> Plugin does things company's flagship product _could_ do (and it is _free_).
Yep, all kosher.
> Company reaches out to Plugin developer and they come to an agreement to add support for the flagship product into the Plugin, but the new support is _not_ enabled by default.
… and there's the problem, that's not what happened. First it's not entirely clear, but it's implied that they paid the developer to add support for Kite, that may or may not be OK, but at the very least it raises some questions. Secondly, they made Kite the default choice when installing the plugin, and also had some shady dark patterns in the chooser dialog to try to bias people towards using Kite while downplaying the risks it poses.
Even with all that, that's not what really got people furious, all that, although shady, isn't really wrong per say.
Where they went wrong, was when they then went out to a different plugin, that had nothing at all to do with the product the company was offering and shoehorned extra functionality into that plugin specifically for the purpose of showing their products ads to users. To be clear, they chose the plugin specifically because it was popular, not for any other reason, this was PURELY a marketing driven decision. Had they picked another plugin that did something similar, I.E. showing links to docs for libraries being imported, and then worked with that developer to link to their docs that showed the ads that might be one thing (still a bit shady), but no, they wanted to get the most ad impressions they could, so they added a completely unrelated feature into an existing plugin. Further muddying the waters, they didn't just "partner" with the developer for a "business relationship", they straight up hired the guy, which raises all kinds of questions about their relationship to this open source project.
This was a perfect storm of bad decisions, they started out making some questionable decisions, nobody really noticed and they got good results back, so they decided to crank it to 11, and then when people did notice and called them out on it they initially doubled down and then finally went into full damage control mode.
In the first case, the project maintainer/owner was asked to make the change, and it's implied possibly paid to do so. But as previously stated, that particular case wasn't that bad, since the only thing shady there was the use of some dark patterns to bias people towards Kite while somewhat obfuscating that it would disclose their source code.
In the second case, because they hired the project maintainer/owner, that made Kite effectively the project owner, and as was established, the thing people are really angry about was the second case. So yes, Kite is 100% to blame as the project owner (via hiring the project owner).
I suppose there are probably two lessons to learn here. First, if something is a major open source project that's widely used, it would be a good idea to make sure there are multiple project owners/maintainers with veto powers to keep each other in check. That wouldn't stop a company from hiring ALL the owners/maintainers on a particular project, but it would at least increase the difficulty, particularly if they were geographical distributed potentially forcing the company to work out employment in multiple countries.
Secondly, when a company acquires an open source project, they are obligated to follow the norms and expectations of the open source community, at least if they don't want to have said community complaining about (and eventually forking) their newly acquired project. Since presumably they found value in the project, it's in their best interest to not upset the community thereby reducing or destroying that value. As such, any action they take that could be construed as giving favor to their commercial products over others (particularly other open source products), or which would introduce ads into the project, need to be considered VERY carefully and great care needs to be taken around how those sorts of things are implemented and introduced. In particular making sure all your ducks are in a row by making sure you get buy in from a significant portion of the products user base before rolling the changes out.
sure, that's fine
> Plugin has users.
Still no problem here.
> Plugin does things company's flagship product _could_ do (and it is _free_).
Yep, all kosher.
> Company reaches out to Plugin developer and they come to an agreement to add support for the flagship product into the Plugin, but the new support is _not_ enabled by default.
… and there's the problem, that's not what happened. First it's not entirely clear, but it's implied that they paid the developer to add support for Kite, that may or may not be OK, but at the very least it raises some questions. Secondly, they made Kite the default choice when installing the plugin, and also had some shady dark patterns in the chooser dialog to try to bias people towards using Kite while downplaying the risks it poses.
Even with all that, that's not what really got people furious, all that, although shady, isn't really wrong per say.
Where they went wrong, was when they then went out to a different plugin, that had nothing at all to do with the product the company was offering and shoehorned extra functionality into that plugin specifically for the purpose of showing their products ads to users. To be clear, they chose the plugin specifically because it was popular, not for any other reason, this was PURELY a marketing driven decision. Had they picked another plugin that did something similar, I.E. showing links to docs for libraries being imported, and then worked with that developer to link to their docs that showed the ads that might be one thing (still a bit shady), but no, they wanted to get the most ad impressions they could, so they added a completely unrelated feature into an existing plugin. Further muddying the waters, they didn't just "partner" with the developer for a "business relationship", they straight up hired the guy, which raises all kinds of questions about their relationship to this open source project.
This was a perfect storm of bad decisions, they started out making some questionable decisions, nobody really noticed and they got good results back, so they decided to crank it to 11, and then when people did notice and called them out on it they initially doubled down and then finally went into full damage control mode.