4
points
My team is using an Apache 2.0-licensed FOSS project in one of our products. We've recently learned that a different division of our very large company has purchased a commercial license for a product which is a derivative of the same underlying Apache 2.0 FOSS project that we're using. We're being told that we must stop using the FOSS project because our company got a discount on said commercial license by agreeing to cease all use of the FOSS version.
Had anyone encountered this before? Is this a common practice? The scenario seems bizarre to me and I'm surprised that it's allowed.
I can think of a couple of reasons why the company might suggest this; the most obvious being that they don't need to guess how many instances your enterprise is using. Whether it makes sense to you and whether the Apache license allows for that kind of legalese is still another matter.
[PS.] you might want to add an "Ask HN:" prefix to your submission subject line
The commercial product extends the open source project to add other capabilities. The source for these extensions is not distributed. (The result is a tool distributed in binary form).
If such separation is not possible, the commercial version spells trouble. For one license wise, but on a technical level it's probably a fork. A fork might have its own security flaws and bugs, but will also need to maintain updates and backports from upstream / main branch. The commercial entity is responsible for this, whether they intend to or not.
In theory, this could lead to a better commercial product, but in practice I would recommend sticking with the FOSS version.