", not "Open Source."

You should probably be talking to a lawyer, not Lemmy, let alone /c/opensource.

[–] [email protected] 2 points 6 months ago

That is a definition that has a lot of history and it's very dynamic. (Also, definitions are very important in many legal systems.)

If you look at GNU GPL v3, "free" is free to use, copy and modify, not "free" as in price.

You could also be talking about open source that is free for non-commercial use.

There are tons of licenses for open source, so definitions for important words should be in those licenses.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I definitely will need to talk to a lawyer if I proceed. Asking here is more so about trying to determine if other developers would be flat out refuse to use a dependency with this license, or find it interesting, etc.

[–] onlinepersona 5 points 6 months ago (1 children)

Is this a bad idea or seem too complicated?

I think it's a great idea. Forcing commercial entities to contribute monetarily back to the opensource world? Awesome. If such a license existed, were legally applicable, and infectious like the GPL (as in code built on top of it should also be non-gratis opensource), I'd write all my code in it.

Of course you have to think of the loopholes e.g it shouldn't be possible to donate to something you own either directly or indirectly, that would defeat the purpose. I can't think of other stuff, but this is probably where a lawyer comes in.

Honestly, what you could do is:

  • set up a poll and share the link far and wide (here, mastodon, and if you use commercial services like reddit, insta, facebook, etc. then those too)
  • go to a lawyer
  • set up a patreon, liberapay, gofundme, or whatever with the purpose of getting this license written (I'd donate)
  • make a repo with the license and share progress (this is a perfect usecase for change tracking)

You could also contact the people at https://creativecommons.org/ . Maybe they could help you with finding a lawyer versed in this stuff. It's doubtful Free Software Foundation would help, but you can always take a shot.

Thanks for putting thought into this. I'm with you that commercial entities should pay for opensource if they use it. All of them.

Anti Commercial-AI license

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

I took a moment to think about my response.

If I continue, I would like to do something like the following

The group that this targets, software developers, I don't think we're difficult to contact. There's usually personal websites or email addresses associated with accounts. I think it could be possible to survey a large randomized sample, above 10,000 developers who have contributions to highly appreciated repositories.

There would have to be some cut off for who to select. I think I would like to focus on developers who are planning on licensing software, as in, they're already demonstrated they're writing licensed software. This is all to say, I don't want to haphazardly screen the general public opinion.

In this post, I noticed that those responding seemed to slightly skim over or misunderstand parts of it. This is partially a communication failure for me, but also seriously hinted to me that asking with text about licensing details seems like it could be a bad idea. I think like a video that first covers topics followed by a survey might be better, but I'm worried something like that will bias those that I ask.

Before all of this, before I talk to a lawyer, I want to think about all possible restrictions or options available. This is where I think comitting to a git repository would be a very good idea. Just making an attempt to determine everything that is relevant, because there are clear differences in how a license should work.

After that, I can consult to determine what is and isn't possible. And from there, I'm hopeful that it's possible to carefully survey and understand opinions on what more developers and companies would like to see in a license.

I don't want to accidentally create a license that becomes stuck and is extremely damaging. I want it to serve those that are using it in a way that makes them happy.

I'm still not 100% committed to this yet, but feel good about the responses here. I was worried the responses would be highly negative, as it's something that takes very unrestrictive software and tries to convince the authors to charge for it. I'll have to think about what I want to do some more.

[–] onlinepersona 1 points 6 months ago

That's a good approach. Good luck :) I hope to see an update sometime.

Anti Commercial-AI license

[–] ericjmorey 3 points 6 months ago (1 children)

This really seems like something you should pay a lawyer to figure out what would get you the results you want.

[–] [email protected] 1 points 6 months ago (1 children)

I'm still just trying to determine developer interest. It's not really worth talking to a lawyer if there's not interest in it.

[–] ericjmorey 2 points 6 months ago (1 children)

In that case, probably not worth spending more time on licensing terms until later.

Good luck!

[–] [email protected] 3 points 6 months ago (1 children)

Terms are important for determining if developers will use the license.

[–] ericjmorey 2 points 6 months ago (1 children)

Oh. I thought "it" was your software project.

I see what you're saying now. I would not use this simply because profit is an unreliable measurement. A revenue based test makes more sense. Possibly adding an investment valuation test as well. Since many VCs encourage no initial revenue when they fund startups.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

I think revenue seems easier to enforce too. Just revenue didn't really make sense in the context of what I was doing, as people are writing contracts that handle millions of dollars and collecting like less than half of a percent. It's just confusing. It does make sense when the business is creating iOS or Android Apps and selling digital items, etc. I think the license could be restricted to business category, it's just more to consider, and a lawyer would probably really understand it.

I'm not exactly sure what is meant by investment valuation tests. As an example, is the investment valuation supposed to be something like "the financial contribution to this repository cannot be more than 5x the estimated cost to contract the entire source code by a reputable institution?"

Oh. I thought “it” was your software project.

Yes, I want to use a custom license for my project.

I've also wanted for a while to create some type of distributed royalty license, but the level of effort I want to put into that is just dependent upon how much potential there is for it to be successful. I haven't decided on what I will do yet for my own project. I think the main issue is it's just difficult to find terms that are not hard to understand and people readily support.

[–] ericjmorey 1 points 6 months ago (1 children)

I’m not exactly sure what is meant by investment valuation tests. As an example, is the investment valuation supposed to be something like “the financial contribution to this repository cannot be more than 5x the estimated cost to contract the entire source code by a reputable institution?”

I mean a test for the latest round of funding of the company establishes a value of the company and if that value is over $x, the terms apply. Fir publicly traded companies, you could just use market capitalization.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

This seems like a really good alternative too.

I responded here to @[email protected] detailing how I might try to continue finding terms that are highly approved. I think what I've thought about so far isn't very carefully considered, so before I try to choose a specific license, I want to take some time to think about more options.

[–] ericjmorey 1 points 6 months ago (1 children)

I'm not sure that it's a matter of video vs text as much as it was the presentation style.

Making a video about your ideas probably wouldn't hurt.

Good luck!

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

I really like text. I sometimes read documentation multiple times over before considering asking a question. I don't assume I am correct, and try to verify that I'm not wrong before finally asking a question. Though, other times, I'm guilty of skipping or skimming over text.

The problem I felt like I was having was that I was attempting to describe many complicated rules with as few words as possible. I felt like if I didn't try to limit words, other people would not read it. Even with all of this, it felt like many people who were responding were still not really reading it. In a survey, I might try to cover multiple contract styles, in text, it could be lots of words. The concern is that the importance of the topic will be missed to someone completing a survey.

Maybe a combination of both would be better? Like provide as much text as I want, and also a video with it. I still have to think about it.

[–] ericjmorey 1 points 6 months ago* (last edited 6 months ago) (1 children)

A text post on [email protected] is going to have people skim. A link post on [email protected] to a blog or webpage with a summary of intention posted in the body of the link post would get people in a better mindset to read the detail at the linked blog post.

I think you told a story from your perspective rather than introducing your idea from the perspective of trying to get the attention of a potentially interested audience that is in a casual browsing mindset. As a result, people were trying to skip past your story and get to the meat of the idea which wasn't presented concisely.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

I also don't think I entered with clear goals. Am I designing a license or trying to find a license to use?

I've seen language design blog posts here and on reddit. These are usually long, but with the intent of creating a discussion. I don't think I was even intending to create a discussion or reach an audience. I just was looking for approval of the idea. I think there's always going to be some amount of people that will skim, but stating that text is the issue is wrong, text does not stop productive conversations or creating something.

I think there's also the difference between law and software (outside of machine learning) in that there's also some level of interpretation when the subject is about a spectrum. Like when does yellow become green? I felt like I was stating lots of information that loosely goes together, and it was not concrete or solid in understanding.

[–] ericjmorey 1 points 6 months ago

I agree with all of that.

[–] [email protected] 3 points 6 months ago (1 children)

A couple of comments:

  1. All of my projects are on Sourcehut. So all of my projects are automatically excluded from your narrow definition of "open source projects" worth supporting. So are all projects on gitlab, or... anything but github. Your license sounds more like a mechanism for promoting a monoculture and incentivizing developers to host on github.
  2. Say my library uses a library that uses your library. Is your license more infectius, like the GPL, or parasitic? Do all projects using your library have adopt your license, or include it?
[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

All of my projects are on Sourcehut. So all of my projects are automatically excluded from your narrow definition of “open source projects” worth supporting. So are all projects on gitlab, or… anything but github. Your license sounds more like a mechanism for promoting a monoculture and incentivizing developers to host on github.

I don't disagree. I don't really know how to fix the problem in what has been considered without an extra organization that does some form of identity verification and then collects votes on open source from anywhere on the internet.

The only reason GitHub was selected was because it's easily recognized and the metric is understood

Say my library uses a library that uses your library. Is your license more infectius, like the GPL, or parasitic? Do all projects using your library have adopt your license, or include it?

Anything that depends on it would be including it in something else later. I was considering anything that used it that made income had to pay 5% royalty. A library that uses a library that uses a library with it would had to pay 5% on income made with the final library. Though, I don't necessarily have an opinion on requirements of the license of the final library. I also wasn't considering open source restrictions like the GPL.

[–] [email protected] 1 points 6 months ago (1 children)

I don't really know how to fix the problem

This would be something that would be a deciding factor for me. I don't have a solution, either, but it would need to be addressed before I'd consider something like this.

A library that uses a library that uses a library with it would had to pay 5% on income made with the final library.

But my library is MIT, and free. Can I use a library that uses a library that uses your license? Either your license considers itself incompatible with the other licenses, meaning it's virulent like the GPL: my library must use your license, because it uses some library that uses your license; or there's a clause that says it must be included with incompatibly licensed software, in which case it's parasitic: someone could still clone my library, replace the dependency that uses your license with some other library that doesn't - remove the parasite, so to speak. In the latter case, I could still BSD-3 Clause or MIT my library, with a big ol' warning in the README about your license and the implications.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

or there’s a clause that says it must be included with incompatibly licensed software, in which case it’s parasitic: someone could still clone my library, replace the dependency that uses your license with some other library that doesn’t - remove the parasite, so to speak. In the latter case, I could still BSD-3 Clause or MIT my library, with a big ol’ warning in the README about your license and the implications.

A clause for being included with incompatibly licensed software would likely be my preference given the other doesn't have more support. My first impression is that having people use it is more important. A goal of the license being to make it overwhelming to escape because it is everywhere.

[–] [email protected] 2 points 6 months ago

This is the GPL philosophy, and it's why people call it viral (and also why many people don't like it). But there's precident in the GPL, so if that's what you're looking for, the GPL might make a good model for your wording.

[–] ExperimentalGuy 2 points 6 months ago (1 children)

I love this idea. I feel like a shakeup with licenses is needed. I wonder if you could consult a lawyer then ask some larger open source projects if they would be willing to adopt the license?

If it's identical to GPL or MIT for small licenses, but forces corporations to give back to the community, it's only fair.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I love this idea. I feel like a shakeup with licenses is needed. I wonder if you could consult a lawyer then ask some larger open source projects if they would be willing to adopt the license?

Contacting authors of repositories seems really smart. I imagine it could be possible to contact a large percentage of them. I just want to be confident that I have a good license that will be liked before I make an attempt.

edit: Though, looking for feedback from them might also be a really good idea

[–] [email protected] 1 points 6 months ago

Federation stopped working earlier, so I had to switch to [email protected]

[–] [email protected] 1 points 6 months ago (1 children)

Too complicated especially if you want big companies to use it. They usually pre-approve the MIT/BSD and LGPL license but nothing else.

[–] [email protected] 1 points 6 months ago (1 children)

I don't really care if they use it. I think overtime it could be possible to move a large chunk of software over to a royalty based license. It just has to seem like a good deal to developers, and they'll move.

[–] [email protected] 2 points 6 months ago (1 children)

If you want developers to use your license, you should work on why a commercial product like GitHub is used to judge popularity, why popularity is useful and what about small projects, and how can projects receive money (in France it would be an administrative pain in the ass because of taxes and stuff).

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I think it's good advice that I'm careful to evaluate why GitHub is a good for judging software popularity. Though, I think it's also just because it's the established platform. But, that thought is not a careful consideration. I don't necessarily want to end up creating a competing product to GitHub, but want to use metrics that people are familiar with and trust already.

The issue with considered ideas and including smaller projects is that it makes it too easy for companies to manipulate the system into their favor. Though, I'm open to suggestions on how it could be improved. I do think it's possible to collect a royalty for a distributed group of people successfully. (Though, maybe not in corporate interest for it to be successful)

GitHub does have good integration for payments in the US. There's alternative methods for improving payments, but I do not think it's relevant for finding a license that developers think is good.

[–] ericjmorey 1 points 6 months ago (1 children)

It seems like you aren't the only person thinking about this

https://www.theregister.com/2024/04/30/bruce_perens_post_open_license/

I think you might be closer than Bruce Perens to a license that more people would be willing to use. However, they explicitly name and define machine learning model training as a prohibited use of the covered work.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago)

I was already pinged to a discussion of it.

There's so much to read that I haven't already. I think real democratic control of a license could be good. Though, I haven't taken time to understand the governance structure of it.

However, they explicitly name and define machine learning model training as a prohibited use of the covered work.

This doesn't immediately sound bad to me.

I'm not informed on software law. As an example, my understanding from Oracle v. Google is that Google received a ruling from the Supreme Court around 2020 that stated their copyrighted use of a public API, like the public side documentation side of method calls could not be considered a violation of copyrighted works. The idea that they could use machine learning on the internal code of methods and use it to write their own version from the the start of the method call doesn't exactly seem like a good thing to allow.

Though, this is a really uninformed opinion. I haven't read any of it in detail. The public opinion is usually on Google's side. I'll leave an excerpt.

Now let us consider the example that the District Court used to explain the precise technology here. Id., at 980– 981. A programmer wishes, as part of her program, to de- termine which of two integers is the larger. To do so in the Java language, she will first write java.lang. Those words (which we have put in bold type) refer to the “package” (or by analogy to the file cabinet). She will then write Math. That word refers to the “class” (or by analogy to the drawer). She will then write max. That word refers to the “method” (or by analogy to the recipe). She will then make two pa- rentheses ( ). And, in between the parentheses she will put two integers, say 4 and 6, that she wishes to compare. The whole expression—the method call—will look like this: “java.lang.Math.max(4, 6).” The use of this expression will, by means of the API, call up a task-implementing pro- gram that will determine the higher number.

In writing this program, the programmer will use the very symbols we have placed in bold in the precise order we have placed them. But the symbols by themselves do noth- ing. She must also use software that connects the symbols to the equivalent of file cabinets, drawers, and files. The API is that software. It includes both the declaring code that links each part of the method call to the particular task-implementing program, and the implementing code that actually carries it out. (For an illustration of this tech- nology, see Appendix B, infra.)

Now we can return to the copying at issue in this case. Google did not copy the task-implementing programs, or implementing code, from the Sun Java API. It wrote its own task-implementing programs, such as those that would determine which of two integers is the greater or carry out any other desired (normally far more complex) task.

https://supreme.justia.com/cases/federal/us/593/18-956/case.pdf


This isn't all that relevant, and there's lots of case law. It just seems slightly frustrating to me that the law might allow 1) a company to use copyright software for learning 2) take public methods, and their supporting documentation 3) and finally use them inconjunction with a prompt of the documentation to generate the internal code.

This all is a very unresearched or serious view of it. For whatever reason, I just was already thinking about it. It's all to say, I think I understand the argument for disallowing machine learning use. I haven't really decided where I align. I think it's really valuable that we can automate anything, but I also feel negative to the idea of signing everything over to the tech companies and hoping for the best.

[–] [email protected] 1 points 6 months ago

This is definitely going to be the future. Not sure if in this exact way but free work for corporations is over.

[–] [email protected] 1 points 6 months ago (1 children)

Look into how JUICE (https://github.com/juce-framework/JUCE) works. They are open source, but also operate under a type of licensing model.

I cannot speak to how their business works or if they are considered non-exploitive. However, I know their framework is super-common in the digital music world.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I'm not actually interested in charging money for myself though. The point of the license is more so to create a license that is compatible with others using it and causes downstream users of it to also have to pay. Like I'm more so imagining a best case scenario where lots of source available software is available for 5% (like use all of it together too) flat on $1m+ in income. (And free for everyone else)

[–] CameronDev 1 points 6 months ago (1 children)

If two libraries were using this licence, would that mean 10%? If a large company used 20 libraries thats 100%?

[–] [email protected] 2 points 6 months ago (1 children)

No, just flat 5% for all compatible. The income is for project level. Downstream would pay the same 5%. They would pay at their discretion to anyone with 1000+ stars on GitHub. (or some variation of this)

[–] CameronDev 1 points 6 months ago (1 children)

Okay, that makes a bit more sense.

Chosen repositories by the payer must be listed on the license

If two libraries have two different accepted repos, which has priority?

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

The royalty must be paid between at least 10 repositories, with no more than 10% to a single repository

The person using the license and paying royalty on the license chooses repos to fund. In the example I was considering, they're limited to funding 1 repository for more than 10% of the total royalty owed. Though, this license would be compatible to a license that someone else requires x%. (As long as the x is less than 10%, as any value of x below 10 is still below 10.)

edit: I think law is just not as straightfoward to follow as programming. The goal is just a highly compatible royalty charging license that raises money to lots of GitHub repositories that have been highly starred.

edit 2: I think you've also convinced me that the clarity and simplicity of it would be better if the royalty was just paid directly to a smart contract that verified stars and approved repositories... but the perception of that is so bad. I do appreciate the comments though, as I think it's helped me understand that attempting to interpret a license might not be an enjoyable experience.

[–] CameronDev 1 points 6 months ago (1 children)

Righto, library users choose who to fund.

This would mean that Microsoft could just fund Powershell and never contribute back to anyone else? All of the big names have a project that is OS, so if they are allowed to just fund their own things, the spirit of the licence wont be honored.

The edge cases are what make and break a licence, its not easy. Even GPL has its issues (see Redhat).

It may be easier (and more palatable) to just have the 5% donated to a not-for-profit that can then divide out the funds to worthy projects.

Another thing to consider is that projects with 10k+ stars might not necessarily need money. If they are established and stabilised projects they might be operating just fine. Whereas a new project might have more need for funds, but havent yet got enough stars to be funded. Having a not-for-profit organisation managing it could mean that smaller projects could be invested in.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

This would mean that Microsoft could just fund Powershell and never contribute back to anyone else? All of the big names have a project that is OS, so if they are allowed to just fund their own things, the spirit of the licence wont be honored.

I'll break down my thought process, but maybe it was a mistake of mine to assume it was too much for the post.

Users of the platform determine approval of a project's on GitHub. If they don't want it to be elgible for funding, then they're not required to star or vote for it. The threshold at 1000 does seem low, especially considering that Microsoft has lots of open source repositories. (They contribute lots!) Though, when comparing the top 500 companies in the US, it starts to look better.

I stated that the person paying the royalty would have to spread their support between 10 or more repositories, with no more than 10% to a single one. I also stated in my post, that I like the idea of changing this to 1%, but mentioned consequences of that. [1] It's going to be hard for even Microsoft to have 100 highly approved projects on GitHub.

It may be easier (and more palatable) to just have the 5% donated to a not-for-profit that can then divide out the funds to worthy projects.

I think companies frequently understand what they wish they had. It's not that I don't wish to make it simpler, I would be happy directing a company to a non profit to direct the funds for them. (And my considerations didn't disallow that at all in what I had stated so far) I just think it makes it a desirable license to companies if they're allowed to direct funds to projects they find very important.

Another thing to consider is that projects with 10k+ stars might not necessarily need money. If they are established and stabilised projects they might be operating just fine. Whereas a new project might have more need for funds, but havent yet got enough stars to be funded. Having a not-for-profit organisation managing it could mean that smaller projects could be invested in.

I don't disagree. Companies should have discretion to fund people who need money. Companies should be provided the resources so that they can delegate it out easily to someone who cares about it. (if desired) Companies should be able to promote their own interests. I think these are all good.

I also think it's good that developers who are writing very successful and high quality software are able to do more, like hire more developers than typical. (It just seems like good delegation. There's likely some things they don't need to do themselves)

[1] Limiting contributions to 1% (of the royalty contribution) provides less opportunity for a company to choose to highly fund a small group they find individually important. As an example, they may not want to spend more than 5% (of their total income), and this group could have been one they would have otherwise funded if not for the royalty.

  • The total income is the amount they earn. Let's say they earn 1m, the royalty is $50k. (That's the 5%)
  • The 1% is a contribution of the $50k. One percent is $500

After writing all of this, one of the things that I really like about it, is that the license is intended to be compatible with more restrictive versions of it. If a developer thinks 1000 stars is too low, no problem, they can bump it to 10k and it changes for the the other deps that use the same license. (If a company uses the bumped license) If a developer thinks 1k is too much, they can drop it, but it'll be moved up if a company uses a more restrictive license later

[–] CameronDev 1 points 6 months ago (1 children)

So, project A uses library B and library C. B specifies 100 stars, C specifies 10000, does A now have to respect C?

If so:

Licences that override the rights of other licences might be a minefield. If thr original licence developer explicitly chose 1000 stars to encourage supporting smaller developers, having a second unrelated project overrule that would be undesirable.

Could also be weaponised by popular repos. If you have 44k star repo, use a licence that requires the funds for your popular library go to 43k+ repos, and strangle out everyone else.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

It does seem problematic. I could see it being a larger issue later, so it could be good to find a better solution.

Some possible alternatives

  • Remove the ability to move it up/down.

    • The consequences of this seem worse to me. Set permanent numbers might have been good at first, but there's potential for them to become worse
  • Distribution to different set groups.

    A simple example would be a distribution on repositories sorted by stars.

    • The lowest 25% receives nothing, there's a cut off to reduce abuse.
    • 25 - 50% receives 33%,
    • 50 - 75% receives 33%
    • 75 - 100% receives 33%

    This is just an bad example, but seems more careful in distribution than 1000 stars that can be increased by other licenses. It's definitely more complex to understand, but tools could simplify it

  • Something else?

    • It doesn't seem possible to move star counts down easily
    • It doesn't seem possible to change the amounts later with the license. I don't think a company is going to be too willing to choose a license that seems to imply funding groups are available then leaves the potential for them to drastically change later
    • I mean, I guess it could always be more complex
      • ex. 5% royalty to a non profit where any person who has had their identity verified can vote in elections yearly to...

I'm open to suggestions for how it could better.

[–] CameronDev 1 points 6 months ago* (last edited 6 months ago) (1 children)

I cant say i have any useful ideas tbh, sorry. Licence writing is difficult, especially when you are trying to control known bad actors (havent mentioned licence enforcement yet, but thats a whole other minefield). Lawyers are probably the best positioned to give advice.

Licences are generally static. A developer can change their licence, but it only applies for code copies from that point onwards. If you dont like the new licence, you can just just not update your copy of the lib (you can also just take a historical code checkout with the older licence).

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

It does have to be careful to not be exploitable. I know in this post, there's already been mentions of using revenue instead of income. I am aware, and in the past I have seen posts on reddit about actors who were denied pay in the millions because of creative accounting. (and probably also due to them not consulting a lawyer before signing)

Lawyers are probably the best positioned to give advice.

I'm not searching for advice yet, I'm just interested in understanding what others want in a license still. A lawyer will be necessary for being confident that a license is enforceable.


I like the distribution to set group sizes. I dislike royalties directly to a nonprofit, I have doubts about the people who will show up the moment it's managing billions of dollars in royalties.

[–] cflewis 1 points 6 months ago (1 children)

A license is only as good as it's enforcement. How do you intend to enforce it? Companies are highly unlikely going to turn over their books to you.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I don't expect legitimate companies earning over $1m/year to just flat out violate the license. I do think they might try to dodge amounts owed with accounting, but Epic seems to find this business model viable with Unreal Engine. I'm also not going to signficantly care if it's violated, the fact that they're legally obligated to pay seems better than just giving it to them for free with a more permissive license.