There has been a relicensing row brewing this month, and the details matter less than the pattern, because the pattern is the part that keeps happening. A project that a great many people built on top of, in good faith, under a permissive licence, decides that the licence it shipped under is no longer the licence it would like to have shipped under. Cue the threads, the forks, the lawyers, and the slow dawning realisation that "open source" was always partly a social contract and only partly a legal one.
I have a lot of sympathy for maintainers, genuinely. Watching a hyperscaler hoover up your work, run it as a managed service, and return nothing but a logo on a sponsors page is a special kind of demoralising. The economics of giving software away and hoping for goodwill have never quite closed, and pretending otherwise helps nobody. If a company changes a licence to survive, I am not going to stand here and tut.
the trust is the asset
But here is the thing the announcements always undersell. The code was never the only thing you were depending on. You were depending on the promise that the rules would not change underneath you. The moment that promise turns out to be revocable, everyone downstream has to reprice their dependency, and the new price includes a permanent risk premium. That premium does not go away when the drama dies down. It sits in every future "should we adopt this" conversation, forever.
I had this exact discussion with a colleague this week. We were evaluating a library, it was excellent, it did precisely what we needed, and the meeting ended with "but what stops them doing a relicence on us in two years". Nothing stops them. So we hedged, we wrapped it behind an interface, we kept the fork instructions in the README. All of that is friction the project's owners imposed on us without meaning to, just by demonstrating that the floor could move.
what actually rebuilds it
The fixes are unglamorous and slow. A foundation that holds the trademark and the licence at arm's length. A genuinely permissive core with the commercial bits clearly separated, so nobody feels bait-and-switched. Above all, telling people the deal up front, in plain language, before they have wired you into their stack. "This is dual-licensed, here is exactly what the open part guarantees you in perpetuity" is a sentence that buys an enormous amount of forgiveness.
Trust is cheap to spend and expensive to earn back, and the internet has a long memory for the projects that learned that the hard way. I will keep using open source, obviously. I will just keep reading the licence first, and keeping the fork button in view. That is not cynicism. After a few of these, it is simply doing the job properly.