Dealing with 5 year old code is okay now. In 10 years it will cause you pain. It's like going back to an ex after you lose attraction. It never works out and hurts both parties (in this case your users, because you won't maintain it or want to pretty soon)
lol. To be clear I like her the way she is... It did not work financially but I believe it is a neat piece of code. I keep "using it" myself regularly ;)
I believe the Haiku people open sourced after their company was down, I saw it as an act of good faith towards the people who trusted them, I say try open sourcing it, who knows what the future holds...
> However, I can also foresee a lot of technical and legal complications, not to mention potential maintenance burdens.
Shouldn't have a maintenance burden. That burden will be extinguished with the corporation.
If I were you, I'd put it on github with a corporate account, leave a readme that it's abandoned and then mark the repo read-only.
Let (interested) customers know and encourage them to fork it. Disable issues and pull requests before you publish.
Alternatively, put a source dump on your website, and let people know they can put it on Github, but you're not doing it. If nobody republishes it before the corporate site goes down, it is what it is.
What you say makes sense if there actually is a corporate shield.
Because “startup” is often used in a weak sense only to mean “new business,” there may not be corporate protections for the beneficial owners of this startup.
If it is a Silicon Valley style startup, then the founders probably ought to talk to their investors because that relationship matters and the investors probably know something about open sourcing code bases from shut downs.
Open source but make it clear that the project will not receive any updates. If any of your clients want to pick it up they will be able to fork it.
> Legal complications
If your code was written by you and you are not infringing on any patents and you don't have any client data in your repos, you should be fine I guess, but I am not a lawyer.
Just make it MIT and open it to the public. Make sure there are no keys or credentials in the repos either.
Thanks for the advice. One fear I have is about security. Is the code is exposed, it will be way easier to exploit potential security flaws... I will not be able to just do nothing if this is the case .. Ill end up wanting it.
> It will be way easier to exploit potential security flaws.
It will be also easier for other people to find them and report or fix them.
In general it's a bad plan to rely on code secrecy for security. It's security through obscurity which never works out. All the cryptography schemes and algorithms are public. Most of the public internet runs on open source code. Transparency is a strength, not a weakness.
This is the risk we accept when we use something like this. I think it's fine to put it up. If there are security issues, the community of people that use it can respond accordingly.
I would recommend you make it open source. I've also done this the past as well.
Even if it's a project that is not maintained you don't know how it might help someone else.
This really depends on what field the product is in.
In my opinion; if you can't sell it you could also try to hand it over to another company / third party. Finding someone to take over a project takes a bit of time but it'd allow for it to survive.
However you need legal advice, fast. First talk to a lawyer who understands this.
If you really want to put an open source project out in the world the right way, taking what you learned and building an appropriate code base might be a better route.
And if you don’t really want to put an open source project out in the world, that’s okay.
Your customers had an interest in paying you enough to stay in business. They did not pay enough (and maybe because you did not charge enough).
And to me, it seems like you are probably ready to move on and now is probably a good time for moving on. Good luck.
What does "appropriate code base mean"? If I did it, then I would of course cleanse a bit here and there, make the corpse prettier as somebody wrote in another comment. More thant that, however, is an amount of work which is just not viable. Thanks!
Yeah, no one wants some abandoned open source project for a defunct business. The only value is in code that is living and maintained. So if you're not willing to make it a living, maintained codebase, then don't bother releasing your source code, it's not even worth 10 hours of your time, since no one will use it.
> Yeah, no one wants some abandoned open source project for a defunct business.
That's not true. The OP mentions there are current users. Some of the current customers might be able to use ANY distribution to patch problems for a while. Eventually, someone mightneed to decide on serious maintenance or not. But initially it quite possibly would not require much.
When there are current users, the future may not be a thriving project but may be simply a patched up current solution. Nothing wrong with that.
I suspect this is the case pretty often: a current solution is not great but it's in place. The code itself is nothing to write home about, but it's in place. Patching problems in the code might be the easier path for the user.
An open source code base built for long term collaboration is likely to be organized differently than a code base written under desperate business conditions (which a dying company is).
Or to put it another way, if it’s not a hell-yes, it’s a No in practice. Even if you don’t want it to be one. Open source projects need enthusiasm. Only Google can get away with throwing code over the wall.
I think it could be a nice emotional ending to the journey if that's where you are. At least it's 'out there' in the world and you can move on. I'll be a one time effort to get it out there, but then can be community supported.
> some of our most loyal users are now asking us to open source it
In exchange of the code ask them to make a non profit organization and handle the rights to them. They will be responsibles for their security in case of vulnerabilities.
If you have the rights/if your customers will tolerate it.
EDIT: to clarify as I realize that was pretty vague.
1) Depending on how you use your dependencies you may have a licensing conflict that makes the GPL incompatible.
2) I think your shareholders/VCs/whoever holds the equity (or if you're bankrupt the senior bondholders) probably own the copyright for the code so you would need their permission.
I wouldn't do it. It'd be like a dead lover. Don't get suckered into prettying up her corpse on the off chance your opinion of necrophilia changes.
100%.
Dealing with 5 year old code is okay now. In 10 years it will cause you pain. It's like going back to an ex after you lose attraction. It never works out and hurts both parties (in this case your users, because you won't maintain it or want to pretty soon)
Whoa... wasn't expecting that as a reply
lol. To be clear I like her the way she is... It did not work financially but I believe it is a neat piece of code. I keep "using it" myself regularly ;)
I believe the Haiku people open sourced after their company was down, I saw it as an act of good faith towards the people who trusted them, I say try open sourcing it, who knows what the future holds...
> However, I can also foresee a lot of technical and legal complications, not to mention potential maintenance burdens.
Shouldn't have a maintenance burden. That burden will be extinguished with the corporation.
If I were you, I'd put it on github with a corporate account, leave a readme that it's abandoned and then mark the repo read-only.
Let (interested) customers know and encourage them to fork it. Disable issues and pull requests before you publish.
Alternatively, put a source dump on your website, and let people know they can put it on Github, but you're not doing it. If nobody republishes it before the corporate site goes down, it is what it is.
What you say makes sense if there actually is a corporate shield.
Because “startup” is often used in a weak sense only to mean “new business,” there may not be corporate protections for the beneficial owners of this startup.
If it is a Silicon Valley style startup, then the founders probably ought to talk to their investors because that relationship matters and the investors probably know something about open sourcing code bases from shut downs.
Open source but make it clear that the project will not receive any updates. If any of your clients want to pick it up they will be able to fork it.
> Legal complications
If your code was written by you and you are not infringing on any patents and you don't have any client data in your repos, you should be fine I guess, but I am not a lawyer.
Just make it MIT and open it to the public. Make sure there are no keys or credentials in the repos either.
Thanks for the advice. One fear I have is about security. Is the code is exposed, it will be way easier to exploit potential security flaws... I will not be able to just do nothing if this is the case .. Ill end up wanting it.
> It will be way easier to exploit potential security flaws.
It will be also easier for other people to find them and report or fix them.
In general it's a bad plan to rely on code secrecy for security. It's security through obscurity which never works out. All the cryptography schemes and algorithms are public. Most of the public internet runs on open source code. Transparency is a strength, not a weakness.
What's to exploit? The company won't exist anymore...
People's servers hosting it. I will not be officially responsible but anyway not nice. I may be just paranoid
This is the risk we accept when we use something like this. I think it's fine to put it up. If there are security issues, the community of people that use it can respond accordingly.
I would recommend you make it open source. I've also done this the past as well. Even if it's a project that is not maintained you don't know how it might help someone else.
This really depends on what field the product is in.
In my opinion; if you can't sell it you could also try to hand it over to another company / third party. Finding someone to take over a project takes a bit of time but it'd allow for it to survive.
However you need legal advice, fast. First talk to a lawyer who understands this.
I would suggest putting it out as open source with a permissive license that don't require upstream commitment.
Because you don't want to become a maintainer. Just make it clear that it is provided as-is, without support.
It does after all represent a lot of value having been poured into it, worthy of a better ending than rm -rf, even if it didn't reach break-even.
[random advice from the internet]
If you really want to put an open source project out in the world the right way, taking what you learned and building an appropriate code base might be a better route.
And if you don’t really want to put an open source project out in the world, that’s okay.
Your customers had an interest in paying you enough to stay in business. They did not pay enough (and maybe because you did not charge enough).
And to me, it seems like you are probably ready to move on and now is probably a good time for moving on. Good luck.
What does "appropriate code base mean"? If I did it, then I would of course cleanse a bit here and there, make the corpse prettier as somebody wrote in another comment. More thant that, however, is an amount of work which is just not viable. Thanks!
Yeah, no one wants some abandoned open source project for a defunct business. The only value is in code that is living and maintained. So if you're not willing to make it a living, maintained codebase, then don't bother releasing your source code, it's not even worth 10 hours of your time, since no one will use it.
> Yeah, no one wants some abandoned open source project for a defunct business.
That's not true. The OP mentions there are current users. Some of the current customers might be able to use ANY distribution to patch problems for a while. Eventually, someone mightneed to decide on serious maintenance or not. But initially it quite possibly would not require much.
When there are current users, the future may not be a thriving project but may be simply a patched up current solution. Nothing wrong with that.
I suspect this is the case pretty often: a current solution is not great but it's in place. The code itself is nothing to write home about, but it's in place. Patching problems in the code might be the easier path for the user.
An open source code base built for long term collaboration is likely to be organized differently than a code base written under desperate business conditions (which a dying company is).
Or to put it another way, if it’s not a hell-yes, it’s a No in practice. Even if you don’t want it to be one. Open source projects need enthusiasm. Only Google can get away with throwing code over the wall.
I think it could be a nice emotional ending to the journey if that's where you are. At least it's 'out there' in the world and you can move on. I'll be a one time effort to get it out there, but then can be community supported.
> some of our most loyal users are now asking us to open source it
In exchange of the code ask them to make a non profit organization and handle the rights to them. They will be responsibles for their security in case of vulnerabilities.
See if you can put it under the [a]GPL and create a consulting niche around it.
That is interesting. May I ask what do you mean by "if you can"? Thx
If you have the rights/if your customers will tolerate it.
EDIT: to clarify as I realize that was pretty vague.
1) Depending on how you use your dependencies you may have a licensing conflict that makes the GPL incompatible.
2) I think your shareholders/VCs/whoever holds the equity (or if you're bankrupt the senior bondholders) probably own the copyright for the code so you would need their permission.
See if you can auction it off - at least you'll make some money that way.
Sell it to a customer for pennies (or more, if they're willing), have them/allow them to open source it.
What is the product and source code about?