Comment by tsimionescu
1 day ago
> Without a CLA or CAA on external code contributions, a creator of AGPL software cannot legally host their own SaaS
What do you mean? Anyone can run AGPL software, either the creator, a contributor, or anyone else, as long as they abide by the terms of the license. You are absolutely allowed to ask for money for an AGPL service, the only restriction is that you must make the source code available under the AGPL for anyone who pays to use the software.
In the "paid SaaS" situation, the SaaS version almost always has proprietary changes and enhancements, which are infeasible to open-source without ruining the business. With the code fully available, since anyone else can then launch an identical business on the same codebase, there's little chance for the project creator's own business to succeed, as it can't stand out on feature-set.
With a CLA on third-party contributions, the project creator can still operate an enhanced SaaS without that massive problem. And revenue from the business can then support sustainable development of the project as a whole.
fwiw, I have recently seen at least two "Show HN" posts where the author was running an enhanced paid SaaS on their AGPL project, which accepted many contributions without a CLA, but did not offer the enhanced SaaS codebase to users. That's a clear copyright violation and any of those contributors can sue the project creator if they wish; this is what I meant by "cannot legally host their own SaaS" although in retrospect I should have clarified the scenario.
> With the code fully available, since anyone else can then launch an identical business on the same codebase, there's little chance for the project creator's own business to succeed, as it can't stand out on feature-set.
This is not at all clear on the face of it. For example, RedHat has succeeded as a company for a very long time (ultimately getting themselves bought out by IBM for a very good price) by just selling support for Linux and other open source packages, even though anyone could just run CentOS and get the exact same code for most of this duration.
The point of the GPL and AGPL is to not allow any company to have a monopoly on code that users run - including the company that built that code in the first place. Subverting it with a CLA and first party proprietary extensions is a direct strike at its core purpose. I doubt you'll find many people willing to sign a CLA whose explicit goal is to prevent the main purpose of the AGPL.