logoalt Hacker News

dwoldrichyesterday at 10:47 PM1 replyview on HN

For libraries, I like the Gnu Affero Public License[1]. If you run the library in software with that license, you have to publish all the source of the entire project that incorporates it.

No corporation could tolerate this, though, so the library vendor can negotiate a commercial license of their software for appropriate fees.

That said, corporations are not going to want to negotiate fees with 100's of vendors over constantly fluctuating dependencies in their software.

This is why the next big language/software ecosystem needs to integrate payments to vendors in their repository system. That way, commercial license management can occur between the ecosystem owners and the corporate customers and all the vendors get paid their fair share.

Similar to Amazon's Dynamo API, whatever the next big language/ecosystem is needs to be designed around _billing_ and automatic license management for # of deployments, seats, call volumes, etc.

[1] https://web.archive.org/web/20260712154038/https://www.gnu.o...


Replies

skissanetoday at 12:14 AM

> This is why the next big language/software ecosystem needs to integrate payments to vendors in their repository system. That way, commercial license management can occur between the ecosystem owners and the corporate customers and all the vendors get paid their fair share.

I don't think this idea is going to go anywhere.

If a package is available for free, on convenient licensing terms, developers will use it.

If you make them pay, many developers will prefer to just build it themselves. Coding agents make that easier than ever.

Buying a package involves a lot more paperwork – it needs to go through procurement – and introduces new risks, e.g. what if the vendor increases their prices

There are potential exceptions – software with really advanced algorithms (e.g. solvers for optimisation problems); safety critical software; software needing regulatory certification (e.g. there are some Australian government APIs they won't let you call unless you've hired an auditor to certify the software you are calling them with, and the relevant government agency has approved the auditor's report) – but those exceptions are relatively rare, and the existing solutions are arguably adequate to handle them

I also think it is different for packaged SaaS applications [0] because there the buyer isn't a developer, it is someone non-technical, and "use a coding agent to build it yourself" isn't within their comfort zone or risk appetite (at least, not yet).

[0] conflict of interest disclaimer: work for a SaaS vendor

show 1 reply