- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
Previously LGPL, now re-licensed as closed-source/commercial. Previous code taken down.
Commercial users pay $99/year, free for personal use but each user has to make a free account after a trial period.
If this project has other contributors, imagine how betrayed they must be.
Opening the project as FOSS until it becomes popular and then closing it to make money is such a scummy tactic
Fork the last commit with a LGPL commit?
GPL mentions explicitly that it is irrevocable, where as LGPL doesn’t mention anything about it. IANAL, but it looks like there is a case for irrevocable without violation of clauses by default https://opensource.stackexchange.com/questions/4012/are-licenses-irrevocable-by-default#4013
For people considering contributing to FOSS in the future, maybe check for irrevocable clauses? I wish licenses selectors https://choosealicense.com highlighted this part more clearly.
Also depends on the contributions terms.
If they were a traditional FOSS, they can’t change the terms without all contributors agreeing or removing/modifying the contributed code so that they no longer have ownership of their authored sections.
Either way, it’s a dick move.
Can’t anyone just fork one of the LGPL versions and start a new project?
@fidodo @SkyNTP It has already happened https://github.com/andor-pierdelacabeza/PySimpleGUI-4-foss
@fidodo @SkyNTP Sure, but unless that someone keeps it updated that fork will be useless soon. And that looks like a lot of (unpaid) work.
I like the project (was surprised to even see my user name in the contributor list) but stopped using it because I couldn’t get accessibility working (mainly no full keyboard shortcuts).
For me, buying a yearly developer license to have a few GUI pop-ups at work is something I’ll only consider if I run out of options.
Never sign over copyright. If they didn’t, they can sue.
I’ve had to sign specific paperwork regarding copyright for just big projects, many smaller ones take contributions without paperwork, which would leave the rights with each contributor. They be better dot their i’s and cross their t’s, it just the legal fees could isnk them before making any money from the commercial license.
IANAL, just in case.
If any contributors haven’t signed a contract letting them close the source, this opens them up to lawsuits.
Does the LGPL really allow that or did they make all the contributors agree to allow their code to be relicensed?
Previous versions licensed under LGPL will remain licensed as such. The current maintainers have no obligation to contribute distributing the older versions, but they aren’t permitted to prevent others from distributing it or modifying or doing anything else that was permitted by the license.
And, yes, to change from GPL/LGPL to another license you would need all of the contributors to consent, or to rewrite the parts that were contributed by anyone who doesn’t agree with the license change. Since it looks like there only one contributor according to the GitHub page, this probably wasn’t too difficult.
Was there only ever one contributor? There’s only one now, but all the old commits have been removed.
They apparantly had a police of not accepting merge requests or even code snippets.
Ahh huh, I wonder if this was the plan the whole time then
Hmm that’s a scary conspiracy. Seems like checking that there are at least a handful of contributors needs to be part of adding new dependencies.
deleted by creator
@ebits21 #PySimpleGUI #python #opensource
🎶 Another bites the dust. 🎶
Moves like this are a bit… strange? It was on github. There are 1.8k forks, with intact LGPL. What is happening here? Is their dev work worth 99$/year ? Not saying people don’t deserve to get paid for their work. I’m just not seeing the business case for this.
They claim that not enough people donated, hence the change in licensing. But yeah, I don’t see the business case. I imagine commercial devs will just move on to something else.
It’s just a wrapper for other GUI libraries.
That and I’m sure it’ll be forked.
Yeah, if people didn’t think it was worth donating to before, they sure as shit aren’t going to pay for it now that it’s also closed source. What’s their value prop even supposed to be here?
This set of actions (making non Foss and deleting Foss code) will essentially blacklist it from any company that has used it in the past.
Last place I was at the process for getting legal to review and sign off on specific versions of a Foss was about 6 months, with one of the fields on the form being alternatives.
deleted by creator
Whether you are a Hobbyist User or Commercial User, you can start using PySimpleGUI at no cost. To get started with a 30-day trial period, first install Python and then
python -m pip install pysimplegui
…
You can try PySimpleGUI for 30 days, after which you will need to Sign Up. Hobbyist users sign up at no cost, and Commercial Users subscribe at $99/year. For more details, see PySimpleGUI.com/pricing.
How is this trial enforced?
How is this trial enforced?
Since it’s now closed source and they distribute what is possibly/probably/presumably a binary blob, the same way all the others are enforced. With some kind of DRM date checking whatever.
Does pip really allow binary blobs? That effectively makes it zero security.
To be fair it has some valid use cases, take ruff for example.
But pip/pypi does not have any proper security at all, and just blocking binary blobs wouldn’t make a difference when you can freely execute any python code during installation - Much like downloading an executable from any site online, you are expected to make sure you can trust whoever uploaded what you are downloading. You could say the same about other sites like GitHub too.
There is a fair difference still between source available and binary blob. The blob has essentially no chance of ever being audited.
Take a look at the Source Distribution files: https://pypi.org/project/PySimpleGUI/#files
As far as I can see, it’s still all just Python.
Sure, and it’s really nice for big compiled projects to not have to compile that on every update.
They injected some binary code to make a code object (and in doing so inject some obfuscation)… if someone wants to violate the new license, they can easily work around it via installing through pip, commenting out that license check… Not that I endorse library license violations.
I put up packages on pypi with the last LGPL code versions for my own usage. I don’t plan on updating them much, but they work for me.
PySimpleGUI-4-foss And psgtray-foss.
The user has to have a key to use the software, no free account then no key after 30 days unless the developer paid for the key.
Although rug-pulls like this are dubious to say the least, neither should FOSS contributors be hauled over the coals simply because, to justify continuing to commit more and more time to a project. they need to generate some kind of revenue. If more FOSS advocates donated reasonable amounts of money to the projects they use, this kind of bollocks would be much less frequent, and the long term stability of projects would increase dramatically. Sadly, way to many people donate nothing. And way too many companies, as well.
This is so sad. I’m especially bothered about the force push to change history. This was a great library. Now I guess it’s time to either use the fork or find something else.
The history change was probably to avoid violating the LGPL. If any contributors don’t agree with the change (or you don’t want to do the onerous task of getting consensus as required) you should remove their contributions from the work you make closed source as the contributions still come under LGPL until the original author consents to the change.
Or at least that’s what people said here.
That’s incorrect in that you have to remove the contributions from source code or get permission. Rewriting git history doesn’t get permission or remove history. It just hides it.
Can anyone recommend a good alternative?
PyQt.
Ah yes, the complete opposite of “simple” with 20x the boilerplate. Pysimplegui was alternative to pyqt for a good reason.
@ebits21 Here’s the last LGPL licensed PySimpleGUI v4:
I hear mojo a callin
If previous code was lgpl then anyone with a git repo can simply reupload it to git and continue the project under a different name.
To whomever owns this project: fuck you for taking the work of multiple people and just taking it for yourself.
Bruh. This is why I hate all the open source license that are not GPL. Are not free software. I am not bother to pay for it. But I am bother to not see the code :(
Only to a certain extent.
The problem is that a lot of software is very complex and requires full-time development/maintenance. It’s simply not possible to work on stuff for free unless this is just a hobby and you can sustain yourself with a main job.
The main thing I have a problem with this instance is the following sequence of events
- The developer licensed it as LGPL.
- They did not accept ANY contributions to the code.
- The project became popular enough for people to post about in the fediverse (quite popular then, I guess)
- They got donations for their work, but apparently it was not enough.
- They removed the project from being accessible and moved to a paid only model.
This tells me:
- Their intention all along was to abuse FOSS community for popularity, traction, clout and free testing by people who are also doing this stuff in their free time.
- They got donations, but for whatever reason it was not enough for them. => Were they expecting to make retirement level income from their project which is in a crowded segment?
Yeah if you really care about FOSS you should use GPL and not MIT BDS and a multiple license. Because at the end of the day the code can became close source in just a second. That is the point of GPL and the Foss. I am willing to pay with money because I can. But I am not willing to pay with trust.
What? The GPL would have offered no more protection for this exact scenario than the LGPL (or any other license for that matter).