HashiCorp switching to BSL shows a need for open charter companies

In recent years, several high-profile open source companies have made headlines by shifting their licensing agreements away from purely open source models. MariaDB was first with its introduction of the Business Source License (BSL) in 2016 and was closely followed by MongoDB, Confluent, Redis Labs, and others. Now, HashiCorp is the latest company to follow this trend and announce its switch from an open source to a non-compete license.

Non-compete licenses mimic open source by allowing users to copy, modify, and redistribute code but only for specific purposes. Unlike open source, non-compete licenses restrict code redistribution to non-competitive use. Adopting a non-compete license isn’t problematic in itself, it’s the trend of switching from an open source to a non-compete license after gaining significant success that is causing distrust in commercial open source software.

HashiCorp is just the latest company to switch its licensing model and probably won’t be the last. As OSS companies gain commercial success the financial benefit of being open source diminishes. Open source companies generally have a low rake, creating more value than they capture, and high growth. Over time, growth slows, prompting the need for a higher rake. Companies seek to cut off “freeloaders’’ to gain more market share. They then adopt open source-adjacent licenses in an attempt to cut off competition. From a shareholder perspective, the short-term benefit is clear: capturing more value can quickly offset a growth slowdown. Whether or not it’s good for the company in the long term depends on how much growth was still ahead for the project compared to the rake increase.

However, there’s a negative impact on commercial open source software. The more companies do this, the more the community loses trust. Fewer people will contribute to or adopt commercial open source. The only way to solve this is to hold companies accountable from the start. One way to hold companies accountable is through an open charter, which is a legal adoption of a company’s commitment to an open source license.

Since licensing can be changed, open source companies that adopt an open charter will be more trustworthy than those that don’t. Adopting an open charter won’t make sense for everyone but it will separate companies that are 100% committed to remaining open source from those who want to reserve the right to change their business model at a later time.

Why the switch to non-compete

Companies that have switched licensing models from open source to non-compete often defend the decision by claiming that asserting more control over the project’s commercialization is a natural and necessary evolution of open source. From the perspective of a company that has thousands of employees and shareholders to answer to, it’s a defensible position. As a company gains success, and especially if it becomes a public company, there’s shareholder pressure to generate higher revenues, and ultimately, an important goal of a business is to maximize shareholder value.

The commonly applied BSL and Server-Side Public License (SSPL) effectively limit competitive use to shut out “freeloaders” and protect the company against hyper scalers while continuing to allow non-competitive use of the source code. For companies that find themselves in the position of needing to balance their open source origins with business needs, these licenses can provide a happy medium. In an ideal scenario, a company would start with a non-compete license rather than switch to one later in its lifecycle.

In HashiCorp’s announcement, the company attributes its adoption of the BSL license to “vendors who take advantage of pure OSS models, and the community work on OSS projects, for their own commercial goals, without providing material contributions back.” It’s the same argument Red Hat recently used to defend its decision to wall off RHEL code. Unsurprisingly, HashiCorp is facing a similar backlash as Red Hat received from the community. Opponents of the change argue that OSS companies signed up for unrestricted competition when they chose to be open source, and they can’t exclude themselves from the “freeloader” status when they have also benefited from community development.

“Competition in services on top of Terraform has recently driven much innovation as many of our own concepts eventually found their way to Terraform Cloud. It’s also worth remembering that Terraform itself is built on top of multiple open source libraries and an open source ecosystem. Without the volunteer work of hundreds of unpaid individuals, HashiCorp products would not be successful, there would be no ecosystem, and the company would not exist.” Spacelift response to HashiCorp

Many HashiCorp competitors and ecosystem partners also released statements in response to the news: Digger, Spacelift, Terrateam, Gruntwork, Terramate. Spacelift’s response directly addresses HashiCorp’s claim that companies such as themselves were taking advantage, reminding everyone that Terraform itself has benefitted from other open source technologies.

Community threatens fork

Shortly after HashiCorp’s announcement, the community reacted by publishing the OpenTF Manifesto and demanding HashiCorp switch Terraform back to an open source license or the community will fork it into a foundation. The letter describes the impact of changing the license of critical infrastructure technology on the overall community:

“Overnight, tens of thousands of businesses, ranging from one-person shops to the Fortune 500, woke up to a new reality where the underpinnings of their infrastructure suddenly became a potential legal risk.” - OpenTF Foundation

It describes one of the glaring issues with the business source license: the non-compete language used is vague and non-specific. HashiCorp’s BSL states: “You may make production use of the Licensed Work, provided such use does not include offering the Licensed Work to third parties on a hosted or embedded basis which is competitive with HashiCorp’s products.” The license doesn’t define what qualifies as competition and leaves users open to potential violations based on how the company interprets its business. A company using the software could be limited in how they expand their own product offerings for fear of legal repercussions. What happens if HashiCorp changes its business and enters a new technology category? Users of the software that were once in compliance can suddenly be redefined as competitors. If a company is going to change its license from open source to non-compete, it should at the very least define the business in the license.

This isn’t the first time a community has reacted to a licensing switch with a fork. A similar approach was taken when Elastic switched its Elasticsearch and Kibana products from Apache to SSPL. After Elastic switched Elasticsearch’s license, Amazon forked the project and created OpenSearch as an open source alternative. However, Amazon’s fork has significantly fewer contributions and has yet to eclipse Elasticsearch on Google trends suggesting the fork had little overall impact on Elastic.

OpenSearch was forked and is mostly maintained by a single company and the SSPL license language is more specific than the BSL language. The BSL is far more ambiguous, and the OpenTF Manifesto has been signed by more than 90 companies, 9 projects, and 300+ individuals suggesting that a fork of Terraform could have the support to seriously compete with HashiCorp.

However, users who have no interest in commercializing HashiCorp software have come to the company’s defense saying open source does need to evolve: “Source should be about a mutually beneficial partnership between builders and users, not ‘give it all away for free or you’re not legit.’” Whether or not the definition of open source is or needs to evolve is for the community to decide but the reason we’re even having these conversations is because more companies are starting as open source instead of proprietary and that’s a good thing.

Open charters protect open source as a public benefit

Companies that are committed to open source can choose to incorporate as a public benefit corporation (PBC). A PBC is a for-profit company that has committed to spending some of its resources and profits in support of a public benefit, like open source software. When a company incorporates as a PBC, it must include a corporate charter specifying its goals and commitments to its chosen public benefit. A corporate charter that commits a company to open source is called an “open charter.”

Open Charter: A legally binding corporate formation document stating a company’s commitment to open source and includes a series of objectives for meeting its open source commitment.

The only way a company can completely prevent relicensing code that was previously open source is to adopt an open charter in addition to the open source license. Open Core Ventures (OCV) has started numerous companies as public benefit companies using the OCV Public Benefit Company Charter (OPC). Our charter protects a company’s open source mission by:

1. Requiring the majority of new features added in a calendar year are made available under an open source license
2. Not withholding or intentionally delaying the release of security fixes for open source features
3. Not allowing the removal of any software products that were previously open source
4. Not allowing constraints or limitations such as user or performance limits, size, or number of repositories to projects the company has made available under an open source license
5. Open sourcing testing frameworks used for open source features
6. Explicitly communicating which code is open source and which is not.

The approach ensures that a company can’t switch to solely creating proprietary software or relicensing all of its software to a non-open source license. The OPC is open source and available for anyone to use. An open charter plus an open source license is how open source software companies will express their open source commitment in the future. It signals to users that they are serious about their open source status and lets investors and shareholders know that removing open source from the company is not an option in the future.