Is SugarCRM open source?

David Berlind has a long interview, available as a podcast, with SugarCRM President John Roberts today.

The key question -- is SugarCRM really open source?

Roberts insists it is. The SugarCRM license merely combines elements from two existing open source licenses -- the Mozilla Public License and the Attribution Assurance License.

Trouble is, Roberts pushed the new license out there before getting OSI approval for it. He believes that will come. But if it doesn't, it doesn't. He's still standing with the license he has. And he will continue calling his company "Commercial Open Source."

What's mainly at stake is a logo Sugar insists its customers display in their user interfaces, which identifies SugarCRM as the application "powering" their service.

Bruce Perens derides this as "badgeware." Roberts calls it "attribution."

Whatever. Sugar is demanding that its customers essentially market for it, if they wish to remain its customers. Which could, if it becomes common, leave user screens looking like NASCAR uniforms. (Or Talladega Nights.)

The term, as Ross Mayfield explains, comes from The Treasure of Sierra Madre, where a bandit (Alphonso Bedoya) claims to Humphrey Bogart he's the police, and Bogart notes he has no badge. "We ain't got no badges. We don't need no badges! I don't have to show you any stinking badges!!" (The picture, originally from the movie, was pulled off Ross's blog.)

Yeah, well John Roberts says you do need his badge. Or you're violating his SugarCRM license. Which is still open source, even though OSI hasn't approved it. It doesn't have the OSI badge of approval. It don't need no stinking badges. But you do. Gringo. (The Spanish for friend is amigo.)

The question to my mind is not whether Roberts is right or wrong. The question is whether this will impact anyone's decision to use SugarCRM, or contribute to SugarCRM. It's a question for the market. SugarCRM indeed does not need no stinking badges, but then you don't have to respect or contribute to it.