8

Selling exceptions to FOSS licenses (e.g., like Qt) is okay, but changing a project's license from a FOSS one to a proprietary one (e.g., like Redis, MongoDB, and HashiCorp) is bad. Given a project released under a copyleft license, if external contributions are accepted with no CLA, then neither one of those things are possible. If there's a traditional sort of CLA (e.g., copyright assignment), then both of those things are possible. Do any CLAs that allow the former but not the latter exist, and if not, would it be possible to craft one? Or would any such CLA that allows selling exceptions in a useful way also necessarily have loopholes allowing those kind of rug pulls?

Improve this question

3 Answers 3

Reset to default
3

I am not aware of any CLA that allows using the contribution when selling a FOSS exception, but forbids its use in a proprietary version of the software. But I do not think it is fundamentally impossible to create such a CLA.

I do believe that it will take a skilled lawyer to draft such a CLA in order to avoid having loopholes in it.

Additionally, the CLA is set up by the project maintainers. From their viewpoint, there is very little to no incentive to create a CLA that allows FOSS exceptions (where a customer can pay to get different license terms for the same software), but disallows proprietary versions (where the paying customer can get different functionality). Such a CLA will probably only be created when a large enough group of potential contributors gets vocal enough about it.

Improve this answer
3
  • Surely it's just a matter of something like, "Contributor agrees company may sub-license the work under one or more licenses of company's choice. Company agrees the work and all derived works will be available under terms of the GPL." (or MIT, Apache 2.0, etc.), formalized by a lawyer. For GPL, presumably you wouldn't even need the second sentence; since GPL is copyleft in the first place, all derived works needs to be made available under GPL in the first place, if the company isn't the sole author and has been assigned all copyrights. But I'm not a lawyer, so maybe I'm just being naïve. Commented Dec 17, 2024 at 6:19
  • @Vaelus: I'm not a lawyer either, but I see several likely loopholes in your suggested phrasing. Perhaps the most obvious one: "Company" sub-licenses the software under a non-copyleft license to "Totally A Different Company" (with the same owners), as permitted by your first clause. "Totally A Different Company" then continues development of the software and releases new versions under a proprietary license (which they may do, as they're not bound by the CLAs signed by "Company" and as the license they received from "Company" is non-copyleft). Commented Dec 17, 2024 at 7:44
  • … Of course care would need to be taken to minimize the risk of a court deciding that the two companies are effectively acting as one entity (and thus both bound by the CLAs), but I'm sure a good lawyer would find a way of keeping them sufficiently separate. Or they could just genuinely be different companies with no shared ownership — maybe "Company" gets into financial trouble and its owners decide to save their investment by shutting it down and selling a non-copyleft license of its software to another company who wants to continue the development under a proprietary licensing model. Commented Dec 17, 2024 at 7:50
3

Having pondered this, and completely rewritten my first answer, I think the only way this will work at all well is to have a CLA that is explicit about the licence that will govern supplies to proprietary customers.

That is, something like

I license this contribution to Project Foo under the terms of GPLv3, with the additional permission [to them] to supply copies licensed under Foo Proprietary Licence v1.0, a copy of which can be found at https://example.com/foo/licence, with SHA-256 checksum 1b22fd8a67b103ec690ef27d0dad0e684dd42af2bb2f1e705cb70e5e017a9f7d.

As it appears, I don't think the above is non-FLOSS, not least because it gives no rights that a permissive free licence wouldn't have done. Any other form, it seems to me - including "Foo Proprietary Licence v1.0 or any later version thereof" - amounts to giving somebody other than the contributor the right to arbitrarily relicense the contribution, which the OP doesn't desire.

FAOD, the above is not suitable for reuse as an actual CLA; make sure you get your project's CLA drafted by an actual lawyer.

Improve this answer
3
  • 1
    That phrasing of the CLA does not prevent usage of the contribution in a proprietary version that has different functionality than the FOSS version (which is what the OP wants to avoid as I understand the question). The CLA probably needs something along the lines of "Author grants the right to relicense the contribution, under the condition that any non-FOSS software containing the contribution must also be available under a FOSS license". Commented Dec 16, 2024 at 13:17
  • 1
    @BartvanIngenSchenau I agree, but OP doesn't actually say that, so it's not how I understand the question. Commented Dec 16, 2024 at 13:54
  • @BartvanIngenSchenau: Definitely not the right wording, because that would encumber the party buying the exception (because they don't want to release their end product under the copyleft). If I understand OP correctly, they only want to guarantee that the dual-licensed project remains dual licensed, with no restrictions on the party who purchases the closed license. Commented Dec 16, 2024 at 21:39
3

I discovered that the Free Software Foundation has already come up with language for exactly this purpose. When a Company Asks For Your Copyright says:

To allow selling exceptions for the program that contains your code, but refuse to let the company release purely proprietary versions containing your code, you can insist on a condition more or less like this:

Any program based on (as defined in GNU General Public License version 3) Hacker's code that FOO distributes shall be made available by FOO under (a) the “GNU General Public License (GPL), version 2 or later,” or (b) the licensing in (a), above, but with “2” replaced by any higher existing GPL version number. Provided FOO makes the program available as source code gratis to the public in this way, it may also distribute the identical program to some of its users under terms permitting them to link the program's code with nonfree code and release the combination in binary form under a license of their own choosing.

Or, if what you object to is that some variant of your code might be released solely in a proprietary version, you can insist on a condition more or less like this:

Any program based on (as defined in GNU General Public License version 3) Hacker's code that FOO distributes shall be made available by FOO under (a) the “GNU General Public License (GPL), version 2 or later,” or (b) the licensing in (a), above, but with “2” replaced by any higher existing GPL version number. Provided FOO makes the program available as source code gratis to the public in this way, it may also distribute the same version of Hacker's code in other programs released under other licenses of its own choosing.

If the program is released under the GNU Affero GPL, then add “Affero” before “General,” change “GPL” to “AGPL,” change “2 or” to “3 or,” and it could make sense to replace “that FOO distributes” with “that FOO distributes, or deploys on a server accessible to users other than FOO.”

Improve this answer
1
  • I hesitate to argue with the FSF and their lawyers, but it does seem to me that at least the second condition above may be vulnerable to the loophole I pointed out in the comments to Bart's answer: company FOO could distribute their software to company BAR under a license that allows BAR to continue its development and make non-free derivatives while not being bound by the agreement between FOO and Hacker. (The first condition is a bit more restrictive and does not seem to allow this exact loophole, although it could have other loopholes.) Commented Dec 17, 2024 at 8:04

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.