this post was submitted on 18 Feb 2024
146 points (98.7% liked)

Python

6331 readers
303 users here now

Welcome to the Python community on the programming.dev Lemmy instance!

πŸ“… Events

PastNovember 2023

October 2023

July 2023

August 2023

September 2023

🐍 Python project:
πŸ’“ Python Community:
✨ Python Ecosystem:
🌌 Fediverse
Communities
Projects
Feeds

founded 1 year ago
MODERATORS
 

Previously LGPL, now re-licensed as closed-source/commercial. Previous code taken down.

Commercial users pay $99/year, free for personal use but each user has to make a free account after a trial period.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 89 points 8 months ago* (last edited 8 months ago) (3 children)

If this project has other contributors, imagine how betrayed they must be.

Opening the project as FOSS until it becomes popular and then closing it to make money is such a scummy tactic

[–] [email protected] 37 points 8 months ago* (last edited 8 months ago) (2 children)

Fork the last commit with a LGPL commit?

GPL mentions explicitly that it is irrevocable, where as LGPL doesn't mention anything about it. IANAL, but it looks like there is a case for irrevocable without violation of clauses by default https://opensource.stackexchange.com/questions/4012/are-licenses-irrevocable-by-default#4013

For people considering contributing to FOSS in the future, maybe check for irrevocable clauses? I wish licenses selectors https://choosealicense.com highlighted this part more clearly.

[–] CosmicTurtle 13 points 8 months ago

Also depends on the contributions terms.

If they were a traditional FOSS, they can't change the terms without all contributors agreeing or removing/modifying the contributed code so that they no longer have ownership of their authored sections.

Either way, it's a dick move.

[–] fidodo 7 points 8 months ago (2 children)

Can't anyone just fork one of the LGPL versions and start a new project?

[–] [email protected] 6 points 8 months ago

@fidodo @SkyNTP Sure, but unless that someone keeps it updated that fork will be useless soon. And that looks like a lot of (unpaid) work.

I like the project (was surprised to even see my user name in the contributor list) but stopped using it because I couldn’t get accessibility working (mainly no full keyboard shortcuts).

For me, buying a yearly developer license to have a few GUI pop-ups at work is something I’ll only consider if I run out of options.

[–] [email protected] 12 points 8 months ago (1 children)

Never sign over copyright. If they didn't, they can sue.

[–] [email protected] 7 points 8 months ago

I've had to sign specific paperwork regarding copyright for just big projects, many smaller ones take contributions without paperwork, which would leave the rights with each contributor. They be better dot their i's and cross their t's, it just the legal fees could isnk them before making any money from the commercial license.

IANAL, just in case.

[–] [email protected] 4 points 8 months ago

If any contributors haven't signed a contract letting them close the source, this opens them up to lawsuits.

[–] turbowafflz 39 points 8 months ago (1 children)

Does the LGPL really allow that or did they make all the contributors agree to allow their code to be relicensed?

[–] [email protected] 38 points 8 months ago (2 children)

Previous versions licensed under LGPL will remain licensed as such. The current maintainers have no obligation to contribute distributing the older versions, but they aren't permitted to prevent others from distributing it or modifying or doing anything else that was permitted by the license.

And, yes, to change from GPL/LGPL to another license you would need all of the contributors to consent, or to rewrite the parts that were contributed by anyone who doesn't agree with the license change. Since it looks like there only one contributor according to the GitHub page, this probably wasn't too difficult.

[–] turbowafflz 21 points 8 months ago (1 children)

Was there only ever one contributor? There's only one now, but all the old commits have been removed.

[–] [email protected] 18 points 8 months ago (1 children)

They apparantly had a police of not accepting merge requests or even code snippets.

[–] turbowafflz 16 points 8 months ago (1 children)

Ahh huh, I wonder if this was the plan the whole time then

[–] JayPalm 3 points 8 months ago

Hmm that’s a scary conspiracy. Seems like checking that there are at least a handful of contributors needs to be part of adding new dependencies.

[–] [email protected] 26 points 8 months ago (12 children)

@ebits21 #PySimpleGUI #python #opensource

🎢 Another bites the dust. 🎢

Moves like this are a bit... strange? It was on github. There are 1.8k forks, with intact LGPL. What is happening here? Is their dev work worth 99$/year ? Not saying people don't deserve to get paid for their work. I'm just not seeing the business case for this.

[–] [email protected] 18 points 8 months ago* (last edited 8 months ago) (1 children)

They claim that not enough people donated, hence the change in licensing. But yeah, I don’t see the business case. I imagine commercial devs will just move on to something else.

It’s just a wrapper for other GUI libraries.

That and I’m sure it’ll be forked.

[–] [email protected] 7 points 8 months ago

Yeah, if people didn't think it was worth donating to before, they sure as shit aren't going to pay for it now that it's also closed source. What's their value prop even supposed to be here?

load more comments (11 replies)
[–] [email protected] 21 points 8 months ago (1 children)

This set of actions (making non Foss and deleting Foss code) will essentially blacklist it from any company that has used it in the past.

Last place I was at the process for getting legal to review and sign off on specific versions of a Foss was about 6 months, with one of the fields on the form being alternatives.

load more comments (1 replies)
[–] [email protected] 17 points 8 months ago (2 children)

Whether you are a Hobbyist User or Commercial User, you can start using PySimpleGUI at no cost. To get started with a 30-day trial period, first install Python and then

python -m pip install pysimplegui

...

You can try PySimpleGUI for 30 days, after which you will need to Sign Up. Hobbyist users sign up at no cost, and Commercial Users subscribe at $99/year. For more details, see PySimpleGUI.com/pricing.

How is this trial enforced?

[–] [email protected] 17 points 8 months ago (2 children)

How is this trial enforced?

Since it's now closed source and they distribute what is possibly/probably/presumably a binary blob, the same way all the others are enforced. With some kind of DRM date checking whatever.

[–] [email protected] 11 points 8 months ago (3 children)

Does pip really allow binary blobs? That effectively makes it zero security.

[–] [email protected] 6 points 8 months ago (1 children)

To be fair it has some valid use cases, take ruff for example.

But pip/pypi does not have any proper security at all, and just blocking binary blobs wouldn't make a difference when you can freely execute any python code during installation - Much like downloading an executable from any site online, you are expected to make sure you can trust whoever uploaded what you are downloading. You could say the same about other sites like GitHub too.

[–] [email protected] 6 points 8 months ago

There is a fair difference still between source available and binary blob. The blob has essentially no chance of ever being audited.

[–] [email protected] 3 points 8 months ago

Take a look at the Source Distribution files: https://pypi.org/project/PySimpleGUI/#files

As far as I can see, it's still all just Python.

load more comments (1 replies)
[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

They injected some binary code to make a code object (and in doing so inject some obfuscation).. if someone wants to violate the new license, they can easily work around it via installing through pip, commenting out that license check... Not that I endorse library license violations.

I put up packages on pypi with the last LGPL code versions for my own usage. I don't plan on updating them much, but they work for me.

PySimpleGUI-4-foss And psgtray-foss.

[–] [email protected] 8 points 8 months ago

The user has to have a key to use the software, no free account then no key after 30 days unless the developer paid for the key.

[–] [email protected] 9 points 8 months ago

Although rug-pulls like this are dubious to say the least, neither should FOSS contributors be hauled over the coals simply because, to justify continuing to commit more and more time to a project. they need to generate some kind of revenue. If more FOSS advocates donated reasonable amounts of money to the projects they use, this kind of bollocks would be much less frequent, and the long term stability of projects would increase dramatically. Sadly, way to many people donate nothing. And way too many companies, as well.

[–] [email protected] 5 points 8 months ago (1 children)

This is so sad. I'm especially bothered about the force push to change history. This was a great library. Now I guess it's time to either use the fork or find something else.

[–] [email protected] 4 points 8 months ago (1 children)

The history change was probably to avoid violating the LGPL. If any contributors don't agree with the change (or you don't want to do the onerous task of getting consensus as required) you should remove their contributions from the work you make closed source as the contributions still come under LGPL until the original author consents to the change.

Or at least that's what people said here.

[–] [email protected] 4 points 8 months ago

That's incorrect in that you have to remove the contributions from source code or get permission. Rewriting git history doesn't get permission or remove history. It just hides it.

[–] [email protected] 4 points 8 months ago (1 children)

Can anyone recommend a good alternative?

load more comments
view more: next β€Ί