Come on, Amazon: If you're going to copy open-source code for a new product, at least credit the creator
Developer wishes cloud giant gave more thought to not stepping on toes
On Thursday, Amazon Web Services launched CloudWatch Synthetics Recorder, a Chrome browser extension for recording browser interactions that it copied from the Headless Recorder project created by developer Tim Nolet.
It broke no law in doing so – the software is published under the permissive Apache License v2 – and developers expect such open-source projects will be copied forked. But Amazon's move didn't win any fans for failing to publicly acknowledge the code's creator.
There is a mention buried in the NOTICE.txt file bundled with the CloudWatch extension that credits Headless Recorder, under its previous name "puppeteer-recorder," as required by the license. But there's an expectation among open source developers that biz as big as AWS should show more courtesy.
"The core of the problem here (for me at least) is not the letter of the license, it's the spirit," said Nolet in a message to The Register.
"It's the fact that no one inside of AWS cared enough to stop and think 'is this a dick move? Is this something I would want to have happen to me?' Hence the current PR damage control campaign. They know it's wrong. Not illegal, but wrong. Someone just had to tell them that."
Nolet runs a software monitoring service called Checkly and developed the Headless Recorder browser extension as a tool for his company and customers. He said he hadn't given the license for Headless Recorder a lot of thought because it's just a browser extension full of client-side code – meaning it's visible to anyone familiar with browser development tools.
"Amazon should have opened a PR [pull request] and proposed 'let's add this feature to your code. Or they could have simply kept their fork open source," he said.
"In the least, they could have mentioned that their work was based on my work. I do this in the README.md of the project itself where I acknowledge the creators of an old project by segment.io that I used as inspiration."
AWS cooks up Extensions API for Lambda serverless platform: Useful for monitoring, alertingREAD MORE
This is not the first time AWS has taken the work of open source developers and turned it into an AWS product. Last year, it launched Open Distro for Elasticsearch, to the dismay of Elasticsearch, a company formed to make a business out of the Elasticsearch open source project. And earlier that year it released DocumentDB, based on an outdated version of the open source MongoDB code.
Many popular open source licenses allow this, but because AWS brings billions in infrastructure assets into the competition, smaller companies trying to commercialize open source projects find the challenge difficult to deal with.
Such behavior – taking without giving back, or at least giving thanks – has been a concern for the past few years and has led to experiments with "cloud protection licenses" designed to deter cloud providers from co-opting public software projects. Just last month, database maker TimeScale adopted a new source-available license called the Timescale License (TSL) as a defense against AWS and its peers.
Late last year, in response to a New York Times article about how AWS copies and integrates software pioneered by others, AWS VP Andi Gutmans criticized the report. He pointed to the many open source projects that have received code contributions from AWS developers and insisted, "AWS has not copied anybody’s software or services."
This is one of my big issues with @awscloud. Their relationship with open source seems extractive to me, not collaborative. Not a surprise given how Amazon treats workers. But a good reminder that I can't trust them. https://t.co/hPARWjoK7j— William Pietri (@williampietri) October 16, 2020
The Register asked Amazon PR and Matt Asay, head of Open Source Strategy and Marketing for AWS, for comment. But we've not heard back.
"AWS uses a lot of open source, and we contribute a lot, both in terms of code (first-party projects like Firecracker and Bottlerocket, but also third-party projects like Redis, GraphQL, Open Telemetry, etc.), testing, credits, foundation support, and more," he said.
"But open source is ultimately about people and communities, and I personally feel we could have done more to acknowledge the great work Tim and his co-maintainers have done, and try to support their Headless Recorder work. We're talking with Tim now about this."
Nolet confirmed this and said he believes AWS is sincere in its desire to make amends. "They screwed up and we're going to work something out," he said. "What that is, I have no idea yet." ®