NPM Commercial Licensing

To implement my idea here

I’m thinking of the following steps:

  1. Release a new semver major for all my packages that change the license to AGPL; inside their readmes include instructions for step 2
  2. Provide a npm package that consumers can put into their postinstall script that will check if any of my packages have been used, and will check whether they have a license based on github sponsorship (and github org affiliation) or based on company affiliate via a stripe solution; if they have a license update the license information inside each package to MIT or the like

The licensing package will check any of the following for possible license match to make seamless:

  • git config details
  • npm config details
  • npm package name
  • git repo details
  • or simply an identifier token that can go in a user or workspace config file, cli flag, or env var that is issued via email upon payment

Payments expire monthly, only one dev needs to pay all orgs they associated to, for all packages they consume.

For pricing, I’n thinking $1/month for per user, or $10/month per repo, or $100/month for each org; which initially will be honour based.

Depending upon reception it could be scaled out to other producers.

1 Like

My personal experience suggests the tool is probably unnecessary.


Progress on this:

  • It’ll be RPL for free version, and Artistic License v2 for sponsored version
  • Accepted means of sponsorship are GitHub Sponsors, StackAid, PayDevs; with patreon and opencollective and stripe probably at a later time
  • Only one person in each GitHub Organisation needs to be a sponsor for the sponsored checker to validate; the use of artistic license in the sponsored version means if they remove the validator they must publish and rebrand their modifications with credit to the original; this compromise ensures enforcement does not become unfair (being more inconvenient to people doing the right thing, than people doing the wrong thing); so in practice this is a barrier to entry of private use for $1/month per user|organisation, and seamless for all public users, and seamless for all subsequent organisation users - one independent mover inside an organisation is all that is necessary to swap the default from unfair to fair - changing the presupposition for conversations
  • Will be packaged for anyone to adopt, which if done, will allow companies to pay once for say StackAid, and get access to the Artistic License editions for all packages doing this model, irrespective of maintainer, and if consumers desire specific maintainer perks, then they can use GitHub Sponsors to receive the maintainer specific perks
  • Verification tool will ping the git config email and git repo organisation against a service that responds with yes/no based on sponsorship status, which maps emails and repo orgs to sponsors, which data is scraped via an initial oauth flow with the sponsorship service by the sponsor

Aiming to launch by thanksgiving.

1 Like

Let me know how it goes for you. :face_with_monocle: :blue_heart: :money_with_wings: