Another issue is the audience. There are multiple audiences for this information: contributing developers, other contributors, and users. The needs and concerns of these groups differ and each individual can fall into a different group on a per-project basis. I personally am a developer, but I am a user of some projects, a code contributor to other projects, and a contributor to yet more.

The issue of audience is important because most commercial open source companies want to increase the amount of hardening (non-code) contributions they get but need to carefully manage code contributions to the core-IP. This means that your impression of how open the company is will depend on what you are trying to contribute.

James

In another blog entry, Stephen offers further thoughts on the openness of products (or is it communities?) such as OpenSolaris, MySQL, and others. Read on for some information about proposed metrics and analysis on various licenses….

For end users, I believe Simon is correct. For successful open source companies/projects it is very difficult to have a successful fork. Trademark and copyright laws provide a lot of protection for said company.

However, imho the degree of openness is more important for other companies or adopters that might want to build value-add services and products on the technology. If the open source company is being very protective of trademark usage or of product plans, they won’t nurture a strong after-market of products and services. This in turn weakens the support network for end-users.

> if MySQL, for example, closed the source for its database, i would expect a service and support organization to spring up around the codebase more or less overnight, obviating the need for end users of the code to maintain the fork.

Well yes, and I dare say it would be formed by a number of idealistic former employees of said company!

But let’s say it’s not that bad. Let’s assume the company in question (I’d rather keep it generic if that’s OK - CIQ) decides to stay robed in the clothes of GPL conformance, but acts in a strongly proprietorial way towards customers, exploiting their locked-in-ness more and more as they get deeper and deep in their adoption. Or let’s say CIQ decides to restrict commits only to employees and partners, so that there’s not quite enough outrage or dissent to seed the fork. Is the customer disadvantaged? I believe so in both cases. Should analysts advising the customer be concerned? Again, I believe so.

This black-and-white view of forking is in my view an illusion. If Oracle can’t successfully fork Red Hat (my view, naturally, your data may vary), what chance does a startup have of forking CIQ’s software given CIQ’s commercial success and market stranglehold?

> i’d welcome that - but have doubts as to the ability to digest all of the potential implications.

Yes, it will need working through. I believe developers will be well able to look for red flags in a health report, however.

> i’m not quite sure why community developers needs and interests would be outside our purview

Just am impression gained from your use of the end-user perspective when we’ve discussed this in person

but i disagree with the implicit assertion that the end user is the only or even the logical choice for the role of fork maintainer. if MySQL, for example, closed the source for its database, i would expect a service and support organization to spring up around the codebase more or less overnight, obviating the need for end users of the code to maintain the fork. moreover, i would expect said organization to be reasonably to highly successful in recruiting disaffected MySQL defectors as they left an organization they no longer believed in.

as for your other comment, i’m not quite sure why community developers needs and interests would be outside our purview, but i’m certainly not unilaterally in favor of mechanisms that restrict them (the developers or their liberties). that said, i understand that many corporations - like your own employer - benefit from just such items (e.g. JCA’s) and that they are often a necessary evil.

as for the contention that we need additional definitions around patents, copyright and trade secrets, i’d welcome that - but have doubts as to the ability to digest all of the potential implications. if you ask many of the developers contributing GPL’d projects to Sourceforge or GPL’d plugins to the WordPress Codex, many of them select the GPL not because of its merits but rather by default. as such, i think it’s not entirely reasonable to expect an appetite for the digestion of the nuances of the other IP pillars.

but if it can be done simply, say Creative Commons easy, i certainly would not complain.

The other dimension of this issue is the liberties of community developers - probably outside your parish, I realise. As I’ve stated elsewhere, I believe OSI-approved copyright licensing is no longer a sufficient metric for the protection of developer liberties. I believe we need an “OSD” for each of the other “pillars of IP” - patents, trademarks and trade secrets.

One last pointer: Have you take a look at Certified Open? http://www.certifiedopen.com/