Both npm projects were published under the MIT license. Publishing them under the #AGPL would make Big Tech not touch it with a ten foot pole, while allowing other free software projects to still use them.
When publishing a project, consider using AGPL. I use it for basically all my public code.
Just to be absolutely clear, as @Gargron noted in a separate thread, this is absolutely shitty of the developer to pull the rug from under everyone (including plenty of FLOSS projects, I'm sure) using his npm packages. A breach of trust indeed.
But for me it is also worth noting GitHub blocking a developer for changes made by him to his own projects.
@rysiek While GH obviously has the right to continue publishing an older version of the software, I wonder whether they retain the right to publish it *under the developer’s username*? That seems like something that should be covered by their TOS but perhaps they missed it?
@rysiek if a developer is pushing changes or code clearly meant only to break things reverting and blocking are absolutely the right thing to do
This feels like the freezepeach argument, context matters
@wim_v12e, it’s apparently impossible to do so: https://blog.npmjs.org/post/141905368000/changes-to-npms-unpublish-policy
@rysiek I've been toying with switching a bunch of my stuff to AGPL but I agree. This was a shitty move, just relicense it and move on *or* abandon the project and create a new one with a license that fits the developers philosophy and keep going.
I have enough trouble with my customers believing that OSS is somehow worse than closed source projects (I have to report every CVE for OSS dependencies, but any paid-for package is exempt and typically doesn't have one).
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!