Re: About psycopg2 (by its author) - Mailing list pgsql-hackers

From Greg Smith
Subject Re: About psycopg2 (by its author)
Date
Msg-id 4B71E39A.1030404@2ndquadrant.com
Whole thread Raw
In response to About psycopg2 (by its author)  (Federico Di Gregorio <fog@initd.org>)
Responses Re: About psycopg2 (by its author)
List pgsql-hackers
Federico Di Gregorio wrote:
> First of all let me say that from such incredible hackers as the
> PostgreSQL people I'd have expected the ability to find my email address
> and maybe keep me or (even better) the psycopg mailing list in CC. That
> would have avoided a lot of confusion both on the license and the status
> of psycopg2.

Well, the whole thing didn't start as a discussion of psycopg.  It 
started as "why do we have so many Python drivers and so little 
documentation about them all?", and at that point it didn't seem 
appropriate to drag you into a discussion that might not have even 
involved your driver in particular.  There were at least seven other 
driver writers that might have gotten dragged into the discussion too, 
but the topic didn't start by asking everyone of them for an opinion or 
a status update.  It started by considering "what does the PostgreSQL 
community want from a Python driver and how is that different from 
what's available?" and working out from there.

After that went on a while, it became obvious to a number of people that 
while psycopg has excellent technical strengths, it was incompatible 
with what a lot of people wanted to see in terms of its license.  After 
going through all that, it's only at that point that we realized talking 
with you about the license was a really important step--important enough 
that I didn't just find your e-mail address and cc you, I tracked down a 
local contact who already knew you to personally ask about the license 
issue.  I didn't want to put you into the uncomfortable position of 
having to publicly deny our request just because you'd been cc'd with 
the question, if it wasn't compatible with your plans.  It's unfortunate 
that after stating here I was going to handle bringing you into this 
discussion nicely, you got dragged into it badly anyway.

> Btw, I was at FOSDEM as probably other PostgreSQL people were and all this could
> have been discussed while drinking a couple of beers if only someone
> cared to contact me.
>   

Most of us who had a strong opinion here weren't at FOSDEM--if we were, 
we'd have been out having beers instead of writing e-mail those days, of 
course.  Please make sure to introduce yourself to any PostgreSQL people 
you find around future conferences--I think most in our community know 
psycopg even if your name wasn't familiar to everyone yet.

> So the logical choice is plain LGPL3. I am open to motivated suggestions about other
> licenses but I'll ignore such crap as "BSD is more open than LGPL".
>   

I agree with your general logic and while I can't speak for everyone, I 
would be happy enough with a LGPL3 licensed psycopg (obviously 
addressing the usual OpenSSL mess) to pull the license issue off the top 
of the list as a major problem preventing broader deployment of 
psycopg.  The main two points of contention seemed to be your unique 
customizations to the license, which make a lot of legal people nervous, 
and even worse that they were so clearly limiting many types of 
commercial use.  I hope you'd appreciate that while you have have 
legitimate reasons for your license choices, ones in that form are 
likely to remind this community of the split open/commercial licenses as 
seen in products like MySQL, and we've watch that combination lead 
toward a less open community than this one wants to be.

As for arguments against the LGPL, the main one I care about is that 
you're more likely to have businesses who hire people adopt a product if 
it's BSD or MIT licensed.  I make a decent chunk of my living doing 
support and customization work on open-source projects.  Anything that 
has a GPL license attached is something I'm less likely to incorporate 
into custom project work I do, because it decreases the number of 
businesses who are then interested in it.  This is mainly because they 
have to incorporate all that background into their "credits" list for 
aggregate works, and that concern inevitably opens up more questions 
better avoided about the implications of the software being bundled.

I'm more concerned about increasing the market I can provide such 
solutions to than I am about people stealing my work, crediting me, or 
not sharing their own customizations.  So my preference for BSD-ish 
licenses is a pragmatic one rooted in business goals.  If you wanted to 
improve your odds of companies adopting psycopg for projects that might 
then lead to them hiring you for support or improvements to the 
software, I'd suggest that using the GPL or even the LGPL is actually 
doing the exact opposite of that.  If your goals are more about 
releasing proper free software in the original Stallman inspired sense 
of the word, the LGPL3 might be exactly the right license for you.

> Second point, the technical discussion about psycopg2 features and bugs... 

I tried to keep the part of that discussion that went into a more public 
form limited to listing suspected issues for further investigation.  You 
can see the the list at 
http://wiki.postgresql.org/wiki/Python_PostgreSQL_Driver_TODO uses terms 
like "Confirm" and "Review" rather than saying outright there's a 
feature or bug issue.  People say all sorts of things about bugs in 
software that aren't necessarily true, and I know your mailing list 
support is excellent once people report things there.  I just checked, 
and apparently I first publicly plugged your project almost two years 
ago:  http://archives.postgresql.org/pgsql-general/2008-04/msg00779.php

But I will point out the reality is that the lack of a published (on a 
web page, stuff buried in list archives doesn't count) known bug list, 
development roadmap, and even standard web page documentation is working 
against your software being deployed more widely.  If we had one, a lot 
of these questions about features or bugs wouldn't even pop up.  Luckily 
the code quality is good enough that people put up with that situation, 
but I can tell you from plenty of conversations on this topic that all 
of your users I've come across (who are also our users!) cite this as a 
major weakness of your project.

If the license issues get sorted out as you plan, that part I think we 
can end up helping out with using our infrastructure.  You might note 
Marko Kreen already created http://wiki.postgresql.org/wiki/Psycopg to 
start working on just that.  I think we'd all be fine with continuing to 
expand on that rather than worry about your revamping the initd.org site 
just to address the documentation goals we have.  And we would certainly 
want to work more closely with you and your other contributors on that, 
to make sure everything is accurate and complete.

-- 
Greg Smith    2ndQuadrant   Baltimore, MD
PostgreSQL Training, Services and Support
greg@2ndQuadrant.com  www.2ndQuadrant.com



pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: Listen / Notify - what to do when the queue is full
Next
From: Robert Haas
Date:
Subject: Re: Writeable CTEs patch