Rug pulls, forks, and open-source feudalism [LWN subscriber-only content]
Welcome to LWN.net The following subscription-only content has been made available to you by an LWN subscriber. Thousands of subscribers depend on LWN for the best news from the Linux and free software communities. If you enjoy this article, please consider subscribing to LWN. Thank you for visiting LWN.net!
Like almost all human endeavors, open-source software development involves a range of power dynamics. Companies, developers, and users are all concerned with the power to influence the direction of the software — and, often, to profit from it. At the 2025 Open Source Summit Europe , Dawn Foster talked about how those dynamics can play out, with an eye toward a couple of tactics — rug pulls and forks — that are available to try to shift power in one direction or another.
Power dynamics
Since the beginning of history, Foster began, those in power have tended to use it against those who were weaker. In the days of feudalism, control of the land led to exploitation at several levels. In the open-source world, the large cloud providers often seem to have the most power, which they use against smaller companies. Contributors and maintainers often have less power than even the smaller companies, and users have less power yet.
We have built a world where it is often easiest to just use whatever a cloud provider offers, even with open-source software. Those providers may not contribute back to the projects they turn into services, though, upsetting the smaller companies that are, likely as not, doing the bulk of the work to provide the software in question in the first place. Those companies can have a power of their own, however: the power to relicense the software. Pulling the rug out from under users of the software in this way can change the balance of power with regard to cloud providers, but it leaves contributors and users in a worse position than before. But there is a power at this level too: the power to fork the software, flipping the power balance yet again.
Companies that control a software project have the power to carry out this sort of rug pull, and they are often not shy about exercising it. Single-company projects, clearly, are at a much higher risk of rug pulls; the company has all the power in this case, and others have little recourse. So one should look at a company's reputation before adopting a software project, but that is only so helpful. Companies can change direction without notice, be acquired, or go out of business, making previous assessments of their reputation irrelevant.
The problem often comes down to the simple fact that companies have to answer to their investors, and that often leads to pressure to relicense the software they have created in order to increase revenue. This is especially true in cases where cloud providers are competing for the same customers as the company that owns the project. The result can be a switch to a more restrictive license aimed at making it harder for other companies to profit from the project.
A rug pull of this nature can lead to a fork of the project — a rebellious, collective action aimed at regaining some power over the code. But a fork is not a simple matter; it is a lot of work, and will fail without people and resources behind it. The natural source for that is a large company; cloud providers, too, can try to shift power via a fork, and they have the ability to back their fork up with the resources it needs to succeed.
A relicensing event does not always lead to a popular fork; that did not happen with MongoDB or Sentry, for example. Foster said she had not looked into why that was the case. Sometimes rug pulls take other forms, such as when Perforce, after acquiring Puppet in 2022, moved it development and releases behind closed doors, with a reduced frequency of releases back to the public repository. That action kicked off the OpenVox fork.
... continue reading