Server Side Public License

Last updated

Server Side Public License
Author MongoDB Inc.
Published16 October 2018
SPDX identifierSSPL-1.0
Debian FSG compatible No
FSF approved No
OSI approved No
GPL compatible No [1]
Copyleft Yes
Website www.mongodb.com/licensing/server-side-public-license

The Server Side Public License (SSPL) is a source-available copyleft software license introduced by MongoDB Inc. in 2018. [2] [3]

Contents

It includes most of the text and provisions of the GNU Affero General Public License version 3 (AGPL v3), [4] but modifies its provisions for software that is conveyed over a network—requiring that anyone who offers the functionality of SSPL-licensed software to third-parties as a service must release the entirety of their source code, including all software, APIs, and other software that would be required for a user to run an instance of the service themselves, under the SSPL. In contrast, the AGPL v3's equivalent provision covers only the licensed work itself.

The SSPL is not recognized as free software by the Open Source Initiative (OSI), Red Hat, [5] and Debian [6] as the aforementioned provision is discriminatory towards specific fields of use. [3] [7] Specifically, this is discriminatory against users of the software that use proprietary software within their stack, as the license requires the open-sourcing of every part interacting with the service, which under these circumstances might not be possible. This is in violation of Points 6 [8] and 9 [9] of the Open Source Definition as used by the Open Source Initiative.

License terms

The SSPL is based on the GNU Affero General Public License (AGPL), with a modified Section 13 that requires that those making SSPL-licensed software available to third-parties (modified or not) as part of a "service" must release the source code for the entirety of the service, including without limitation all "management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available", under the SSPL. [4] The chapter structure of the Server Side Public License is identical to that to the AGPL, except that the GPL preamble and application instructions are stripped from the license text. [4]

MongoDB Inc. stated that Section 13 in the AGPL (which requires that those using the AGPL-licensed software over a network have the ability to obtain the source code for the software, as used) had an unclear scope, and that the SSPL's version "clearly and explicitly sets forth the conditions to offering the licensed program as a third-party service". [3] [10] [11]

Licensed software

In October 2018, the MongoDB database was relicensed under the SSPL. Debian, Red Hat Enterprise Linux, and Fedora subsequently dropped MongoDB, citing concerns about the SSPL. Amazon released a partially compatible but proprietary service named DocumentDB. [12] [13]

In November 2020, Graylog announced that version 4.0 of its source-available release will be licensed under the SSPL. [14]

In January 2021, Elastic NV announced that future versions of their code in Elasticsearch and Kibana, licensed until then under the open-source Apache License 2.0, would be dual-licensed instead under SSPL and their own Elastic license. [15] Critics of the re-licensing decision predicted that it would harm Elastic's ecosystem, and Amazon responded with plans to fork the projects for continued development of versions licensed under the Apache License. [16] Other users of the Elasticsearch ecosystem, led by Amazon Web Services, and including Logz.io, CrateDB, Red Hat and Aiven, also collaborated on the open source fork, leading to the creation of the OpenSearch software. [17] [18] [19] [20]

Redis moved away from the three-clause BSD license on March 20th, 2024. [21] Users now have a choice between the SSPLv1 license and their own Redis Source Available License (RSALv2). This change in licensing upset many users, prompting The Linux Foundation to create a fork called Valkey, using Redis' final BSD-licensed iteration as a base. [22]

Certification with OSI

In 2018, MongoDB submitted the license to the Open Source Initiative (OSI) for approval. The company withdrew its submission in 2019. [23] [24] In January 2021, following the re-licensing move by Elastic, OSI released a statement declaring that the SSPL does not comply with its Open Source Definition because it discriminates against specific fields of endeavor, [8] describing it as a "fauxpen" source license. [7]

Related Research Articles

Berkeley DB (BDB) is an embedded database software library for key/value data, historically significant in open-source software. Berkeley DB is written in C with API bindings for many other programming languages. BDB stores arbitrary key/data pairs as byte arrays and supports multiple data items for a single key. Berkeley DB is not a relational database, although it has database features including database transactions, multiversion concurrency control and write-ahead logging. BDB runs on a wide variety of operating systems, including most Unix-like and Windows systems, and real-time operating systems.

<span class="mw-page-title-main">Open-source license</span> Software license allowing source code to be used, modified, and shared

Open-source licenses are software licenses that allow content to be used, modified, and shared. They facilitate free and open-source software (FOSS) development. Intellectual property (IP) laws restrict the modification and sharing of creative works. Free and open-source licenses use these existing legal structures for an inverse purpose. They grant the recipient the rights to use the software, examine the source code, modify it, and distribute the modifications. These criteria are outlined in the Open Source Definition.

<span class="mw-page-title-main">Apache License</span> Free software license

The Apache License is a permissive free software license written by the Apache Software Foundation (ASF). It allows users to use the software for any purpose, to distribute it, to modify it, and to distribute modified versions of the software under the terms of the license, without concern for royalties. The ASF and its projects release their software products under the Apache License. The license is also used by many non-ASF projects.

The Open Software License (OSL) is a software license created by Lawrence Rosen. The Open Source Initiative (OSI) has certified it as an open-source license, but the Debian project judged version 1.1 to be incompatible with the DFSG. The OSL is a copyleft license, with a termination clause triggered by filing a lawsuit alleging patent infringement.

In computing, the Common Public License (CPL) is a free software / open-source software license published by IBM. The Free Software Foundation and Open Source Initiative have approved the license terms of the CPL.

The Apple Public Source License (APSL) is the open-source and free software license under which Apple's Darwin operating system was released in 2000. A free and open-source software license was voluntarily adopted to further involve the community from which much of Darwin originated.

Source-available software is software released through a source code distribution model that includes arrangements where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. The licenses associated with the offerings range from allowing code to be viewed for reference to allowing code to be modified and redistributed for both commercial and non-commercial purposes.

This comparison only covers software licenses which have a linked Wikipedia article for details and which are approved by at least one of the following expert groups: the Free Software Foundation, the Open Source Initiative, the Debian Project and the Fedora Project. For a list of licenses not specifically intended for software, see List of free-content licences.

The ISC license is a permissive free software license published by the Internet Software Consortium, now called Internet Systems Consortium (ISC). It is functionally equivalent to the simplified BSD and MIT licenses, but without language deemed unnecessary following the Berne Convention.

The Common Public Attribution License ("CPAL") is a free software license approved by the Open Source Initiative in 2007. Its purpose is to be a general license for software distributed over a network. It is based on the Mozilla Public License, but it adds an attribution term paraphrased below:

[…] the Original Developer may include […] a requirement that each time an Executable and Source Code or a Larger Work is launched or initially run […] a prominent display of the Original Developer's Attribution Information […] must occur on the graphic user interface employed by the end user to access such Covered Code […]

<span class="mw-page-title-main">GNU Affero General Public License</span> Free software license based on the AGPLv1 and GPLv3

The GNU Affero General Public License is a free, copyleft license published by the Free Software Foundation in November 2007, and based on the GNU GPL version 3 and the Affero General Public License (non-GNU).

<span class="mw-page-title-main">Free-software license</span> License allowing software modification and redistribution

A free-software license is a notice that grants the recipient of a piece of software extensive rights to modify and redistribute that software. These actions are usually prohibited by copyright law, but the rights-holder of a piece of software can remove these restrictions by accompanying the software with a software license which grants the recipient these rights. Software using such a license is free software as conferred by the copyright holder. Free-software licenses are applied to software in source code and also binary object-code form, as the copyright law recognizes both forms.

MongoDB is a source-available, cross-platform, document-oriented database program. Classified as a NoSQL database product, MongoDB utilizes JSON-like documents with optional schemas. MongoDB is developed by MongoDB Inc. and current versions are licensed under the Server Side Public License (SSPL). MongoDB is a member of the MACH Alliance.

Redis is a source-available, in-memory storage, used as a distributed, in-memory key–value database, cache and message broker, with optional durability. Because it holds all data in memory and because of its design, Redis offers low-latency reads and writes, making it particularly suitable for use cases that require a cache. Redis is the most popular NoSQL database, and one of the most popular databases overall. Redis is used in companies like Twitter, Airbnb, Tinder, Yahoo, Adobe, Hulu, Amazon and OpenAI.

<span class="mw-page-title-main">Open-core model</span> Business model monetizing commercial open-source software

The open-core model is a business model for the monetization of commercially produced open-source software. The open-core model primarily involves offering a "core" or feature-limited version of a software product as free and open-source software, while offering "commercial" versions or add-ons as proprietary software. The term was coined by Andrew Lampitt in 2008.

<span class="mw-page-title-main">Elasticsearch</span> Search engine

Elasticsearch is a search engine based on the Lucene library. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. Elasticsearch is developed in Java and is dual-licensed under the (source-available) Server Side Public License and the Elastic license, while other parts fall under the proprietary (source-available) Elastic License. Official clients are available in Java, .NET (C#), PHP, Python, Ruby and many other languages. According to the DB-Engines ranking, Elasticsearch is the most popular enterprise search engine.

<span class="mw-page-title-main">Redis (company)</span> American based private computer software company

Redis Ltd. is an Israeli private computer software company headquartered in Mountain View, California. Redis is the sponsor of the source-available in-memory NoSQL database of the same name and the provider of Redis Enterprise software, cloud services, and tools for global companies. The company’s research and development center is based in Tel Aviv and it has additional offices in London, Austin, and Bengaluru.

OpenSearch is a family of software consisting of a search engine, and OpenSearch Dashboards, a data visualization dashboard for that search engine. The software started in 2021 as a fork of Elasticsearch and Kibana, with development led by Amazon Web Services.

References

  1. Section 13 of the licence: "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Program or modified version."
  2. "Server Side Public License (SSPL)". MongoDB. Retrieved January 14, 2021.
  3. 1 2 3 "Server Side Public License FAQ". MongoDB. Retrieved April 27, 2021.
  4. 1 2 3 Ward, Sarah. "SSPL compare to AGPL" (PDF).
  5. "MongoDB's licensing changes led Red Hat to drop the database from the latest version of its server OS". GeekWire. January 16, 2019. Archived from the original on October 23, 2021. Retrieved February 26, 2024.
  6. Lamb, Chris (December 5, 2018). "MongoDB SSPL v1 license and the DFSG". Debian Bug report logs (Mailing list). Debian. Archived from the original on February 26, 2024. Retrieved February 26, 2024. However, the SSPL is clearly not in the sprit of the DFSG, yet alone complimentary to the Debian's goals of promoting software or user freedom. In light of this, the Project does not consider that software licensed under the SSPL to be suitable for inclusion in the Debian archive.
  7. 1 2 OSI Board of Directors (January 19, 2021). "The SSPL is Not an Open Source License". Open Source Initiative. Archived from the original on December 4, 2022. Retrieved February 19, 2023.
  8. 1 2 Perens, Bruce (February 17, 2019). "[License-review] Approval: Server Side Public License, Version 2 (SSPL v2)". License Review Mailing List of the Open Source Initiative (Mailing list). Open Source Initiative. Archived from the original on April 11, 2023. Retrieved March 29, 2024. Section 13 is very obviously intended to be a restriction against the field of endeavor of offering the software as a service, and thus not in compliance with OSD #6.
  9. Perens, Bruce (February 17, 2019). "[License-review] Approval: Server Side Public License, Version 2 (SSPL v2)". License Review Mailing List of the Open Source Initiative (Mailing list). Open Source Initiative. Archived from the original on April 11, 2023. Retrieved March 29, 2024. it doesn't appear that you've addressed the main problem with the license, which is that it attempts to encumber entirely separate programs which are simply used together with the licensed program.
  10. Baer, Tony. "It's MongoDB's turn to change its open source license". ZDNet. Archived from the original on October 31, 2018. Retrieved October 16, 2018.
  11. "MongoDB switches up its open source license". TechCrunch. Archived from the original on October 16, 2018. Retrieved October 16, 2018.
  12. Vaughan-Nichols, Steven J. "MongoDB "open-source" Server Side Public License rejected". ZDNet. Retrieved January 14, 2021.
  13. "#915537 - MongoDB SSPL v1 license and the DFSG - Debian Bug report logs". bugs.debian.org. Retrieved January 14, 2021.
  14. "Graylog v4.0 Licensing SSPL | Graylog". www.graylog.org. Retrieved January 14, 2021.
  15. "Doubling down on open, Part II". Elastic Blog. January 14, 2021. Retrieved January 15, 2021.
  16. "'It's not OK': Elastic takes aim at AWS, at the risk of major collateral damage". Protocol — The people, power and politics of tech. January 21, 2021. Retrieved January 22, 2021.
  17. Vaughan-Nichols, Steven J. "AWS, as predicted, is forking Elasticsearch". ZDNet. Retrieved January 28, 2021.
  18. "CrateDB Doubling Down on Permissive Licensing and the Elasticsearch Lockdown". CrateDB. January 27, 2021. Retrieved January 28, 2021.
  19. "Momentum Builds to Break Elasticsearch Licensing Deadlock". Datanami. January 25, 2021. Retrieved January 31, 2021.
  20. Vaughan-Nichols, Steven (April 13, 2021). "OpenSearch: AWS rolls out its open source Elasticsearch fork". TechRepublic. Retrieved September 3, 2021.
  21. Trollope, Rowan (March 20, 2024). "Redis Adopts Dual Source-Available Licensing". Redis. Retrieved March 29, 2024.
  22. "Linux Foundation Launches Open Source Valkey Community". www.linuxfoundation.org. Retrieved March 29, 2024.
  23. Horowitz, Eliot. "[Email thread reply] Approval: Server Side Public License, Version 2 (SSPL v2)" . Retrieved January 23, 2021.
  24. Gall, Richard (March 12, 2019). "MongoDB withdraws controversial Server Side Public License from the Open Source Initiative's approval process". Packt Hub. Retrieved January 14, 2021.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.