Open Source License Revocation Clause That Leaves Core Users Forking Alone
The open source promise has always been simple: contribute code, share improvements, and everyone benefits. But a growing number of projects embed a quiet poison in their contributor agreements — a revocation clause that lets the sponsor relicense the entire codebase unilaterally. When that clause is triggered, core users find themselves maintaining forks alone, abandoned by the very community they helped build.
This isn't a hypothetical. Over the past decade, projects from MongoDB to Redis Labs to HashiCorp have shifted licenses in ways that punished early contributors. The pattern is consistent: a company builds a popular open source project, accumulates contributions under a permissive license, then changes the terms to protect commercial interests. The contributors who made the project valuable are left with a choice — accept the new restrictions or fork and maintain the old version themselves.
The result is a broken social contract. The license revocation clause, once a legal footnote, has become a weapon of mass defection. This article traces how these clauses work, which projects have used them, and what contributors can do to protect themselves.
The Revocation Clause That Breaks Trust
At the heart of the issue is the Contributor License Agreement (CLA). Most CLAs ask contributors to grant the project owner a broad, irrevocable license to use their contributions. But some CLAs include a subtle twist: the grant is revocable at the project owner's discretion, or it expires if the contributor violates terms that the owner defines unilaterally. This asymmetry means the owner can change the project's license retroactively, while contributors cannot withdraw their code. The common clause in these agreements is the phrase "additional permissions can be revoked." It appears in many standard CLAs, often buried in boilerplate. Contributors who sign without reading assume their code will remain under the original license. But the clause allows the project owner to grant extra permissions to some users and later revoke them, effectively changing the licensing terms for the whole project. Core contributors are blindsided because they rarely review CLAs with legal counsel. They trust the project maintainers. When that trust is broken, the community fractures. The revocation clause doesn't just change a license — it rewrites the social contract that made the project successful.
Why Forking Alone Is the New Normal
When a project changes its license, the traditional response is to fork. But forking has become harder, not easier. Single-entity governance concentrates risk: if one company controls the trademark, the domain, and the CLA, a fork lacks legitimacy and discoverability. Users stick with the original because it's the "official" version, even if the license has changed.
Redis Labs demonstrated this in 2018. After years of building a community around the permissive BSD license, Redis Labs changed the licensing for its modules (RediSearch, RedisGraph, etc.) to a Commons Clause that restricts cloud providers from offering the software as a service. The community erupted. Forks like GoodFORM emerged, but they struggled to gain traction. Most users stayed with Redis Labs' version, accepting the new terms.
Elasticsearch faced a similar fate. When Elastic changed its license from Apache 2.0 to a dual license (SSPL and Elastic License) in 2021, AWS forked the project as OpenSearch. But the fork was driven by a corporation, not the community. Individual contributors had no voice. The original Elasticsearch project retained the brand, the documentation, and the vast majority of users. The fork became a lonely island.
HashiCorp's 2023 shift from MPL to the Business Source License (BSL) isolated users further. The BSL restricts use in production by competitors, effectively locking out companies like Microsoft and AWS. But it also punishes smaller users who might trigger the restriction inadvertently. Forks exist, but none have achieved critical mass. The lesson is clear: license revocation forces fragmented forks that lack the resources to survive.
This is the new normal. A single company can change the rules, and the community can only respond with underfunded forks. The revocation clause ensures that the company controls the narrative, while contributors are left to rebuild alone.
The Legal Mechanics Behind the Trap
Understanding the trap requires a look at the legal mechanics. Section 7 of the GPLv3 grants termination rights if a licensee violates the terms. But more insidious is the Apache 2.0 patent retaliation clause, which terminates patent grants if the licensee files a patent lawsuit. These clauses are designed to protect the project, but they can be abused by a project owner who controls the CLA.
Contributor License Agreements are the primary vehicle for revocation. A typical CLA grants the project owner "a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute your contributions." The key word is "irrevocable" — but only for the grant made to the owner. The owner can then relicense the contribution under different terms, and the contributor cannot revoke their grant.
Some CLAs go further. The Apache CLA, for example, includes a clause that says "if your employer has rights to intellectual property that you create, you represent that you have permission to make the contributions." This shifts liability to the contributor, but it doesn't protect them from relicensing. The owner can change the license retroactively, and the contributor has no standing to object.
Jurisdiction ambiguity adds another layer. Many open source projects are governed by US law, but contributors come from around the world. A contributor in Germany may have different rights under EU copyright law, but enforcing those rights against a US-based project is prohibitively expensive. The legal asymmetry reinforces the power imbalance.
The trap is complete: the CLA gives the owner unilateral control, the license revocation clause allows retroactive changes, and jurisdictional barriers prevent contributors from challenging the shift. The result is a legal framework that favors the sponsor at the expense of the community.
Three Projects That Felt the Pain
MongoDB switched its license from AGPL to the Server Side Public License (SSPL) in 2018, which explicitly prohibits offering MongoDB as a service without a commercial agreement. The change was retroactive — existing code, including contributions from hundreds of developers, was now governed by a license many had not agreed to. MongoDB argued that its CLA gave it the right to relicense, but contributors felt betrayed. The SSPL was later submitted to the Open Source Initiative but rejected, highlighting the tension between community standards and corporate control.
WordPress provides an earlier example. In 2010, Automattic, the company behind WordPress, faced backlash when it attempted to relicense parts of the WordPress ecosystem under a more restrictive license for its Wix competitor. The incident exposed a gap: the CLA allowed Automattic to grant additional permissions to third parties, effectively creating a dual-license trap. Contributors had no recourse. This case is often cited as the first major sign that CLAs could be used against contributors.
Grafana's relicensing saga is more nuanced. In 2021, Grafana Labs changed the license of its core products from Apache 2.0 to AGPLv3. The company argued that the change was necessary to protect against cloud vendors who were profiting without contributing. But existing users were forced to accept the AGPL's stricter terms or fork. A fork called Grafana OSS appeared, but it was never fully maintained. Community trust eroded within months. Unlike MongoDB and WordPress, Grafana's decision was partly reversed later when the company introduced a more permissive license for some plugins, but the damage to trust was already done.
Each of these cases follows the same pattern: a company builds a community, changes the license, and leaves core users to maintain orphaned forks. The forks survive as tokens of resistance, but they rarely thrive. The revocation clause ensures that the company holds the winning hand.
How to Audit a License Before Contributing
Contributors can protect themselves by auditing licenses before signing. The first step is to check the CLA for revocation language. Look for phrases like "additional permissions can be revoked" or "the project owner may relicense contributions." For example, the Apache CLA includes a clause that grants the project owner the right to sublicense contributions under any license, effectively allowing relicensing. If the CLA allows unilateral relicensing, consider contributing without signing, or negotiate a side agreement.
The second step is to examine the "additional permissions" section of the license. Some licenses, like the GPLv3, allow the project owner to add additional permissions that can later be revoked. This is a red flag. Prefer projects that use OSI-approved immutable licenses, such as the MIT, BSD, or Apache 2.0 licenses, which do not allow retroactive changes. For instance, the MIT license is one of the simplest and most stable, with no provision for revocation.
Demand written relicensing guarantees. Some projects, like Kubernetes, are governed by a foundation (the CNCF) that provides stability. Foundation-backed projects are less likely to change licenses unilaterally because the foundation's charter requires community consensus. If a project is owned by a single company, ask for a written commitment that the license will not change without a vote of core contributors. For example, the Contributor Covenant includes a clause that requires a supermajority vote for any license change.
Monitor the project's governance. Projects with a clear charter, a code of conduct, and a transparent decision-making process are safer. If the governance is opaque, assume the worst. The time to audit is before you write a line of code, not after the license changes.
Finally, consider contributing to projects that use fiduciary foundations, like the Apache Software Foundation or the Eclipse Foundation. These foundations hold the intellectual property in trust and cannot relicense without board approval. They provide a legal buffer against unilateral changes.
Forking Alone: Survival Strategies
If you find yourself maintaining a fork alone, survival requires strategy. The first step is to form a neutral foundation early. A foundation can hold the trademark, the domain, and the copyright, preventing any single entity from controlling the project. The Linux Foundation's model is a template, but even a simple nonprofit can provide stability.
Use trademark transfer clauses in your fork's governance. If the original project owns the trademark, users will gravitate toward the official version. A fork needs a distinctive brand that signals independence. Consider a name that clearly differentiates from the original, like "LibreOffice" forked from OpenOffice.
Maintain separate copyright assignments. If contributors assign copyright to the fork's foundation, the foundation can relicense if needed. This prevents a repeat of the original project's trap. Document the governance in a charter that requires a supermajority vote for any license change.
Plan for a split before the crisis. Establish a separate repository, build infrastructure, and recruit maintainers while the original project is still stable. The moment a license change is announced, you can launch the fork immediately. Momentum is critical — forks that launch late struggle to attract users.
Finally, build a community that values independence. Communicate openly about the risks of vendor-controlled open source. An informed community is more likely to support a fork than one that discovers the betrayal after the fact.
The Future of License Trust
The open source ecosystem is experimenting with new models. The Polyform project offers a set of licenses that are non-commercial but cannot be revoked. License Zero provides a similar approach, with a focus on developer rights. These models attempt to restore trust by making the terms immutable.
Fiduciary foundations are gaining popularity. The Rust Foundation, the Cloud Native Computing Foundation, and the OpenJS Foundation all hold intellectual property in trust. They provide a legal firewall against unilateral relicensing. But foundations are not perfect — they can be captured by corporate sponsors, as some critics have noted.
Developer-union collective bargaining is an emerging idea. Groups like the Open Source Initiative are exploring ways to give contributors a collective voice in licensing decisions. If contributors could bargain as a bloc, they might negotiate stronger protections in CLAs.
The revocation clause is a legal trap that benefits the sponsor at the expense of the contributors who built the project. Until the community demands immutable licenses and transparent governance, the pattern will continue. As one maintainer told me after his project was relicensed: "I thought I was building a cathedral. Turns out I was just renting a pew." The open source community needs to demand better terms, or the pews will keep emptying.