Bear is now source-available
202 comments
·September 1, 2025cinericius
swiftcoder
> the stance of the 'Open Source' crowd
The original stance of the open source crowd was more along the lines of the GPL -> GPLv3 -> AGPL, which expressly prevents this kind of thing.
The proliferation of "give everything away for free" MIT/BSD/Apache licenses seems to me to have been an intentional campaign by corporate interests to undermine free software ideals
zimpenfish
> The original stance of the open source crowd was more along the lines of the GPL -> GPLv3 -> AGPL, which expressly prevents this kind of thing.
Not wanting to further widen the schism but wasn't that the free software people rather than the open source people? cf [0], particularly the "not as strict" part.
> In the late 1990's Eric Raymond and others developed the term "open source" as a more business friendly term than "free software", with a more inclusive meaning where licenses that were not as strict about the passing on of modifications would also quality for the term.
[0] https://www.freeopensourcesoftware.org/index.php?title=Eric_...
tsimionescu
Amazon offers lots of AGPL software, and they fully respect the license in all cases. Ultimately the GPL is about protecting users' rights at the expense of developers' rights. So as long as AWS can offer a better/cheaper managed version of a software service, while still giving the users all details on how to run the same service if they chose to, then the AGPL is completely achieving its aims, even if the original company goes out of business.
Zambyte
The original stance of open source is to cater to "free-riding" businesses. That's like, why the term "open source" even exists. You're thinking of the "free software" crowd.
gr4vityWall
> The original stance of the open source crowd was more along the lines of the GPL -> GPLv3 -> AGPL, which expressly prevents this kind of thing.
Expanding on this, the Free Software movement always focused on freedom for users - which, in a world where copyright applies to computer programs, ultimately leads to the licenses you listed to repurpose it.
The __Open Source__ movement usually tries to advocate for open-source as the best development model. As in, writing it in the open and contributing with other people will result in objectively better software in the long term. Others treated it (when the term was coined) as a marketing term for Free Software, making it more palatable to businesses whose people running it don't want to talk about ethics too much.
https://www.gnu.org/philosophy/open-source-misses-the-point....
jibal
The MIT and BSD licenses predated the GPL. People have a choice as to which ethic to follow ... it's not the result of a corporate conspiracy. (And I'm a social democrat, not a corporate simp.)
pferde
The creation of those licenses, maybe. Their mass popularization, and the pooh-poohing of GPL licenses that often goes with it in related discussions, is much more recent.
swiftcoder
I'm not so clear the choice was made consciously. There's a big swing away from the GPL and towards MIT/BSD around the time that Apple starts adopting a bunch of open-source projects for inclusion in MacOS X, and it accelerates when various big companies announced that they would be forbidding GPLv3 adoption. Fast forward to the cloud provider era, and basically no new software is being placed under the GPL (at least in part because Amazon/Google/Facebook/etc are predicating contributions on being GPL-free)
jakelazaroff
Most people have no problem with non-open source software. The gnashing of teeth comes in when projects like Terraform become successful specifically because they're open source, and then the maintainer changes to a closed source license that would have prevented the project from being successful in the first place.
Doubly so when they relicense outside contributors' work with a closed source license because those contributors signed a CLA.
arp242
Quite a few people commenting here are having problems with it in the case of Bearblog though, including some pretty wild accusations.
And lets be real here: https://github.com/HermanMartinus/bearblog/graphs/contributo...
Looking at the details of that, the only two (small) substantial code changes from other people are "User can delete their own account" from 2020, and "Use cloudflare online dns api to perform domain check" from 2021.
jinzo
If we are real, it's also quite clear that contributions are not accepted at least from 2023. And the Readme talked about the project not meant to be self-hosted in the past.
I have no horse in the race, just think that maybe this project is not a good measure of contributions.
null
bachmeier
> As far as I understand it, the stance of the 'Open Source' crowd is that if Amazon can't make it one of their AWS offerings then it isn't true open source, and they'll get very upset at you if you claim it is.
If you aren't interested in open source, that's your option, but open source has had a clear meaning for decades. You can use/write your software and people that believe in open source can use/write open source. What's the problem?
nothrabannosir
Whether they contribute back their changes to their users.
adastra22
Then you want free software (a subcategory of open source).
MangoToupe
That's copyleft, something OSI was basically created to not imply.
pxc
> As far as I understand it, the stance of the 'Open Source' crowd is that if Amazon can't...
Freedom 0 is the freedom to run the software for any purpose. You can't deny users this freedom "for their own good", or to spite big corporations, and still be free software.
Subtler issues of power and dependency won't be resolved through licensing alone, and certainly not by compromising on basic software freedom for users.
jaredklewis
People can license their software however they want, but it is worth reflecting on why almost all open source authors go with a permissive license like MIT: because it is basically a "buyer's market." When choosing a database, distributed queue, blogging platform, or whatever, companies usually have a choice of at least several high quality open source options.
If one of those options places restrictions on the users, then those users are probably going to choose one of the other options.
As a result, licensing your project GPL or the like usually means relegating it to obscurity. There are very notable exceptions, including Linux and WordPress, but they are outliers. It's hard to monetize an MIT project, but it is even harder to monetize a project without users.
Whether this is "good" or "bad" is a separate debate (err, usually flame war), but I think many people gloss over that this is a coordination problem and that everyone is acting rationally. For better or worse, software does not seem to be scarce.
zelphirkalt
I disagree. It will be harder to monetize MIT licensed projects, because any competitor can just grab and run. With AGPLv3, at least legally the competitor needs to publish their modifications as well. This in turn makes it more likely the competitor will not use your code, or if they do, in accordance with the license, which would be fine, and users of the product you build will mostly not care, because they don't even know what the licenses are about.
landdate
> licensing your project GPL or the like usually means relegating it to obscurity
Subjective. Sure if you are talking about percent of market share, but it's a huge market, you don't need to capture even 1% of users to have a viable business.
The vast majority of the GNU ecosystem is GPL. Bash, git, Apache, Gimp, Blender, Libreoffice.
There are also a lot of projects that are dual licensed, allowing commercial software to be charged a fee and non-commercial software to use for free with GPL.
umanwizard
Neither Apache nor LibreOffice is GPL. Apache is permissive whereas LibreOffice is MPL (a sort of middle way between permissive and copyleft).
NoahZuniga
Well, many developers publish their code not because they want to specifically make a successful open source project, but because they made something that was useful to themselves, and like the idea behind open source. In that case it makes more sense to do a copyleft license because it will legally require all derivatives to also follow that open source idea.
jaredklewis
Yea I think stuff like this is great and will have some impact around the edges. Perhaps particularly in the realm of end-user software, like a window tiling manager.
But once we start talking about the kind of software large corporations (like AWS) will have an interest in, projects have to be successful to be useful. Software requires maintenance so the maintainers need to be able to devote their time to maintaining and improving the project. So this will select for projects that are successful enough that the maintainers can focus on it fully (either because some company hires them to work on their own project, they can charge high consulting fees because of their association with the project, or whatever).
I think "the code" (the thing covered by copyright) in most cases is not as valuable as "the project:" the leadership, the contributors, the users, the norms and practices, the commitment to ongoing maintenance, and so on. So just lots of individuals all putting pieces of their code out there with GPL probably doesn't make a lot of impact (though there is nothing wrong with it), because most users don't want "code" they want a "project" they can rely on.
null
omnicognate
> As far as I understand it, the stance of the 'Open Source' crowd is that if Amazon can't make it one of their AWS offerings then it isn't true open source
Isn't this what the AGPL is for? That's an OSI approved "open source" license that places restrictions on people making the software accessible as a network service.
happymellon
I think the problem that these folks have is that AGPL still allows other people to host the software.
They want to seem altruistic but want to also be the only provider.
GPL would have been a better initial license, and AGPL would have been the next logical step to ensure that changes that hosted services make can come back to the original version.
I'm not entirely sure what they were hoping to get by making an extremely permissive licensed piece of software, but competition doesn't appear to be it.
tptacek
They care that other people can sell the software, not that other people can use the software, which is why the license they use makes that distinction.
mynameisvlad
> They want to seem altruistic but want to also be the only provider.
This is an overly negative take. At the end of the day, they are still providing software and the source code free to use for practically every purpose except directly competing with them.
That's still altruistic while also being sensible in the real world rather than an ideal.
ahartmetz
I thought so, too, at first. But there's a crucial difference: With the AGPL, Bear's competition can offer the software as as service if they publish the source code they are deploying. With the Bear license, Bear's competition just cannot offer the software as a service. It feels mostly in the spirit of FOSS to me, but Stallman would disagree. He has made it clear that there should be no restrictions on use.
cxr
> It feels mostly in the spirit of FOSS to me
From the license at <https://github.com/HermanMartinus/bearblog/blob/998e87263248...>:
"You may not provide the Software as a hosted or managed service that offers users access to substantial features or functionality"
Given that the exclusive purpose of the Software in question is to implement a managed service for its users' hosting needs, I'm having trouble understanding how anyone could take the position that this is "mostly in the spirit of FOSS".
The license might as well say, "You just can't use this."
happymellon
> Bear's competition just cannot offer the software as a service. It feels mostly in the spirit of FOSS
I don't see how, there is nothing in the spirit of FOSS by doing that.
jakelazaroff
> With the AGPL, Bear's competition can offer the software as as service if they publish the source code they are deploying.
Technically true, but in practice almost every tech company forbids GPL code. I bet if you re-read your employment contract closely you'll find that you agreed not to introduce any GPL code into the company's codebases.
(Edited for clarity).
fsflover
> With the AGPL, Bear's competition can offer the software as as service if they publish the source code they are deploying
Any examples when AGPL was used successfully by competitors? Typically every company prohibits using this licence.
echoangle
AGPL doesn't really prevent Amazon from making it an AWS offering unless they want to modify the program and don't want to share the modifications.
omnicognate
Why would I want to stop them making it available as a network service except as a way of circumventing the copyleft by effectively distributing it without actually distributing it (which AIUI the AGPL fixes)? If you want to place restrictions on how people are allowed to use the software then A) I don't see the relevance of AWS as a special case, and B) go ahead but don't imply the "open source crowd" are being unreasonable by not considering it open source.
Arrowmaster
It doesn't in an indirect way. A friend that worked for Amazon about 5 years ago told me they were even allowed to look at AGPL codebases on the clock because the lawyers were so afraid of it.
jdxcode
Another reason is that copyleft licenses are kryptonite in large organizations.
cinericius
Not a lawyer, but my understanding is there is a strong feeling that AGPL can be roughly ignored if a service provider provides some level of indirection (e.g. a proxy) between the user and the software. Then, the software is somehow not being accessed over a network and thus they are not required to release the source.
barnabee
I have a strong feeling that speaking to a lawyer might reveal that to be untrue
jraph
Free software ought to not be discriminatory and arbitrarily exclude users. Full stop. Anyone means anyone.
Now, we can agree and talk about unfortunate consequences and possible mitigations.
The AGPL is one possible mitigation: Big corps are usually afraid of it. But they do themselves: the AGPL doesn't forbid them to use the thing.
benrutter
I guess I'm in that crowd, and well, I definitely recognise that! Open source is an important term, and I don't want to see it degraded. I think I'd find it annoying if this blog post was trying to claim Bear was still free software, or open source.
That doesn't mean I think everything has to be open source. Bear is a blogging platform trying to make money and it seems fine to me for it not to be open source.
ezekg
Has the maintainer looked at fair source? [0] I believe it's superior to source-available (and open core), because it eventually becomes fully open source under DOSP [1], which is great for free and paid users, especially for a blog platform like Bear. There's an FCL [2] fair source license, which aligns pretty well with their current Bear Blog License (namely the non-compete and license key bits from the ELv2). All in all, the term "source-available" is pretty meaningless, because there are too many variables. Fair source tries to tighten that up.
It also aligns quite well with Bear's manifesto [3]. Even if Bear PTY LTD ceases to exist, Bear won't. This can be codified under DOSP.
Disclaimer: I'm involved with fair source and helped write the FCL.
[0]: https://fair.io
[1]: https://opensource.org/dosp
[2]: https://fcl.dev
threemux
I suppose this is the move if you're looking to foreclose all possible competing usages. Kudos for using correct terminology as it is no longer Open Source.
However, I still believe AGPL is a better alternative in most cases and functionally prevents large enterprises from touching your code due to typical internal policies.
ezekg
Shame on the people who recommend the AGPL to effectively be an OSI-approved source-available license.
This is a grievance against the spirit of open source.
happymellon
AGPL is exactly the spirit of open source. The license used by bear violates freedom 0. AGPL ensures that freedom 1, 2 and 3 are allowed even in hosted services scenarios.
Freedom 0 the freedom to use the work
Freedom 1 the freedom to study the work
Freedom 2 the freedom to copy and share the work with others
Freedom 3 the freedom to modify the work, and the freedom to distribute modified and therefore derivative works
levkk
Gotta love these are zero-indexed. Written by an engineer for engineers.
nothrabannosir
the corporations who disallow agpl only do so because they want to comply in a way that is against the spirit of open source. When I advocate for the agpl to prevent Amazon and Google using my software, it’s not because of who those companies are, but how they use it.
If Amazon tomorrow turns around and open sources everything that is a derivative work of the code they ever used, I would be more than happy, even proud if they used my software. Today any company which doesn’t deny their users the core software freedoms is already free to do so.
This is not a “hack” to be maliciously compliant OSS; this is the spirit of open source.
Why do you think the GPL has the virality clause in the first place?
Edit: a perhaps reductive, but hopefully instructive summary: MIT/BSD guarantee freedoms of the software developers, GPL guarantees freedoms of the software users.
You are free to choose which you prefer, but they're quite explicit choices, and the AGPL is absolutely squarely in the spirit of the GPL.
(Now if you had said you take issue with the tivoization clause, on the other hand... :) :))
tptacek
It's one of four licenses linked on the front page of the FSF.
ezekg
And it's the most abused license in the history of open source [0] [1].
phkahler
Naive. Guy picks a license that allow anyone to do anything they want with his code. Later realizes that was not appropriate when he's trying make money. Changes to an obscure license that on the surface seems to fix the problem.
Your options are: MIT / BSD, GPL, LGPL, AGPL. All others are unnecessary and create needless incompatibility.
mottosso
I'd have to agree with this stance. You choose MIT when you are happy to share your source with no strings attached. Some do pick MIT with this intent, but that was not the case here. But rather a case of either miscommunication or wanting to have the pie ("look how altruistic I am") and eating it too ("look how business-minded I am").
sarlalian
I mean, there’s a chance it’s exactly what he said, “I didn't give it much thought at the time, but knew that I wanted the code to be available for people to learn from, and to make it easily auditable so users could validate claims I have made about the privacy and security of the platform.” … it doesn’t have to be some to be some sort of nefarious OSS altruism, it really could be, “maybe people would want to see how this works”… that ends up leading to … oh crap a bunch of people who have never contributed, and will never contribute, are hosting versions of what I created and taking money that I really would like to have to feed my family.
themerone
MIT & BSD don't include a patent grant, that's a good reason to go with the Apache license.
bruce511
Naive. Users who think a project that is Open Source will remain Open Source forever.
Authors gave the right to change license to a proprietary one. Users being surprised by this are as equally naive as developers who think you can make money writing Open Source.
Vinnl
Well, the versions that were published as open source will remain open source forever. That's never a guarantee for new updates by the same author, for any licence.
rurban
He talks about his blogging software bearblog.
Bear is still here https://github.com/rizsotto/Bear and open source
hellcow
I'm sad to see this. I supported Bear because it was open source. As that's no longer the case, I just canceled my membership.
I would love to see this reversed and moved to AGPL instead.
bruce511
I think this is fair, by both Bear and yourself. He's free to attach any license he likes, you are free to use it or not.
Obviously the goal of Open Source licenses does not include making money. You might, or might not, but it's not a priority.
Equally your goal may be to only support Open Source projects. That's fine. For you removing support for this project makes sense.
Once a project reaches the stage of needing to create an income stream, Open Source licenses are no longer appropriate.
Yes, some developers are naive in thinking Open Source licenses protect their income stream. Yes some users are naive in thinking that projects will remain Open Source forever.
Source-available, or Shipped-with-source of whatever you want to call it is a proprietary license which is just fine. It's not Open Source, nor does it need to be.
lispisok
"I released source code under the MIT license and people are now using it to their financial benefit. Who could have possibly seen this coming?"
Why does this keep happening? Why are so may developers blind to this obvious outcome?
dewey
MIT was always the easy default that every project used, you just select it from the GitHub dropdown and you are done when setting up a new project. I think you can't really blame people for using it.
Especially when your project is new it's also not often clear that this project will become something more serious later where you have to worry about such things as people cloning your project.
darkwater
Because between 15 and 20 years ago the BSD zealots won that culture war. I would really love to see a simulation where GNU licenses won that culture war and which landscape we would have today.
sunshowers
There are good reasons the so-called "BSD zealots" won the so-called "culture war", such as the definition of a derived work being largely uncharted territory. Did you know that there's a compelling legal argument that the GPL attaches to programs talking to each other via JSON data structures?
I think MPL 2.0 is the ideal kind of copyleft, because of its scope being very clear.
orthoxerox
GPL wouldn't have changed anything. Or even AGPL, if you had been running an unmodified Bear instance.
Fordec
Its interesting that they went with the Elastic License. Maybe this is a leaf in the wind that we're going to see more adoption of the license outside of Elastic. I get it's not a "standard" license, but standard licenses become standard through adoption. Someone has to be early to the party.
athrowaway3z
I certainly get the hurt feelings, but i'm not clear on the license at all.
>Limitations: You may not provide the Software as a hosted or managed service that offers users access to substantial features or functionality.
Where on the spectrum sits an average cookie-cutter VPS provider that comes with an OS package manager that installs the program? Does the VPS provider have to screen the package manager? Does that change if they build a wiki with "1-click-install" that just sends an ssh command to install?
Is this just a requirement to have some theater where an "unaffiliated" third party has to provide the set-up scripts? Or just a rule you can't mention the option during the sales pipeline?
captainmuon
I think users applies to end-users here. So you must not run the software as a service (either paid or for free) for other users. You are free to use it yourself.
Crucially, I think what is banned to offer accounts. Offering turnkey-hosting is probably banned in spirit, but the person offering the turnkey-hosting is not in violation, rather the person booking the turnkey hosting and offering the accounts on the instance to third parties is in violation.
I think the wording is originally against somebody like Amazon hosting e.g. database instances for other people to use, and then giving you an account in that database. It's still OK to rent a VM from them and use the package manager to install it.
In any way, it is really confusing, in a way a license should not be. And I don't really understand why someone builds a blog platform, which is not monetized, open sources it, but doesn't want other people to host it. If I open source my stuff, I want people to use it. If I want to share the code but don't want people to use it I'd just put it somewhere it with no license at all (all rights reserved).
poulpy123
I understand the reasoning and I also understand the interest of still providing the sources. I'm however curious why the MIT license was chosen instead of the AGPL if competition was a concern
tptacek
Presumably it wasn't a concern when they started and became one later; after all, they changed the license.
simjnd
I really believe this is the best model or licensing. I care about seeing the code and being able to modify it to suit my own preferences, but I also care about the project being healthy and the maintainer being able to earn from their efforts without worrying about cheap competition.
Even better when a project starts with this model so it doesn't feel like a rug pull or doesn't get messy with forks overshadowing the original product. But I don't feel like Bear had the kind of scale to face this type of reaction.
I use mataroa.blog periodically which is in the same nice and I wish the Bear maintainers fulfillment with their project.
the_duke
We are also entering the age of "hey AI, take this repo, reimplement the same functionality".
Now, no LLM is currently anywhere near doing that for ElasticSearch.
But for a project with 4845 lines of Python code? (as per tokei)
Definitely doable, with a bit of handholding and manual fixing.
Would that be a derivative work? Maybe, but that would be a hard legal battle.
noinsight
> We are also entering the age of "hey AI, take this repo, reimplement the same functionality".
Wouldn't you do this just against the/an API documentation? Interesting thought.
gkbrk
> Now, no LLM is currently anywhere near doing that for ElasticSearch.
You could probably feed all of ElasticSearch into an LLM and ask it to "reimplement it" successfully. But why would you even bother? There's already an existing open-source alternative called OpenSearch [1].
sarlalian
His point was that we are quickly entering the land of “Source Available” not really being a shield if someone’s willing to spend some time in claude code.
As far as I understand it, the stance of the 'Open Source' crowd is that if Amazon can't make it one of their AWS offerings then it isn't true open source, and they'll get very upset at you if you claim it is.
I'd like to see some recognition from this crowd of the "free-ride competition" problem as this author puts it. What Herman is doing is a service to us all, and we should find a term (better than 'source-available', which is cold and doesn't capture community projects accurately) that people can promote themselves under without much weeping and gnashing of teeth.
EDIT from a comment in a thread way down, that summarises my point:
I argue that the natural winner-take-all dynamics of the marketplace are not beneficial to the the mission of free and open source software. In fact, having no safeguard against large organisations making money this way is actually hugely detrimental to the mission by enabling these companies to ensnare unsuspecting users in a web of both their own proprietary software as well as all that free and open source software has to offer.