They still have linked their OpenCollective account, where they have raised $10K and still have a balance of $5K. [0]
It's not a lot in the great scheme of things, but, have they been using a platform that's seemingly built for communities and open source to bootstrap their business?
Because this is not a 'open core' situation. They just closed the repo and ran away. If they had that idea all along, I feel like it hasn't be very, let's say, ethical.
Wait, so a company shared their work with the public for however long, then decided to leave what was shared up ... but stop sharing ... and you're upset?!?
They did everything properly by the rules of OSS, decided it wasn't in their best interest to keep doing OSS, and left all their code available, as required by OSS. They were a textbook good participant.
Meanwhile, 99% of companies never open source anything: why aren't you complaining about how "unethical" they are?
> and left all their code available, as required by OSS.
IANAL, and I don't have a horse in this race, but I don't think that's required by OSS, not by the spirit of "the law", and (at least) not by GPL, MIT, and other similar mainstream licenses.
The spirit of open source is: you buy (or just download for free) a binary, you get the 4 rights. Whatever happens when the developer/company stops distributing (whether at a cost or free as in beer) that binary is completely outside the scope of the license.
> a company shared their work with the public for however long, then decided to leave what was shared up
More like a company took advantage of a community that expected their freely offered labor to not be commercialized at any point in time without making available said works in a fully free vector as well, as that's an implicit expectation behind "open source".
Companies stand to turn a profit. OSS is here to help enable that or push the goal posts. It’s not a charity unless the org feels charitable. Sure, non-profits exist but they were never one of those.
I think the comment on corpos is good, but insulting the naive people will get you downvoted - it’s probably not their fault nobody told them about this sort of thing before and learning that lesson is probably disappointing enough already.
How can people still not understand that OSS can be abused?
It doesn't matter that the previous code is still available. Nobody can technically delete it from the internet, so that's hardly something they did "right".
The original maintainers are gone, and users will have to rely on someone else to pick up the work, or maintain it themselves. All of this creates friction, and fragments the community.
And are you not familiar with the concept of OSS rugpulls? It's when a company uses OSS as a marketing tool, and when they deem it's not profitable enough, they start cutting corners, prioritizing their commercial product, or, as in this case, shut down the OSS project altogether. None of this is being a "textbook good participant".
> Meanwhile, 99% of companies never open source anything: why aren't you complaining about how "unethical" they are?
Frankly, there are many companies with proprietary products that behave more ethically and have more respect for their users than this. The fact that a project is released as OSS doesn't make it inherently better. Seeing OSS as a "free gift" is a terrible way of looking at it.
> It doesn't matter that the previous code is still available…The original maintainers are gone, and users will have to rely on someone else to pick up the work, or maintain it themselves.
It does matter: popular products have been forked or the open-source component was reused. E.g. Terraform and OpenTofu, Redis and Redict, Docker and Colima (partly MinIO and RustFS; the latter is a full rewrite, but since the former was FOSS and it’s a “drop-in binary replacement”, I’m sure they looked at the code for reference…)
If your environment doesn’t have API changes and vulnerabilities, forking requires practically zero effort. If it does, the alternative to maintaining yourself or convincing someone to maintain it for you (e.g. with donations), is having the original maintainers keep working for free.
Although this specific product may be mostly closed source (they’ve had commercial addons before the announcement). If so, the problem here is thinking it was open in the first place.
You might want to get your arguments in order. In one sentence you're calling OSS rugpulls a problem, and then in another you're claiming that proprietary products behave more ethically.
So which is it? Is it less-ethical to have provided software as open source, and then later become a proprietary product? Why? I see having source code, even for an old/unmaintained product be strictly superior to having never provided the source code no matter how much "respect" the company has for their users today.
You might want to think about my argument a bit more.
> Is it less-ethical to have provided software as open source, and then later become a proprietary product? Why?
Because usually these companies use OSS as a marketing gimmick, not because they believe in it, or want to contribute to a public good. So, yes, this dishonesty is user hostile, and some companies with proprietary products do have more respect for their users. The freedoms provided by free software are a value add on top of essential values that any developer/company should have for the users of their software. OSS projects are not inherently better simply because the code is free to use, share, and modify.
To be fair, I don't think a developer/company should be expected to maintain an OSS project indefinitely. Priorities change, life happens. But being a good OSS steward means making this transition gradually, trying to find a new maintainer, etc., to avoid impacting your existing user base. Archiving the project and demanding payment is the epitome of hostile behavior.
It seems like you’re trying to build a system of ethics around being annoyed by OSS maintainers not working for free in perpetuity.
Having access to Apache licensed code that you can build off of is better than never having access to any code at all. Anything else about values or respect has to be inferred or imagined and has no bearing on the software itself.
Edit: Like who cares if they “wanted” to contribute to the public good? Did they actually contribute to the public good? It seems like they did and the code that did so is right there. If “life happens” then why are they obligated to do a smooth transition?
I love free stuff as much as the next person, hell, free stuff is my favorite kind of stuff. Is it annoying when there’s less free stuff? Yes. Does my personal irritation constitute a violation of a lofty set of ideals that just coincidentally dictates that nobody annoy me? No. I would love to live in a world where it just so happens that it’s ethically wrong to bother me though. That would be sweet.
That's what they always do it always comes down to a sense of perpetual entitlement over the work of others, work they themselves would never do.
I've had the same discussion for years now on HN. It is not unethical to decide to stop supporting something especially if you played by all the rules the entire time.
No one is owed perpetual labor and they completely disregard localstack has been oss for something like 10 years at this point just celebrate it had a good run, fork and maintain yourself if you need it that badly.
It is incredibly weird to think something that was maintained oss for 10 years is a rugpull that's just called life, circumstances change.
It's a matter of honesty and trust. A company that has never provided source code is more honest and trustworthy than one that provides source code, extracts community labor (by accepting issues and/or PRs) and then makes off with said labor (even if they left a frozen version available) at a future point.
“Open core” is when part of the product is open-source and part is private.
Was a significant part of the product private before this announcement?
If not, someone can fork the repo and immediately launch a competitor (FOSS or paid). (Technically even if so, except it wouldn’t be immediate, and if they’d have to re-implement too much, it would be easier to start from scratch.)
Yes there were significant portions that were proprietary before this, including support for some services.
The parts that were open source might still be worth forking, but you would probably need to change every occurrence of the name to avoid trademark issues.
I evangelized localstack at my company a while back, but as we integrated it deeper into our CI test runs we started running into more and more things they don't support, and it feels impossible to get any attention from their support/devs despite being paying customers.
Their Cloud Pod and ephemeral instance features in particular feel pretty half-baked and not very useful at the moment.
Fun tangent: it's pretty easy to write a crack for the pro version; we actually used that for about a month as a pilot to confirm that it would do what we needed it to.
I too was excited about the idea originally but then started realizing that they will have an increasingly untenable service area to try and maintain and mimic and it was just never going to work out.
It does seem like LLMs might make that a real proposition; of course, after these commercial enterprises steal copyright, copyleft and open source code, and the tooling gets good enough to download their cars, a new legion of DMCA lawyers and lobbies will be unleashed.
Prep yourself though for that napster bloom, it'll be here shortly.
First minio and then localstack, as an open source maintainer I find that abandoning their community is bad faith. I totally get wanting to monetize but removing the free product entirely feels like such a betrayel.
Luckily, I've been vibing with Devin since this started having it build a cleanbox emulator on top of real s3 tuned for my specific use case. It's a lot less general but it's much faster and easy to add the sort of assertions I need in it. It's no localstack but for my limited use case it works.
It does feel like a betrayal. We live in a world where money is the main thing that matters and it's increasingly hard to come by and you need increasingly more of it (these are all designed policies, not emergent behavior). It makes sense that people don't want to do things for free unless they already have enough money.
Engineers who remained apolitical are now surprised the politics is bad.
More reason to run your infrastructure using open source software in your own datacenter. OpenStack has been around for closing in on two decades, running clouds and being mostly governance-drama-free.
It's not surprising that a proprietary ecosystem built on open source software locked up behind a gate doesn't make a worthwhile ecosystem for building open source tooling against.
Running OpenStack for this is a massive project cost compared to spinning up a few local services, and the operational mess is on a different planet from "I need to fake a handful of API calls on my laptop". Self-hosting still means updates, drivers, and k8s/OpenStack glue code. Nobody sane are doing that for local dev, use Minikube or Podman if you want DIY and still like weekends.
I'm saying not that OpenStack can replace LocalStack, but instead that LocalStack, by building a project on top of proprietary APIs, set themselves up to fail.
This is true, sadly -- but the documentation exists and community is friendly to those who wanna build those skills. It's extremely difficult to build something the size of OpenStack without making it so configurable that operating it needs a decoder ring. I'm doing everything I can in Ironic to make it more friendly and flexible out of the box, but it's a difficult problem to solve.
I always tell people: OpenStack can do almost anything you want... if you can configure it to do so :).
There's a reason I point out the longevity of OpenStack. As a project, it has significant corporate sponsorship and policies to ensure that one entity can't take over control of it. For instance; the OpenStack Technical Committee is never permitted to have a majority membership made up of a single entity's employees. This means that even though Red Hat, at this stage in it's development, has a majority of contribution, the project itself can never be taken over by a single entity.
People find project governance, and particularly "corporate" involvement in open source to be distasteful -- but in my experience, and OpenStack is a winning example of this -- setting up good boundaries to let companies work together has proven to be sustainable.
> This means that even though Red Hat, at this stage in it's development, has a majority of contribution, the project itself can never be taken over by a single entity.
If it's one company with the majority of contributions then they can just stop contributing (or put their efforts into a proprietary fork) and all that you're left with is the code and the name. Which is maybe better than "just the code", but not by much.
They were, but they moved off them - probably with a move away from OSS as a long term plan.
I've used Localstack extensively for ~7 years, and I will rejoice when I can finally be free of it. I've found it to be low quality software, and full of bugs.
It didn't support the one thing I wanted but it was so easy to find the right place in the code, I was happy. Never got to continue it though or turn it into a PR
For S3 emulation, I'm using rustfs. It's very compact and fast to run, and you can just start it with `docker run` inside tests if you don't want to set up a full integration test harness.
I used an SQS-on-top-of-Redis emulation before, but I can't recommended it now (no updates for 6 years).
Complete coincidence but today I was looking for an AWS mock for E2E tests. Not the whole AWS footprint but just a few services and looked at LocalStack for the first time.
It took Claude to put together a service (with web interface and everything) for those 2 services 15 mins.
I’m not claiming my experience is translated universally but perhaps if your core competency is something like LocalStack you need to think about alternative business ideas.
Well LLMs are trained on code like those from Localstack, and a lot of them can be emulated to first order as CRUD operations, so its rather unsurprising. It does mean that things do become difficult for pure tech SaaS businesses like this one, and as also seen with Tailwind.
There's going to be a lot of complaints about open-source restricting access.
It's going to keep happening because it just doesn't make sense for a lot of previous business models that supported and open-source project, something that was seen recently with tailwind.
In one of my projects, one that remains source-available, I had encountered an "open-source justice warrior" that made it their mission to smear the project because of the switch, grasping at straws to do everything they could to paint my intentions as malicious.
It's really too bad, and will only hurt the availability of free alternatives if one cannot provide the source under a "just don't commercially compete with the paid version of the product" license without getting branded as a scamming cash grabber
Source available with various arbitrary restriction is non-free software. What the "open source warriors" take exception to is presenting a project as "open source" or "free" when in reality it is not.
A thing cannot be considered free/open source if there are restrictions on what users can do with it. If a maintainer wishes to put a "don't compete commercially" license then it should be clearly labelled as source available, not open source. To do otherwise is to deceive the open source community, which has a particular and well defined understanding of what "open source" entails.
> 6. No Discrimination Against Fields of Endeavor
>
> The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
A non-commercial clause is a discrimination against a field of endeavor and thus non-open-source. The license cannot restrict how the user is able to *use* the software and still be open source. There can however be requirements to distribute the source code when distributing the software, ala GPL.
My main complaint about the project changes we've seen lately is that these companies are happy to take all the code that previous contributors have written for free in good faith, and profit off of it without any sharing. The whole reason I and many people have contributed to some of the projects out there is under the premise that I've been given something great/useful for free so I'm going to give back for free. If you want to create a project that's source-available or whatever you want to call it, from the start, you'll probably even get my support.
Sure, it's totally legal for the company to change how they operate in the future. But it burns all that good faith of previous contributions in favor of profit. And so yeah, I hope the companies that pull this crash and burn in proportion to how much free code they accepted from contributors that they now wish to profit from.
IMO, the trajectory was set back when they removed the option for monthly payments. Minimum US$450 to play made it a non-starter for my projects (even with commercial ambitions). They changed this just as I started to integrate (~2024, I think) so I kept to the free capabilities. Have been waiting for the other show to drop and here we are.
Edit: looks like they’ve reintroduced monthly billing within the last few months. I guess that’s a sort of win, even if not for the OSS community. But I’d still be reluctant to get into bed with them at this stage.
It's not a lot in the great scheme of things, but, have they been using a platform that's seemingly built for communities and open source to bootstrap their business?
Because this is not a 'open core' situation. They just closed the repo and ran away. If they had that idea all along, I feel like it hasn't be very, let's say, ethical.
--
They did everything properly by the rules of OSS, decided it wasn't in their best interest to keep doing OSS, and left all their code available, as required by OSS. They were a textbook good participant.
Meanwhile, 99% of companies never open source anything: why aren't you complaining about how "unethical" they are?
IANAL, and I don't have a horse in this race, but I don't think that's required by OSS, not by the spirit of "the law", and (at least) not by GPL, MIT, and other similar mainstream licenses.
The spirit of open source is: you buy (or just download for free) a binary, you get the 4 rights. Whatever happens when the developer/company stops distributing (whether at a cost or free as in beer) that binary is completely outside the scope of the license.
More like a company took advantage of a community that expected their freely offered labor to not be commercialized at any point in time without making available said works in a fully free vector as well, as that's an implicit expectation behind "open source".
Companies stand to turn a profit. OSS is here to help enable that or push the goal posts. It’s not a charity unless the org feels charitable. Sure, non-profits exist but they were never one of those.
It doesn't matter that the previous code is still available. Nobody can technically delete it from the internet, so that's hardly something they did "right".
The original maintainers are gone, and users will have to rely on someone else to pick up the work, or maintain it themselves. All of this creates friction, and fragments the community.
And are you not familiar with the concept of OSS rugpulls? It's when a company uses OSS as a marketing tool, and when they deem it's not profitable enough, they start cutting corners, prioritizing their commercial product, or, as in this case, shut down the OSS project altogether. None of this is being a "textbook good participant".
> Meanwhile, 99% of companies never open source anything: why aren't you complaining about how "unethical" they are?
Frankly, there are many companies with proprietary products that behave more ethically and have more respect for their users than this. The fact that a project is released as OSS doesn't make it inherently better. Seeing OSS as a "free gift" is a terrible way of looking at it.
It does matter: popular products have been forked or the open-source component was reused. E.g. Terraform and OpenTofu, Redis and Redict, Docker and Colima (partly MinIO and RustFS; the latter is a full rewrite, but since the former was FOSS and it’s a “drop-in binary replacement”, I’m sure they looked at the code for reference…)
If your environment doesn’t have API changes and vulnerabilities, forking requires practically zero effort. If it does, the alternative to maintaining yourself or convincing someone to maintain it for you (e.g. with donations), is having the original maintainers keep working for free.
Although this specific product may be mostly closed source (they’ve had commercial addons before the announcement). If so, the problem here is thinking it was open in the first place.
You might want to get your arguments in order. In one sentence you're calling OSS rugpulls a problem, and then in another you're claiming that proprietary products behave more ethically.
So which is it? Is it less-ethical to have provided software as open source, and then later become a proprietary product? Why? I see having source code, even for an old/unmaintained product be strictly superior to having never provided the source code no matter how much "respect" the company has for their users today.
> Is it less-ethical to have provided software as open source, and then later become a proprietary product? Why?
Because usually these companies use OSS as a marketing gimmick, not because they believe in it, or want to contribute to a public good. So, yes, this dishonesty is user hostile, and some companies with proprietary products do have more respect for their users. The freedoms provided by free software are a value add on top of essential values that any developer/company should have for the users of their software. OSS projects are not inherently better simply because the code is free to use, share, and modify.
To be fair, I don't think a developer/company should be expected to maintain an OSS project indefinitely. Priorities change, life happens. But being a good OSS steward means making this transition gradually, trying to find a new maintainer, etc., to avoid impacting your existing user base. Archiving the project and demanding payment is the epitome of hostile behavior.
Having access to Apache licensed code that you can build off of is better than never having access to any code at all. Anything else about values or respect has to be inferred or imagined and has no bearing on the software itself.
Edit: Like who cares if they “wanted” to contribute to the public good? Did they actually contribute to the public good? It seems like they did and the code that did so is right there. If “life happens” then why are they obligated to do a smooth transition?
I love free stuff as much as the next person, hell, free stuff is my favorite kind of stuff. Is it annoying when there’s less free stuff? Yes. Does my personal irritation constitute a violation of a lofty set of ideals that just coincidentally dictates that nobody annoy me? No. I would love to live in a world where it just so happens that it’s ethically wrong to bother me though. That would be sweet.
I've had the same discussion for years now on HN. It is not unethical to decide to stop supporting something especially if you played by all the rules the entire time.
No one is owed perpetual labor and they completely disregard localstack has been oss for something like 10 years at this point just celebrate it had a good run, fork and maintain yourself if you need it that badly.
It is incredibly weird to think something that was maintained oss for 10 years is a rugpull that's just called life, circumstances change.
The code is all there mate.
Their time and efforts and ongoing contributions to the project are not.
OSS is not about fairness and free work from people. It's just putting the code out there in public.
Was a significant part of the product private before this announcement?
If not, someone can fork the repo and immediately launch a competitor (FOSS or paid). (Technically even if so, except it wouldn’t be immediate, and if they’d have to re-implement too much, it would be easier to start from scratch.)
The parts that were open source might still be worth forking, but you would probably need to change every occurrence of the name to avoid trademark issues.
Their Cloud Pod and ephemeral instance features in particular feel pretty half-baked and not very useful at the moment.
Fun tangent: it's pretty easy to write a crack for the pro version; we actually used that for about a month as a pilot to confirm that it would do what we needed it to.
Prep yourself though for that napster bloom, it'll be here shortly.
Luckily, I've been vibing with Devin since this started having it build a cleanbox emulator on top of real s3 tuned for my specific use case. It's a lot less general but it's much faster and easy to add the sort of assertions I need in it. It's no localstack but for my limited use case it works.
Engineers who remained apolitical are now surprised the politics is bad.
It's not surprising that a proprietary ecosystem built on open source software locked up behind a gate doesn't make a worthwhile ecosystem for building open source tooling against.
I always tell people: OpenStack can do almost anything you want... if you can configure it to do so :).
Until they stop being open source. Like, you know, LocalStack.
People find project governance, and particularly "corporate" involvement in open source to be distasteful -- but in my experience, and OpenStack is a winning example of this -- setting up good boundaries to let companies work together has proven to be sustainable.
If it's one company with the majority of contributions then they can just stop contributing (or put their efforts into a proprietary fork) and all that you're left with is the code and the name. Which is maybe better than "just the code", but not by much.
1. be table-stakes for a SDK from the cloud providers themselves
2. have the obvious home in a foundation like the CNCF; how else could you be "cloud native" afterall?
https://github.com/getmoto/moto
I've used Localstack extensively for ~7 years, and I will rejoice when I can finally be free of it. I've found it to be low quality software, and full of bugs.
It didn't support the one thing I wanted but it was so easy to find the right place in the code, I was happy. Never got to continue it though or turn it into a PR
I have some bad news for you: https://news.ycombinator.com/item?id=47000041
Too late.
I used an SQS-on-top-of-Redis emulation before, but I can't recommended it now (no updates for 6 years).
It took Claude to put together a service (with web interface and everything) for those 2 services 15 mins.
I’m not claiming my experience is translated universally but perhaps if your core competency is something like LocalStack you need to think about alternative business ideas.
It's going to keep happening because it just doesn't make sense for a lot of previous business models that supported and open-source project, something that was seen recently with tailwind.
In one of my projects, one that remains source-available, I had encountered an "open-source justice warrior" that made it their mission to smear the project because of the switch, grasping at straws to do everything they could to paint my intentions as malicious.
It's really too bad, and will only hurt the availability of free alternatives if one cannot provide the source under a "just don't commercially compete with the paid version of the product" license without getting branded as a scamming cash grabber
> 6. No Discrimination Against Fields of Endeavor > > The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
A non-commercial clause is a discrimination against a field of endeavor and thus non-open-source. The license cannot restrict how the user is able to *use* the software and still be open source. There can however be requirements to distribute the source code when distributing the software, ala GPL.
Sure, it's totally legal for the company to change how they operate in the future. But it burns all that good faith of previous contributions in favor of profit. And so yeah, I hope the companies that pull this crash and burn in proportion to how much free code they accepted from contributors that they now wish to profit from.
Edit: I see now, they have commercial offerings: https://www.localstack.cloud/pricing
I am not sure if my corp will be willing to pay or tell us to find something else, but I use it everyday, our integration tests depend on local stack.
Edit: looks like they’ve reintroduced monthly billing within the last few months. I guess that’s a sort of win, even if not for the OSS community. But I’d still be reluctant to get into bed with them at this stage.