←back to thread

Rug pulls, forks, and open-source feudalism

(lwn.net)
275 points pabs3 | 2 comments | 06 Sep 25 05:59 UTC | HN request time: 0.413s | source
Show context
palata ◴[06 Sep 25 10:19 UTC] No.45148071[source]
> Projects with CLAs more commonly are subject to rug pulls; projects using a developers certificate of origin do not have the same power imbalance and are less likely to be rug pulled.

Would be worth explaining why: my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA. So you say "it is a GPL project, my contribution is GPL, but I allow you to relicence my contribution as you see fit".

If the project uses a permissive licence already, honestly I don't really see a big impact with signing a CLA: anyone can just take the codebase and go proprietary with it. However, if it is a copyleft licence, then signing a CLA means that the beneficiary of the CLA doesn't play by the same rules and can go proprietary with the contributions!

If you don't want a rug pull, you should use a copyleft licence and not sign a CLA: nobody can make Linux proprietary because the copyright is shared between so many people.

If you use a permissive licence, then a rug pull is part of the deal.

replies(5): >>45148427 #>>45148502 #>>45148634 #>>45148648 #>>45148948 #
echelon ◴[06 Sep 25 12:22 UTC] No.45148648[source]
> commonly are subject to rug pulls

This open source purism is toxic. Projects have to be sustainable.

Hyperscalers have hoovered up the entire Internet and own the entire mobile device category. We're over here bickering about small developers writing source available / OSS-with-CLA.

If the community cares so damned much, they can take the last open version and maintain it themselves.

Please take all of this negative energy and fight for a breakup of big tech instead.

replies(2): >>45148892 #>>45150227 #
DaSHacka ◴[06 Sep 25 15:37 UTC] No.45150227[source]
"The issue you care about is toxic. You should care about the issue I care about instead!"
replies(1): >>45152372 #
1. cycomanic ◴[06 Sep 25 19:57 UTC] No.45152372[source]
That's misinterpreting what the previous poster is saying. They are saying that hyperscalers owning significant portions of the Internet (and using lots of projects without giving back) is a bigger threat to the sustainability of OSS.

Now I would argue that the sustainability of OSS is more important at least in the context of an lwn article. That doesn't mean one can not argue that rug pulls are the bigger threat, but that's not what you accused the previous poster off.

replies(1): >>45153721 #
2. socalgal2 ◴[06 Sep 25 23:04 UTC] No.45153721[source]
which hyperscalers are we talking about specifically? Microsoft, Google, Apple, Facebook, all gives tons of open source support. I think Amazon does too but less familar. So who are these hyperscalers you're claiming don't give back?