After visiting OSCON and seeing how other companies were engaging in open-source, I decided to share some of the more interesting things I learned with the community around Shopsys Framework — our clients, partners, fans, employees, advisors, consultants and investors.
Overall, OSCON has probably been one of the best conferences I’ve ever attended, simply in terms of having access to developers. Where else can I find and talk with MySQL/MariaDB, ElasticSearch, Apache Foundation and Acquia/Drupal co-founders? Although I ended up skipping some of the workshops, I made sure to attend two days worth of conferences, and below are some of the major points that stuck out for me and how we might best apply them to our own framework.
Business Around Open Source
Monty Widenius, co-founder of MySQL (which was sold to Sun for $1bn with $70m revenue) and founder of MariaDB, recommended using a Business Source License for some parts of software instead of relying on an open source + proprietary (e.g. dual licensing). The BSL means that the code is open and becomes free software under specific circumstances (e.g. after 4 years). After a short chat about the SSFW, he recommended using the MIT license for our platform and the BSL for modules.
Monty put it into perspective like this: If you are a service company, you need 100 developers working for clients for every 10 developers working on the product. Valuations of those companies are usually double the revenue. If you are a software company, then you need income from selling licenses — it doesn’t matter if all of your software is proprietary or open source and only 1/100 customers end up paying. Valuations of these companies usually have 10x their revenues + Y x user base.
On the other hand Carolyn, the IP & licensing expert working at a Canadian software company (which she didn’t want to name) was quite suspicious about BSL as it is not approved by the Open Source foundation. She agrees with having the platform under MIT license, but recommends keeping modules as proprietary as they tend to include a company’s “secret sauce” (our particular know-how). She also recommended using yearly fees (both unlimited or limited, e.g. for 3–5 years) instead of asking for a high one-time fee. She strongly recommended including revenue from licenses in any open-source startup strategy, especially if they have a small/niche market. Conversely, one often celebrated open source Linux business, Red Hat, has one huge advantage and takes the opposite approach to niche marketing — instead, it relies on a huge ecosystem.
The Awkward GPL License
The GPL license is one of the most disliked licenses among their users (especially corporate users), yet it is a very commonly used license on commercial open source projects. It has a strict copyleft with limited distribution. It is unclear what the distribution is (especially in terms of internal distribution within corporate entities). Additionally, GPL causes adoption struggles for bigger companies as well — every usage of GPL source code needs to be approved by the legal/IP department. That is why companies prefer permissive licenses like MIT, BSD or APL.
To summarize, the copylefted (GPL, OSL, AGPL, LGPL) open source software producers (like MySQL, MariaDB, Magento, Oro) benefit from these issues and they usually offer another license (such as a dual licensing model). As a result, big companies prefer to buy a commercial license from a provider.
Newer alternatives to the GPL license, with less annoyances but still strict copylefts, include OSLv3, AGPLv3 and LGPLv3. OSLv3 has probably clearest definition of distribution and derivative works. Unlike MIT/BSD/APL, the GPL/OSL/AGPL/LGPL licenses have another advantage for the producer: their software can’t be forked and redistributed without publishing changes.
For those of you who don’t know, Copyleft is the rule that when you redistribute the program, you cannot add restrictions which deny other people access to the program’s central freedoms (of free software, not in terms of money). However, it should be noted that a program which uses copyleft licensing does not need to be published to fall under this rubric. The copyleft applies only to the provided program and not in-house modifications to the software.
But things get even weirder. Software under AGPL (modified version of GPLv3) has a different requirement: if you run a modified program on a server, your server must also be allowed to download the source code corresponding to the modified it is version running. I am serious! MongoDB and Shopware are among several businesses who currently use this license.
On a side-note: MariaDB uses GPLv2 because it is based on MySQL that uses GPLv2 as well. Additional products (MariaDB Enterprise and MaxScale) fall under BSL.
You never start with a perfect product — it always takes time to make software better and better and the journey never ends. As Iwo (VP of Sales Operations) told me, Shopgate had a totally ugly, crappy mobile app in 2013 in comparison to what they have today. Now Shopgate is one of the leaders when it comes to the mobile store industry.
PHP Is The King
And yet, PHP is barely a top topic among speeches in conferences. I had discussions with many developers and project managers (at OSCON, Shopify Unite, GenereteNY) and most of them told me that PHP is the most used programming language for back-ends and cores of applications — especially in the e-commerce segment.
Many people told me that PHP is a safe choice as it has been here for more than 20 years and it will probably be there for decades to come. Even in the US, most web developers are PHP devs. Also, there is a higher probability of being able to find someone you can hire who has an advanced understanding of PHP, versus .NET, Java, or especially some modern-hyped-languages like NodeJS, AngularJS, ReactJS, etc. Personally, I am firmly convinced that PHP is the best choice. And among PHP frameworks, Symfony and Laravel are the most known and preferred in the US. For enterprise apps, Symfony is definitely the best choice.
Despite the popularity of PHP, there’s no doubt that some modern e-commerce sites will still prefer JS frameworks for front-ends and this is something to keep in mind when dealing with future clients (most people told me that they would bet on ReactJS above all).
Other Issues In A Nutshell
GraphQL was highlighted as a very promising alternative to REST for the microservices approach, and has been developed by Facebook. Shopify, with their admirable extensibility, are betting on GraphQL, as well. They even open-sourced their query batching executor for the GraphQL (see here) and there are bundles for Symfony.
Elastic (formerly Elasticsearch) is a fully distributed 300+ employees company with no offices. Their main communication channel is — you guessed it — e-mail! They send hundreds of emails every day but they have developed a number of filters for Gmail and every new employee starts with that filter set. Every discussion about the product takes place on GitHub and is public (even if a discussion was over video conference, they summarize it), which helps streamline communication. They use and recommend time-based release plans scheduled on certain days (major version every 6 months, minor every 6 weeks). They headhunt and hire developers only from the Elastic open source community. Side-note: Elasticsearch is open source under permissive APL2 license. Revenues come mostly from their Cloud As-A-Service version and their other products (Beats, Kibana, etc.)
Monty Widenius (MySQL/MariaDB) recommends all OS companies release early, release often, and keep their promises.
Daniel Byrnes (Software Freedom Law Center) introduced some civil cases from the last few years where the U.S. Supreme Court denied patent owners’ suits (especially Alice case and Symantec case). From these cases, we can predict that software patents are going to become even more vulnerable over time.
Some people recommended researching GraphQL and the Slim framework in our discussion about “microservicing” the SSFW.
FLOSS vs Proper Business Strategy
The perception of open source as a free libre open source software (FLOSS) as it used to be in the beginning is completely gone. From all new projects over the last few years, I got a feeling that open source plays only a small part of their business strategy. Simplified, there are three strategies:
dual licensing/open core — one version of the product is open source and the typically enhanced product or its additional parts are proprietary or licensed with some limitations. — e.g. Magento, OroCommerce, MariaDB, MongoDB
pay for computing — the product is open sourced and the business is focused on compute-time (as-a-service/cloud) — e.g. Elastic, CoreOS, Crate.io
service company — the product is open sourced and revenues come from implementations, support, consultations, upgrading etc. — e.g. Acquia (main Drupal developer)
Big Software Houses’ Attention
The presence of big software houses like IBM, Oracle, DELL, Google, Microsoft, etc. was really mind-blowing. They were the main sponsors but made remarkable efforts to be speakers as well (their approach does not hit the target every time, of course). I talked about it with some attendees and they told me that open source is considered a very feasible alternative to how software products will be created in the future. Whether you believe it or not, open source is receiving a lot of hype and is in the crosshairs of big software houses just as much as software-as-a-service or cloud. But it’s also clear that many software houses do not know how to deal with this transition, so we can expect there will be probably many acquisitions in the next few years.
Side note: the US government has passed a recent law that at least 20% of all delivered software must be open sourced.
All the conferences I visited this spring (OSCON, Generate & Shopify Unite) provided me with a lot of inspiration, introduced me to great people and new networking opportunities, and helped me learn a lot about the evolving future of open-source. But I would love to hear what you think? How do you perceive open-source and what trends have you observed?
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
This cookie is set by Google and is used to distinguish users.
This cookie is set by Google and is used to distinguish users.
This cookie is used by Google Analytics to understand user interaction with the website.
This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
16 years 4 months 18 days 16 hours 19 minutes
These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
16 years 4 months 18 days 16 hours 16 minutes
This cookie is set by the Rubicon Project. The exact purpose of the cookie is not known.
The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
1 year 24 days
Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
This cookie is used to a profile based on user's interest and display personalized ads to the users.
This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
This cookie is used to measure the number and behavior of the visitors to the website anonymously. The data includes the number of visits, average duration of the visit on the website, pages visited, etc. for the purpose of better understanding user preferences for targeted advertisments.
5 months 27 days
This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
This cookies is set by Youtube and is used to track the views of embedded videos.
These cookies are set via embedded youtube-videos.
These cookies are set via embedded youtube-videos.