Amber Linux License
BSL GPL v3 on 2030-05-01

A license for a hostile environment

Amber Linux is released under a custom Business Source License. Non-commercial use is free. On 1 May 2030, every project in this repository converts automatically and irrevocably to GPL v3 — forever. Here is why a FOSS developer who has sponsored Linux Mint for a decade chose to do that.

Copyright © 2025 Andre Bremer
Until Change Date Business Source License
Change Date 2030-05-01
After Change Date GNU GPL v3
Governing law Federal Republic of Germany
Why not pure GPL from the start

FOSS is under sustained, structural attack

The open source ecosystem has been strip-mined for thirty years. In the early days the threat came from proprietary companies who took your code, added nothing back, and sold closed-source products. The community built copyleft — the GPL — to close that door. It worked, mostly.

The new threat is harder. Cloud hyperscalers discovered that hosting an open source project as a managed service requires no copyright violation at all. You can run many copyleft codebases as a cloud service and pay the author nothing, as long as you never modify the source. AWS built businesses worth billions doing exactly this. Redis, Elasticsearch, MongoDB — each one was running on Amazon infrastructure before the authors had a chance to build their own commercial model around their own decade of work.

The maintainers were left with a choice between changing their licenses and being called traitors to FOSS, or watching a trillion-dollar company take the value they created. Most changed their licenses.

Amber Linux is a small project. I am not Redis. I am not fighting AWS. But I watch the ecosystem and I understand the precedent, and I am not going to hand a commercial exploit window to the first operator who notices this project before 2030.

The record

Cloud extraction

AWS ran Elasticsearch, Redis, and MongoDB as managed services, collecting commercial fees on a decade of open source work. All three eventually changed their licenses. AWS forked Elasticsearch as OpenSearch. The community forked HashiCorp's Terraform — which also moved to BSL — as OpenTofu. The forks exist. The economics that created them remain unchanged.

Supply chain infiltration

In early 2024, a patient, careful actor spent two years building trust as a maintainer of xz-utils — the compression library that underpins vast amounts of Linux infrastructure — then inserted a backdoor that would have compromised SSH authentication across millions of production systems. It was caught by accident. The attack was near-complete before anyone noticed.

Before that: event-stream (2018, 2M downloads/week, cryptomining injected via maintainer handoff), node-ipc (2022, geopolitical malware in a widely-used npm package), and a long list of dependency-confusion and typosquatting attacks that continue today.

AI training without consent

Every major large language model was trained on open source code and text. No author was asked. No license was read carefully. The reasoning was that publicly available means freely usable for any purpose, including commercial model training. GitHub Copilot, Claude, GPT-4 — all of them absorbed open source repositories under that assumption.

The explicit AI training restriction in this license is not theoretical. It exists because the practice is ongoing, widespread, and commercially motivated.

Impersonation and scam fundraising

Open source communities attract impersonators who create convincing clones of projects and donation pages, then collect money that never reaches the original developers or the projects they support. This site runs a fundraiser for Linux Mint. Before you give to anyone claiming to fundraise for a FOSS project, verify them on the project's own official channels.

See the verification steps on the homepage for how to confirm that Amber Linux's fundraiser is legitimate.

The license in plain language

What you can and cannot do

The full license text is at the bottom of this page. Here is what it means in practice.

Allowed without a commercial license

  • Study the source. Every Amber Linux project is public. Read it, learn from it, understand how PTY multiplexing, DBus services, or GTK4 applications work.
  • Fork for personal use. Modify Kat800 to add a pane layout you prefer. Adapt Amber LIB packages for your own non-commercial tools. Run it on your own machine.
  • Non-commercial development. Use these tools in your development environment. Contribute to the codebase. Build other non-commercial tools on top of Amber LIB.
  • Testing and evaluation. Run the software in a testing or staging environment to evaluate whether it meets your needs. No restriction on how long you evaluate.
  • Internal use. Use Amber Linux tools inside your organisation for internal workflows, provided you are not commercially exploiting the software itself.
  • Academic research. University research, academic papers, and educational use are free. Source-available software, Linux desktop, terminal emulation, Odin language — whatever the research is.
  • Wait until 2030. On 2030-05-01, this license converts automatically to GPL v3. From that day forward, you can do anything GPL v3 permits — fork, modify, distribute, build commercial products — with no permission needed from anyone.

Requires a commercial license

  • Commercial production deployment. Running Kat800, KatKlips, or any Amber LIB-based application as part of a commercial service or product requires a separate written license from me.
  • Reselling or sublicensing. You cannot sell access to, or sublicense, any Amber Linux project or derivative in a commercial context.
  • AI and ML training. Using this code — or any derivative — to train, fine-tune, or evaluate machine-learning or generative AI models requires a separate commercial license. This includes dataset creation for such purposes.
Commercial licensing

If you want to use Amber Linux commercially before 2030, contact me. Commercial licensing exists. I am not opposed to commercial use — I am opposed to uncompensated commercial extraction by operators who will never contribute anything back.

andre@amberlinux.org →
The change date

2030-05-01: everything becomes GPL v3

The Change Date is not a threat or a marketing trick. It is a commitment. On the first of May, 2030, the Business Source License on every Amber Linux project automatically and irrevocably converts to the GNU General Public License version 3. No action required from anyone. No new version needed. The change is written into the license you are reading now.

I chose GPL v3 over a permissive license because I want the freedom to propagate. A permissive license would allow a future company to take this code in 2030, close it, and sell it. GPL v3 does not. Any derivative work must remain open. Any company that ships a GPL v3 product must make the source available. The GPL's copyleft clause is the mechanism that converts a gift into a commons.

The date is 2030 because five years is a reasonable window to build something before handing it to the world unconditionally. It also aligns with the end of my Linux Mint sponsorship fundraiser on 1 May 2027 — the same month, three years later. This project and that sponsorship are part of the same decade-long investment in the Linux desktop.

GPL v3 conversion in
days
hours
mins
2030-05-01 · 00:00:00 UTC
Why not network-service copyleft?

Network-service copyleft closes the "SaaS loophole" for server software. Kat800 and KatKlips are desktop applications — the loophole does not apply. GPL v3 is the appropriate choice.

Why not a permissive license now?

A permissive license gives away copyright protections immediately and permanently. Five years from now this code will have significantly more value. I want five years to build on it before releasing it under GPL v3.

Is BSL "real" open source?

The OSI does not recognise BSL as an approved open source license. That is a legitimate criticism. My answer is the Change Date: in five years it is GPL v3, no caveats. The BSL period is a bounded protection, not a permanent restriction.

Contributing

The Contributor License Agreement

The BSL requires that the licensor — me — hold the rights to relicense contributions under GPL v3 on the Change Date. A contributor who submits code without assigning those rights would block the automatic conversion. The CLA prevents that.

The CLA grants me a perpetual, royalty-free license to include your contribution under the BSL now and under GPL v3 on the Change Date. You retain copyright in your contribution. You are not giving up ownership — you are giving me the specific right needed to license the combined work.

The agreement is governed by German law. I am based in Germany. If there is ever a dispute over a contribution, a German court handles it, under German law, with EU consumer protections where applicable.

How to contribute

  1. 1
    Open an issue first

    For anything non-trivial — new packages, behaviour changes, architectural decisions — discuss it in a GitHub issue before writing code. This saves everyone time.

  2. 2
    Sign the CLA

    Fill in your name, email, date, and signature in the CLA.md file included in the repository. Include your signed CLA in your first pull request or send it separately to andre@amberlinux.org.

  3. 3
    Open a pull request

    Reference your signed CLA in the PR description. Pull requests cannot be merged until a signed CLA is on file. First-time contributors only need to sign once.

Full license text 
Business Source License (BSL) — Amber Linux

Copyright (c) 2025 Andre Bremer

Grant. Subject to the Restrictions below, Licensor grants you a nonexclusive, worldwide license to copy, modify, and distribute the Licensed Work for non-commercial development, testing, evaluation, and internal use.

Restrictions. Except as expressly authorized in writing by Licensor, you may not:
- use the Licensed Work, or any derivative, in a production environment for commercial exploitation;
- sublicense the Licensed Work for prohibited activities;
- use the Licensed Work, or any derivative, to train, fine-tune, evaluate, or otherwise improve any machine-learning, generative-AI, or related models, or to create datasets for such purposes, without a separate commercial license from Licensor.

Change Date. On and after 2030-05-01 (the "Change Date"), the Licensed Work shall be automatically and irrevocably licensed under the GNU General Public License version 3 (GPL-3.0). From that date forward, the GPL-3.0 License governs the Licensed Work.

Attribution. Redistributions must retain this notice, the copyright notice, and this license.

No Warranty. The Licensed Work is provided "AS IS" without warranty of any kind.