Projects evaluated to see if they're as free and open source as advertised

I think the definition of FOSS used here is tendentious: some of these projects (which I have no particular attachment to) are marked as "not FOSS" or "issues exist" because they have components that are disconnected from the basic nature of free and open source software itself.

A recurring one here seems to be that proprietary builds somehow make a project not FOSS. But this is how it's always worked: Red Hat doesn't sell FOSS source, they sell a subscription to a distribution (RHEL) that includes managed, maintained builds. That distribution is in turn restricted[1], while the source behind it remains free.

Perhaps there's an argument to be made that the definition of FOSS should be stronger, and should include some kind of binary freedom, lack of trademark restrictions, etc. But that's not how the term is conventionally applied, and glossing over that convention seems roughly as contentious as when companies try to split the baby and rewrite "open source" to include anti-competitive terms.

[1]: https://www.redhat.com/en/resources/red-hat-enterprise-linux...

One to add: NanoKVM is definitely fake FOSS. It dials home to download a serialized, opaque library. NanoKVM: The S stands for Security https://youtu.be/plJGZQ35Q6I

Many people also seem to think Atlassian Jira and Confluence are OSS when they're absolutely not.

F-Droid, the FOSS-centric alternative app store for Android, provides similar information for each app. F-Droid goes a bit farther on things mobile users care about, like calling out if an app sends telemetry or requires a paid subscription. I like that this Is it really FOSS? project examines a project's potential impact on the FOSS community by questioning whether it is VC-funded, requires a CLA, and other interesting characteristics like that.

Free but free to sustain? No way. Sometimes there are companies that accompany a paid, Enterprise version (HashiCorp, GitLab).

You get what you pay for

oh good a purity test for OSS projects, this is exactly what's needed in the ecosystem, and will surely have a positive impact

I got banned permanently from this server (with no explanation of why). However, it look like it is also on Codeberg, which I am not banned from (although many of the links are incorrect when viewed on Codeberg (at least if JavaScripts are disabled), it still works).

I think these articles are good, but I do have some other comments.

For some programs, there is the possibility that some parts can potentially work without non-FOSS but is difficult to separate. (This can also be a different problem in case you only want one part of the program.)

A program can also be Free but "trapped", in case it requires proprietary compilers to compile it (although it is often possible to work around this; sometimes easily and sometimes more difficult).

For some games that have non-FOSS parts, there is also the issue of if the non-FOSS parts can execute arbitrary code or otherwise do things outside of the game itself, that is not necessarily desirable (e.g. a Game Boy Advance emulator might be FOSS, although the programs it emulates might or might not be FOSS, but either way do not affect the rest of the computer nor the internet and other stuff like that); and, also the consideration of whether the software can be used without the non-FOSS parts (if you can replace them; e.g. a FOSS game engine might be made as a clone of a non-FOSS game engine that can use the original game files but you can also make your own fully FOSS games using it too).

There is also some that may require non-FOSS to access, even if the software itself is FOSS. Proprietary (or overly complicated, even if FOSS) communication channels are also not mentioned (although another comment on here does mention it), and I think it probably is a concern (not one that necessarily makes the project itself to be not FOSS, but still might be worth mentioning), even if it does not make the program itself to be not FOSS, it can make it difficult to contribute or to use it.

Being FOSS does not necessarily mean that you intend to run the program on your computer; you might only want to view the code, or modify it before running it, or use your own program (or a different FOSS program) as a substitute.

Programs can be "open core" but the non-FOSS part is still clearly distinct from it (which is the case for SQLite). (In the case of SQLite, they also mention the non-FOSS test suite; they are not needed to run the program, but it may make it difficult to make your own changes and then test it. However, some programs do not have a real test suite at all, anyways.)

I think this is not particularly impartial. Sentry is marked as "NOPE" even though it is basically open source (any commit older than two years is), yet projects that are open core forever are "issues exist" and "partially".

You can add a new project to the website by creating an issue [1].

[1] https://codeberg.org/danb/isitreallyfoss/issues

This project's source code is hosted on Codeberg, which runs on the FOSS forge Forgejo.

This is a big improvement over projects that are hosted on GitHub. For those, the license may be FOSS, but the spirit is not, because anyone that wants to contribute upstream is lured onto a proprietary platform.

The license and terms of service of a project's community communication channels are not listed under the concerns. (https://isitreallyfoss.com/concerns/) This is understandable: traditionally and strictly, the license is the only thing that matters.

Some entries are at best confusing, and at worst misinforming.

The common case is considering projects which have one element that is FOSS and another that isn't. For example: ProtonMail, who apparently offer a FOSS mail client. They never presumed to offer mail server software; and FOSS mail server software is available. So a button calling them out for not being really FOSS kind of misses the mark. You don't see an entry like that for, say, GMail - so if Proton did not provide a client at all, they would have faired better.

Another specific case is that of Signal. The client and server are FOSS, but they're designed for no federation, so you can't (?) use a modified Signal client with the vanilla clients, and you definitely can't add a server to the network. This effectively prevents modified versions of Signal from being usable. So, is it really FOSS? The site's verdict is: Unqualified yes, Green button.

Signal I suppose is open source, but doesn't it contain closed source Google binary blobs? It also routes through closed source notification libraries