Context:
Permissive licenses (commonly referred to as "cuck licenses") like the MIT license allow others to modify your software and release it under an unfree license. Copyleft licenses (like the Gnu General Public License) mandate that all derivative works remain free.
Andrew Tanenbaum developed MINIX, a modular operating system kernel. Intel went ahead and used it to build Management Engine, arguably one of the most widespread and invasive pieces of malware in the world, without even as much as telling him. There's nothing Tanenbaum could do, since the MIT license allows this.
Erik Andersen is one of the developers of Busybox, a minimal implementation of that's suited for embedded systems. Many companies tried to steal his code and distribute it with their unfree products, but since it's protected under the GPL, Busybox developers were able to sue them and gain some money in the process.
Interestingly enough, Tanenbaum doesn't seem to mind what intel did. But there are some examples out there of people regretting releasing their work under a permissive license.
All my own OSS stuff I always release MIT licensed because I want to be able to use the libraries in my closed source job.
Be really careful with this.
Depending on how you contribute to your OSS code, commits you make on company time are considered property of the company. You could, unknowingly, be forcing your code to be closed source if your company ever decides to make a claim for it.
I prefer to keep things bifurcated. I never reuse my own library and if I do, I rewrite it whole cloth.
“Company time” doesn’t mean much to me, as a remote salaried worker with relatively flexible schedules. Not touching anything but work code from my company machine should be enough, as far as I could understand. Not a lawyer, though.
It will come down to the laws in your country and how much money you plan to spend on lawyers if your employer wants to force the issue.
If you're the copyright holder, nothing stops you from releasing your work under more than once license. It is not necessary to use permissive licensing; you are perfectly free to release your stuff to the general public with a copyleft license while also granting your company a separate license even with proprietary terms if you want.
Only until you have any other contributor, as you're then no longer the sole copyright holder. If you still want to work like that you'll need a CLA.
Sure, but I was taking "all my own OSS stuff" at face value.
Correct me if I'm wrong but if I start a project with a GPL and a custom proprietary license for use at work wouldn't that also apply to any contributions by 3rd parties later on to that projevt? Afaik only adding or switching licenses with existing 3rd party contributions is difficult without a CLA.
Kinda. IANAL, but here's my understanding: If you're explicitly dual-licensing and publish the proprietary license then contributions can be assumed to also follow the same dual licensing. You'd need to be extremely careful with writing the proprietary license though, since your business is now using non-employee proprietary code.
If you write "the copyright holder may choose to allow an entity to use this work", then you do actually need permission from every contributor. If you write "this work may be copied, modified and redistributed freely by Blah enterprises" now the business cannot be sold without losing access (or possibly have it's name changed). If you write "Neshura may freely copy, modify and redistribute this" then you can't be fired or move jobs without the company losing access.
You can also never ever change this license, since every contributor needs to agree. So if a mistake is made when writing it you're just fucked.
On the other hand with a CLA that transfers copyright ownership you don't need to dual-license at all since everything already belongs to the business. Much less risky.