Note: This blog post is purely my thoughts about the topic and in no way is meant to discredit the product or the company behind it. My sole purpose for this blog post is to put my thoughts and get constructive feedback and criticism.
Introduction
We developers are very particular about our IDEs and with a good reason. We spend most of our development time with an IDE and lot of effort, love and care goes in choosing the right IDE, the ease of coding, testing and running your code is just one side of the coin. We also spend a lot of time in seeing what kind of ecosystem the IDE provides and why others in your community use it. And for that reason for me VSCode was one of the first choice since last few years.
First it is free and open source, it has support for multiple programming languages and then it has whole ecosystem of community driven plugins which makes my life as a developer very easy. So it was a surprise when I just came across a project called vscodium which is a re-distribution of vscode where the binaries are licensed under the MIT license. Telemetry is disabled. Now this got me thinking, we know that vscode is open source, then what kind of open source license VSCode has. If you want to check the VSCode license please jump to the this License link.
My problem with the VSCode License
After reading the license VSCode did not seem any more open source as the purest form I know of. The open source I know is either GPL, Apache, MIT or BSD license. But reading the VSCode License looked more of a stock Microsoft License which is a more condensed form of its regular license for other propitiatory products. Hence to me suddenly VSCode looked like a more of a Freeware where code is open sourced but not really Open Source in its real sense.
This is so anti-thesis to recent news and announcements that you hear about the commitment of Micrsoft to Open Source but the skeptics were always suspicious. And after reading the license I am too very skeptical. While its very difficult to find a really good alternative to VSCode and in near future I many be using VSCode out of compulsion than free will, but I will definitely stop recommending VSCode as a IDE of choice.
What is Worrisome about the License
Please read the below section from the Microsoft License of VSCode.
SCOPE OF LICENSE. This license applies to the Visual Studio Code product. Source code for Visual Studio Code is available at https://github.com/Microsoft/vscode under the MIT license agreement. The software is licensed, not sold. This agreement only gives you some rights to use the software. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not
reverse engineer, decompile or disassemble the software, or otherwise attempt to derive the source code for the software except and solely to the extent required by third party licensing terms governing use of certain open source components that may be included in the software;
remove, minimize, block or modify any notices of Microsoft or its suppliers in the software;
use the software in any way that is against the law;
share, publish, rent or lease the software, or provide the software as a stand-alone offering for others to use.
First VSCode source code is released under MIT License but if you look at the bullet points for the Visual Studio Code product license they are complete antithesis to the MIT license that it is being distributed with. Now lets look at the MIT License.
MIT License
Copyright (c) 2015 - present Microsoft Corporation
All rights reserved.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
So if you read between the finer lines, while the source code is open source and free for modification, the binaries with which it is built is not fully FOSS. It has restrictive conditions which I presume Microsoft has to follow being an enterprise software company and is liable to Cyber laws and US Export restrictions. Hence the people who end of the day are using VSCode are liable to all the Microsoft license restrictions. This may very well be applicable to the community contributors who build the rich set of community plugins that make VSCode so attractive.
Conclusion
Hence its time for all to think through if VSCode really is that much open source as lets say Eclipse or pure community owned and driven FOSS IDEs or editors. This is not only the problem of VSCode but problem with many other open source “Community” editions of propitiatory products where while most of the core features are developed by the company but the ecosystem built with others are threatened with the restrictive license. But the particular issue I have with the VScode is where its source code and its binaries are dual licensed and complete opposite of each other.
While I am coming across such a license for the first time, I am sure I may have overlooked many such license and would like to hear more from others as well.
p.s. Originally published by me in Medium
Update: I have written about my journey after VSCODE - Moving Beyond VSCode. Please do read it and give your valuable feedback.
Oldest comments (65)
For those who dont know theres a project called vs codium which removes all ms stuff from vsc:)
It looks promising but without some of VSCode's MS plugins vs codium is just another normal IDE though I would like to reserve my observation till I try it out.
The only extension I haven't been able to run in VSCodium is Live Share. Other than that all the MS extensions still work fine.
It's awesome
That and also the discord presence one
What do you mean? You can use any extension with it:)
I've been using VSCodium for a year or so because of this.
I'm assuming that the only thing reverse-engineering VSCode binaries will find is the aforementioned telemetry, but the provision is there in their license.
I don't understand why anyone would use proprietary binaries from a company like Microsoft when there's a direct, free alternative.
Thank you for pointing that I am also seriously thinking about using VSCodium in the interim. But its time also to see other alternatives.
May I suggest Jetbrains products ? I've switched to PHPStorm and Pycharm years ago and never looked back.
Plus they're completely closed source so at least you know where you stand.
It's funny for someone to recommend closed source for that kind of reason, but it's not stupid: things that only appear free are basically trojans.
There could be reasons. I use proprietary binaries because mostly they allow for quicker support than using only open source. Plus, I use Windows anyway, there's no open source version of that, lol.
But it depends on your priorities. I just realized that trying to keep my information out of hands of corporations is a waste of my time, they already have everything they need. So might as well take advantage of it.
Microsoft has code in their version that they don't want you to decompile. That is all. Hence the license agreement.
I still use the version from Microsoft on my Mac for personal projects. If I don't want Microsoft to watch what I do with their software I'll compile my own version. Until then, they will continue to update the software based on the usage data they track. Best of both worlds if you ask me.
Offtop: a lot of people think that open source is actually sustainable. See this talk on the sustainability of open source by the creator of Ruby on Rails.
Your quote is misleading.
He said "[FOSS] isn't a necessary condition of sustainability" not that "FOSS is not sustainable"
i.e. It may not automatically make your project sustainable, but it definitely won't stop you from achieving sustainability.
Open-Source projects can still be sustainable.
I tried to say the same thing
This is no different than Chrome and Chromium. The product most people download and install has extra proprietary features and code, but is based upon a truly open source code base. If you have a problem with this, then you should have a problem with Chrome too.
Your point is correct and well taken. This is actually why I use chromium instead of chrome. Since reading this article, I've replaced VS Code with Codium and was able to remove the only Microsoft repository on my system, which felt good. Checking add-ons now. Thanks to the author!
Just like to note that even chromium still includes proprietary code, you need ungoogled chromium for that.
I have a different opinion. Dear Microsoft and VSCode team: Thank you. Keep up the great work!
I agree with you 100%.
I am grateful to Microsoft for a brilliant product which they don't ask me a cent for.
No need for FUD.
You do realize that the entire framework of the net would be unsustainably expensive if not for open source, don't you?
I know MS, Amazon and Oracle would love to see a world where everyone was using their hosting software. I'm sure 99% of us hosting sites are glad that's not the case.
Dont'forget Google.
Ugh. Yeah. It might be a really good time to fork every bit of Google's code that's still open and run away with it. Is the go compiler still OSS?
I thought it was common knowledge that the source code was open source but the compiled binaries were not. This isn't really news to most people.
Godot and Blender are opensource and they are doing good.
I feel like this issue probably means very little, to a very few.
I switched to vscodium after learning about the telemetry closed source code that Microsoft adds to vscode.
What's the problem with telemetry? Without it most of the products, including websites would be full of useless features.
Nothing at all, telemetry for guiding the direction of a product is great.
Why is it closed source? And what else is in the code? What stops other "actions" from being added to this telemetry codebase??
I can't be bothered to wonder about all that when there is a perfect alternative in vscodium.
So vscode source gets updated with bug fixes found by telemetry in vscode, then vscodium gets the code fixes? That's great as a free rider approach, but if the telemetry and fixes weren't there vscodium would suffer.
Telemetry stuff is closed source so you don't see how they send the data back to their servers. It doesn't necessarily mean something nefarious. You use closed source every day. It isn't inherently bad.
That said, Microsoft has given enough reasons to mistrust them over the years that the paranoia is understandable.
Though Microsoft has been benefiting from Linux/Unix for years with it's cloud offerings (plus Hotmail ran on Unix for a looong time) I have a feeling this may be flavor of it's Embrace, Extend, Extinguish strategy.
en.m.wikipedia.org/wiki/Embrace,_e...
They seem to be in the EMBRACE stage. They joined the Linux foundation and have made heavy "donations" which earned them a director seat - they've bought their way into influencing the future of Linux.
Though Linux can't really be extinguished, I'm curious where they go or hope to go with this new "love" for Linux. Maybe it's true love, maybe it's ...
Nothing but FUD? Times change. SCO tried to destroy Linux to further their software. Oracle releases the JVM under a much more restrictive commercial license. Red Hat might be transforming into a patent troll. Richard Stallman is being petitioned to step away from the GNU Foundation. Linus Torvalds can be incredibly rude and sensitive to his own contributors .
Microsoft employs hundreds of thousands of people across countless teams. I don't think it's fair to classify such a diverse organization of having an evil agenda without being able to provide substantial evidence.
Well... that same "diverse organization" has HAD evil agendas that only became apparent after the destruction was complete, so what are you even talking about?
If you READ my comment you'll see that I didn't make any claims. I said what they've done so far feels like a stage in the strategy they have employed to crush competition in the past.
Like I said, Linux can't be "crushed", but it can be steered in a "direction". For better or for worse. Hence I'm curious what they will actually do with the influence they are buying their way into.
I was trying to point out that lots of organizations have tried to get rid of Linux with their efforts perceived very differently by the public.
I do not appreciate your dismissive tone. I did read your comment and personally felt the disrespectful tone was uncalled for.
You may not have forecast any specific claims, but the language and attitude of your post suggests that you have already made up your mind about their intentions.
Oh wow, I had no idea, thanks for pointing that out !
Some comments may only be visible to logged-in visitors. Sign in to view all comments.