←back to thread

MinIO stops distributing free Docker images

(github.com)
672 points LexSiga | 2 comments | 22 Oct 25 06:17 UTC | HN request time: 0.423s | source
Show context
Tepix ◴[22 Oct 25 09:12 UTC] No.45666563[source]
It's an Open Source project - I don't understand what people are complaining about. Noone is entitled to receive free Docker images. I'm sure if there is enough demand, someone else who is trustworthy will step up and automate building them.

What I'd like to complain about instead is the pricing page on the Min.io webpage - it doesn't list any pricing. Looking at https://cloudian.com/blog/minios-ui-removal-leaves-organizat... it seems the prices are not cheap at all (minimum of $96,000 per year). Note that Cloudian is a competitor offering a closed-source product.

replies(20): >>45666657 #>>45666766 #>>45666806 #>>45666929 #>>45667098 #>>45667178 #>>45667201 #>>45667203 #>>45667286 #>>45667401 #>>45668228 #>>45668656 #>>45668714 #>>45668719 #>>45669554 #>>45670644 #>>45670900 #>>45671464 #>>45673127 #>>45674773 #
weli ◴[22 Oct 25 09:42 UTC] No.45666766[source]
When you always published and built Docker images for the public you are creating an expectation, people will rely on that and will chose your software based on that expectation.

You suddenly deciding that you won't be offering updated Docker images especially after a CVE and with no prior notice (except a hidden commit 4 days ago that updated the README) is approaching malicious-level actions.

If they truly cared about their community and still wanted to go through the decision of not offering public docker builds the responsible thing to do is offer a warning period, start adding notices in the repo (gh and docker) and create an easy migration path, even endorse or help some community members who would be fine with taking care of the public builds of the image.

But no, they introduced the change, made no public statement about it, waited for someone to notice this, offered no explanation and went silent. After a huge CVE. Irresponsible.

replies(10): >>45666850 #>>45666888 #>>45666945 #>>45666962 #>>45667042 #>>45667291 #>>45667585 #>>45668545 #>>45670863 #>>45676669 #
Hendrikto ◴[22 Oct 25 10:22 UTC] No.45667042[source]
> When you always published and built Docker images for the public you are creating an expectation

That expectation does not entitle anybody to anything though.

> people will rely on that and will chose your software based on that expectation

That is their decision. Without any contract or promise, there is no obligation to anybody.

> You suddenly deciding that you won't be offering updated Docker images […] is approaching malicious-level actions.

I really don’t get this entitlement. “You are still doing unpaid work I benefit from, but you used to do more, therefore you are malicious.” is something I really cannot get behind.

replies(10): >>45667160 #>>45667230 #>>45667367 #>>45667662 #>>45668153 #>>45668737 #>>45669872 #>>45670303 #>>45670375 #>>45673621 #
DannyBee ◴[22 Oct 25 10:48 UTC] No.45667230[source]
"That expectation does not entitle anybody to anything though."

This is true legally, but not otherwise (socially, practically)

"That is their decision. Without any contract or promise, there is no obligation to anybody."

Again, true legally, but IMHO a really silly position to take overall.

Imagine I provide free electricity to everyone in my town. I encourage everyone to use it. I do it all for free. I'm very careful to ensure the legal framework means i have no obligation, and everyone knows i have no obligations to them legally. They all take me up on it. All the other providers wither and die as a result. 15 years later, i decide to shut it all down on a whim because i want to move on to other things. The lights go out for the town everywhere.

Saying "i have no legal obligations" is true, but expecting people to not be pissed off, complain, and expect me to not do this is at best, naive.

Calling them entitled is even funnier. It's sort of irrelevant if they are entitled or not, after i put them in this position.

Legal obligation is not the only form of obligation, and not even the interesting ones most of the time.

More importantly - society has never survived on legal obligation alone.

I do not think you would enjoy living in a world where legal obligation is the only thing that mattered.

replies(3): >>45667264 #>>45667299 #>>45667348 #
cies ◴[22 Oct 25 11:07 UTC] No.45667348[source]
Did you read the comments on Github (linked by the title)?

So many commenters are just plain rude. They got free value for along time. Someone giving the free value decides to allocate their time otherwise. And the long-time receivers of the free value now cannot behave.

And you seem to make excuses for them...

It's just rude to behave like that after having enjoyed gifts for so long. They behave like spoiled children. Nothing to defend IMHO.

replies(1): >>45667565 #
jamespo ◴[22 Oct 25 11:36 UTC] No.45667565[source]
Github is awash with accounts with zero contributions to anything who use it to lobby for their personal requirements.
replies(1): >>45669597 #
imiric ◴[22 Oct 25 14:22 UTC] No.45669597[source]
This shows a fundamental misunderstanding of OSS.

You're essentially saying that only users who contribute to OSS are worthy of attention and support. This is no different than saying that only commercial users, or those from specific countries, backgrounds, or industries are worthy of the same.

Those users who create issues, request features, and, yes, ask for support, are as valuable as those who contribute code or money. They're all part of the same community of users that help build a successful product. And they do it for free for you, because they're passionate about the product itself.

If you think otherwise then you should make your terms of service explicit by using a restrictive license and business model. OSS is not for you.

Yes, some people can be rude, demanding, and unworthy of your attention. But you make those boundaries clear, not treat all non-paying users as entitled children.

replies(2): >>45669833 #>>45670518 #
evanelias ◴[22 Oct 25 15:21 UTC] No.45670518[source]
> If you think otherwise then you should make your terms of service explicit

FOSS licenses already do that: they shout at you in all-caps that the authors PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED.

Meanwhile the licenses don't say anything about communities.

For better or worse, OSI convinced everyone that "open source" is synonymous with using specific licenses that meet their definition. If that's the case, then how can it be a "fundamental misunderstanding of OSS" to strictly interpret OSS by the terms of the licenses, which don't mention any sort of "social contract", while they do include language explicitly contrary to such expectations of users?

replies(1): >>45672403 #
1. imiric ◴[22 Oct 25 17:30 UTC] No.45672403[source]
> how can it be a "fundamental misunderstanding of OSS" to strictly interpret OSS by the terms of the licenses, which don't mention any sort of "social contract", while they do include language explicitly contrary to such expectations of users?

Because free and open-source software is more than a set of licenses approved by some governing body.

It is part of a social movement and ideology pursuing the open sharing of knowledge, and building communities around this where everyone can benefit, not just a select few. Software is one aspect of this, due to its roots in the hacker counterculture of the 1970s, but the core idea extends beyond it.

You can read more about this in many places. Bruce Perens specifically refers to a "social contract" in this early post[1] on the Debian mailing list. This is what is usually referred to as the "spirit" of open source, and is not strictly encoded in any official definition. The success of OSS depends on implicit mutual trust and respect, not on explicit rules and licenses.

[1]: https://lists.debian.org/debian-announce/1997/msg00017.html

replies(1): >>45673342 #
2. evanelias ◴[22 Oct 25 18:38 UTC] No.45673342[source]
Many open source projects have never opted-in to a social movement or ideological pursuit. Software meeting the OSI's definition can unarguably be called "open source" without any other implications of an ill-defined "spirit" which is completely subjective.

If I host a code repo on an otherwise static site, with no ability to contact the author or engage in a community, it is still widely considered "open source" if it uses an OSI-approved license.

Likewise if I host the same code repo on Github and disable issues and set the pull request template to say "All PRs will be closed and I will shout expletives at you for wasting my time", if it uses an OSI-approved license then it is still open source per the OSI's own definition.