There have been some noise last week about npm, coming from that article. It merely revealed that various open source organization are privately held by some individuals and they can either be pressured or take weird decisions. Honestly I consider this incident anecdotal. It’s not the first time such thing happens. One guy just happened to be very vocal and pissed off about it.
And it carried various threads of discussion on Twitter and elsewhere, in a huge controversy. There were many points raised. NPM has thousands and thousands of packages, and many of them are just a few lines of utility library, so it was a good occasion for some to point out that you should reduce your number of dependencies. Others pointed out that namespacing could help prevent such situation, like it’s done in docker or in go (having username/somelib instead of somelib) following the github convention.
All in all, it appears that open source is gaining its traction from being free of any legal duty. Or at least there is no formal contracting, no by-laws, on committees or advisors. People do how they feel in the limits of some very simple basic licensing rules. Some organization provide a more structured legal asset but they usually are on the side and purposed for channeling money management, not necessarily patents and intellectual property.
My opinion is that this kind of friction between businesses and open source is going to happen more and more. But I wonder how it’s going to turn out.