Should ZAP switch to a non OSI approved licence?

[Simon Bennetts]

For more details see this blog post: https://www.zaproxy.org/blog/2024-06-07-should-zap-switch-to-a-non-osi-licence/

Then post your thoughts to this thread...

Many thanks,

Simon

[someone here]

i think you should make it paid version but with low cost let's say $30-50 and with the huge list of users this small amount of money will make a good fund for ZAP developing . So with this solution it solve both side problem . The user can't afford other web scanner like burp or caido but can pay $30-50 per year for ZAP and the ZAP team could use this money to support ZAP developing in a win-win situation 

[psiinon]

People would only pay if we made ZAP closed source.. which we don't want to do..

--
For commercial support options see https://www.zaproxy.org/support/
ZAP is supported by the Crash Override Open Source Fellowship https://crashoverride.com/open-source?zap=user
---
You received this message because you are subscribed to the Google Groups "ZAP User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/11ad7129-36f4-4186-a058-904d159ca78cn%40googlegroups.com.

[zinw elzl]

it is hard question

maybe company who use zap and have more than X users/client should pay X money

or something like that

[Simon Bennetts]

Thats kind of the idea :)

But if ZAP uses an OSI license then there's no incentive or requirement for companies that use ZAP heavily to support ZAP in any way.

There are several companies who have build their entire businesses around ZAP, and they do not support us.

That is why we are looking at non-OSI licences - therse companies will then have to make a choice:

• Pay a license for the new version of ZAP we maintain
• Maintain ZAP themselves
• Stick with the "old" unmaintained version of ZAP
• Drop ZAP entirely from their offerings
  

[Bruno Ronda]

Hi  everyone!

I've been away for sometime and missed this very thought-provoking thread. Is it still open?

Yours ever,

[kingthorin+zap]

We're always interested in the community's thoughts/input.

[Bruno Ronda]

Oh, thank you Ricky!

Now to the subject in question. I, like the core team and many others around here, am passionate about Open Source. And the thing about ZAP is not only being free, open source and extensible. It's being top of the game of the security tools while remaining free. No doubt a great deal of altruism from the core team and other contributors has been involved throughout the years, especially after losing support from the Mozilla Foundation (is that right? it was the 1st to sponsor full-time work on ZAP...?)

That said, if keeping it that way will ultimately kill the project in the foreseeable future, then it is time to make the hard choice: switch to a non-osi licence. If you are making pretty good money out of using ZAP, it's only fair to give it back to fund ZAP development.

yours ever

Virus-free.www.avast.com

You received this message because you are subscribed to a topic in the Google Groups "ZAP User Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-users/4zrpfbA8-Es/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/6f43dab3-3d95-4dca-a240-cd573e09a097n%40googlegroups.com.