I think the definition of FOSS used here is tendentious: some of these projects (which I have no particular attachment to) are marked as "not FOSS" or "issues exist" because they have components that are disconnected from the basic nature of free and open source software itself.
A recurring one here seems to be that proprietary builds somehow make a project not FOSS. But this is how it's always worked: Red Hat doesn't sell FOSS source, they sell a subscription to a distribution (RHEL) that includes managed, maintained builds. That distribution is in turn restricted[1], while the source behind it remains free.
Perhaps there's an argument to be made that the definition of FOSS should be stronger, and should include some kind of binary freedom, lack of trademark restrictions, etc. But that's not how the term is conventionally applied, and glossing over that convention seems roughly as contentious as when companies try to split the baby and rewrite "open source" to include anti-competitive terms.
One to add: NanoKVM is definitely fake FOSS. It dials home to download a serialized, opaque library. NanoKVM: The S stands for Securityhttps://youtu.be/plJGZQ35Q6I
Many people also seem to think Atlassian Jira and Confluence are OSS when they're absolutely not.
snvzz · 20m ago
The vid is old and they made some promise to open source things later.
I wonder if it ever happened. I did withhold my purchase back then just because I'd rather wait for open source than buy some device I cannot trust.
evanjrowley · 26m ago
F-Droid, the FOSS-centric alternative app store for Android, provides similar information for each app. F-Droid goes a bit farther by also calling out if an app sends telemetry or requires a paid subscription. I like that this Is it really FOSS? project also examines a project's potential impact on the FOSS community by questioning whether it is VC-funded, requires a CLA, and other interesting characteristics like that.
the_mitsuhiko · 34m ago
I think this is not particularly impartial. Sentry is marked as "NOPE" even though it is basically open source (any commit older than two years is), yet projects that are open core forever are "issues exist" and "partially".
lytedev · 12m ago
Wouldn't "partially" be fair? Since not ALL of the project is, but only source of a certain age?
the_mitsuhiko · 8m ago
That in my mind would be a much fairer categorization.
kiitos · 5m ago
oh good a purity test for OSS projects, this is exactly what's needed in the ecosystem, and will surely have a positive impact
exiguus · 1h ago
You can add a new project to the website by creating an issue [1].
My wife is Venezuelan, and when they think something smells they say Foss. It's a never ending source of amusing when I'm browsing hn. She will love this site.
oever · 52m ago
This project's source code is hosted on Codeberg, which runs on the FOSS forge Forgejo.
This is a big improvement over projects that are hosted on GitHub. For those, the license may be FOSS, but the spirit is not, because anyone that wants to contribute upstream is lured onto a proprietary platform.
The license and terms of service of a project's community communication channels are not listed under the concerns. (https://isitreallyfoss.com/concerns/) This is understandable: traditionally and strictly, the license is the only thing that matters.
einpoklum · 1h ago
Some entries are at best confusing, and at worst misinforming.
The common case is considering projects which have one element that is FOSS and another that isn't. For example: ProtonMail, who apparently offer a FOSS mail client. They never presumed to offer mail server software; and FOSS mail server software is available. So a button calling them out for not being really FOSS kind of misses the mark. You don't see an entry like that for, say, GMail - so if Proton did not provide a client at all, they would have faired better.
Another specific case is that of Signal. The client and server are FOSS, but they're designed for no federation, so you can't (?) use a modified Signal client with the vanilla clients, and you definitely can't add a server to the network. This effectively prevents modified versions of Signal from being usable. So, is it really FOSS? The site's verdict is: Unqualified yes, Green button.
1970-01-01 · 44m ago
You missed how there are five possible answers for a binary yes/no question. The site is confusing by design.
Signal I suppose is open source, but doesn't it contain closed source Google binary blobs? It also routes through closed source notification libraries
SchemaLoad · 34m ago
Pretty sure it's impossible to not use closed source Google or Apple pieces for a functional app these days. Last I looked in to it, the only way to actually deliver notifications is to run through Google or Apple since the OSs don't want every app running their own background processes draining battery.
sho_hn · 1h ago
Now add an "open source" LLM.
nailer · 54m ago
I think you’re being downvoted because not everybody on HN knows that Llama is not open source, despite Yan LeCunn ignoring the OSI and continually attempting to tell everyone it is.
A recurring one here seems to be that proprietary builds somehow make a project not FOSS. But this is how it's always worked: Red Hat doesn't sell FOSS source, they sell a subscription to a distribution (RHEL) that includes managed, maintained builds. That distribution is in turn restricted[1], while the source behind it remains free.
Perhaps there's an argument to be made that the definition of FOSS should be stronger, and should include some kind of binary freedom, lack of trademark restrictions, etc. But that's not how the term is conventionally applied, and glossing over that convention seems roughly as contentious as when companies try to split the baby and rewrite "open source" to include anti-competitive terms.
[1]: https://www.redhat.com/en/resources/red-hat-enterprise-linux...
Many people also seem to think Atlassian Jira and Confluence are OSS when they're absolutely not.
I wonder if it ever happened. I did withhold my purchase back then just because I'd rather wait for open source than buy some device I cannot trust.
[1] https://codeberg.org/danb/isitreallyfoss/issues
This is a big improvement over projects that are hosted on GitHub. For those, the license may be FOSS, but the spirit is not, because anyone that wants to contribute upstream is lured onto a proprietary platform.
The license and terms of service of a project's community communication channels are not listed under the concerns. (https://isitreallyfoss.com/concerns/) This is understandable: traditionally and strictly, the license is the only thing that matters.
The common case is considering projects which have one element that is FOSS and another that isn't. For example: ProtonMail, who apparently offer a FOSS mail client. They never presumed to offer mail server software; and FOSS mail server software is available. So a button calling them out for not being really FOSS kind of misses the mark. You don't see an entry like that for, say, GMail - so if Proton did not provide a client at all, they would have faired better.
Another specific case is that of Signal. The client and server are FOSS, but they're designed for no federation, so you can't (?) use a modified Signal client with the vanilla clients, and you definitely can't add a server to the network. This effectively prevents modified versions of Signal from being usable. So, is it really FOSS? The site's verdict is: Unqualified yes, Green button.
https://isitreallyfoss.com/about/categorisation/
https://opensource.org/blog/metas-llama-2-license-is-not-ope...
https://opensource.org/blog/metas-llama-license-is-still-not...
https://www.downloadableisnotopensource.org/