IBM is buying HashiCorp for $6.4 billion.
That's four months after HashiCorp rugpulled their entire development community and ditched open source for the 'Business Source License.'
As someone on Hacker News pointed out so eloquently:
IBM is like a juicer that takes all the delicious flavor out of a fruit
skywhopper replied:
"HashiCorp already did a great job pre-draining all their flavor."
Some people wonder if HashiCorp's decision to drop open source was because they wanted to juice the books for a higher price. I mean, six billion dollars? And they're not even a pointless AI company!
This blog post is a transcript of the video I posted today, Corporate Open Source is Dead. You can watch it on YouTube.
Meanwhile, Redis dropped the open BSD license and invented their own 'Source Available' license.
And last year, I covered how Red Hat found a way to just barely comply with the open source GPL license for their Enterprise Linux distro.
Other companies like MongoDB, Cockroach Labs, Confluent, Elasticsearch, and Sentry also went 'Source Available'. It started with some of the smaller players, but as rot sets in at even the biggest 'open source' companies, open source devs are choosing the nuclear option.
When a company rug pulls? Fork 'em. Literally!
Terraform, HashiCorp's bread and butter, was forked into OpenTofu, and adopted by the Linux Foundation. Companies who built their businesses on top of Terraform quickly switched over. Even juicier, OpenBao—a fork of HashiCorp's other big project Vault—is backed by IBM! What's going to happen with that fork now?
At least forks seem pretty straightforward in Hashi-land. In the wake of Redis' wanton destruction, it seems like there's a new fork every week!
And some developers are even exploring ditching the Redis code entirely, like redka's an API-compatible wrapper on top of SQLite!
After Red Hat closed its door—most of the way, at least they didn't try pulling a switcheroo on the license itself! Oracle, SUSE, and CIQ scrapped together the OpenELA alliance to maintain forks of Enterprise Linux. And CentOS users who'll be left in a lurch as June marks the end of CentOS 7 support have to decide whether to use AlmaLinux or one of the ELA projects now.
All these moves shattered the playbook startups and megacorps used—and now we're seeing, abused—to build up billions in revenue over the past decade.
It was all in the name of 'open source'.
As free money dries up and profits slow, companies slash headcount almost as fast as community trust.
2024 is the year corporate open source died
2024 is the year Corporate Open Source—or at least any remaining illusions about it—finally died.
It's one thing to build a product with a proprietary codebase, and charge for licenses. You can still build communities around that model, and it's worked for decades.
But it's totally different when you build your product under an open source license, foster a community of users who then build their own businesses on top of that software, then yoink the license when your revenue is affected.
That's called a bait-and-switch.
Brian Cantrill's been sounding the alarm for years—yes, that Brian Cantrill, the one who posted this gem:
Brian's presentation from 12 years ago is worth a watch, and the bottom line is summed up by Drew DeVault:
[Contributor License Agreements are] a strategy employed by commercial companies with one purpose only: to place a rug under the project, so that they can pull at the first sign of a bad quarter. This strategy exists to subvert the open source social contract.
By working on a project with a CLA, where you sign away your code, you're giving carte blanche for the company to take away your freedom to use their software.
From a company's perspective, if they want CLAs or if they want to use an anti-open-source license, they do not care about your freedoms. They're protecting revenue streams. They'll often talk about freeloaders, whether it's Amazon building a competing hosted solution, or some startup that found a way to monetize support.
But in the end, even if you have GPL code and you charge people to get it, it's not truly free as in freedom, if the company restricts how you can use, modify, and share the code.
But there's a distinction here, and I know a few people watching this are already yelling at me. There's "free" software, and there's "open source."
People in the free software community correctly identified the danger of calling free software 'open source.'
I don't think we have to be so dogmatic about it, but there is a fundamental philosophical difference between the free software community, with organizations like the Free Software Foundation and Software Freedom Conservancy behind it, and the more business-oriented 'open source' culture.
Open source culture relies on trust. Trust that companies you and I helped build (even without being on the payroll) wouldn't rugpull.
But time and time again, that trust is shattered.
Is this slow death of corporate open source bad? Well, it's certainly been annoying, especially for devs like me who felt connected to these communities in the past. But it's not all bad.
Why it's not bad for corporate open source to die
In fact, this could be a huge opportunity; what happened to the spunky startups like Ansible, HashiCorp, Elasticsearch, or Redis? They were lighting their industries on fire with great new software.
What happened to building up communities of developers, crossing cultural and economic barriers to make software that changed the world?
There are still projects doing that, but so many succumb to enterprise money, where eye-watering amounts of revenue puts profit over philosophy.
But as money dries up, as more developers get laid off after the insane hiring trends of the past five years, maybe small dev teams can move the needle.
The AI bubble hasn't popped yet, so some great people are getting sucked into that vortex.
But someone else could be on the cusp of the next great open source project. Just... don't add a CLA, okay?
And it's not just devs; big companies can join in. Historically bad players like Microsoft and maybe even Oracle—man, it pains me to say that. They've even made strides in the past decade!
IBM could even mend some wounds, like they could reunite OpenTofu and Terraform. There's precedent, like when IO.js merged back into Node.js after a fork in 2015.
People asked what Red Hat could do to get me interested in Enterprise Linux again. It's simple: stop treating people who don't bring revenue to the table like garbage. Freeloaders are part of open source—whether they're running homelab or a competing business.
Companies who want to befriend open source devs need to show they care about more than just money. Unfortunately, the trend right now is to rugpull to juice the quarterlies, because money line always goes up!
But you know what? I'd just prefer honesty. If revenue is so dependent on selling software, just... make the software proprietary. Don't be so coy!
But to anyone who's not a multi-billion dollar corporation, don't be a victim of the next rugpull. The warning signs are clear: Don't sign a CLA. Stay away from projects that require them.
Stick to open source licenses that respect your freedom, not licenses written to juice revenue and prep a company for a billion-dollar-buyout.
Maybe it's time for a new open source rebellion. Maybe this time, money won't change company culture as new projects arise from the ash heap. Maybe not, but at least we can try.