Slashdot Mirror
MongoDB Switches Up Its Open-Source License (techcrunch.com)
MongoDB is taking action against cloud giants who are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. The company announced today that it has issued a new software license, the Server Side Public License (SSPL), "that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions," reports TechCrunch. From the report: For virtually all regular users who are currently using the community server, nothing changes because the changes to the license don't apply to them. Instead, this is about what MongoDB sees as the misuse of the AGPLv3 license. "MongoDB was previously licensed under the GNU AGPLv3, which meant companies who wanted to run MongoDB as a publicly available service had to open source their software or obtain a commercial license from MongoDB," the company explains. "However, MongoDB's popularity has led some organizations to test the boundaries of the GNU AGPLv3."
So while the SSPL isn't all that different from the GNU GPLv3, with all the usual freedoms to use, modify and redistribute the code (and virtually the same language), the SSPL explicitly states that anybody who wants to offer MongoDB as a service -- or really any other software that uses this license -- needs to either get a commercial license or open source the service to give back the community. "The market is increasingly consuming software as a service, creating an incredible opportunity to foster a new wave of great open source server-side software. Unfortunately, once an open source project becomes interesting, it is too easy for cloud vendors who have not developed the software to capture all of the value but contribute nothing back to the community," said Eliot Horowitz, the CTO and co-founder of MongoDB, in a statement. "We have greatly contributed to -- and benefited from -- open source and we are in a unique position to lead on an issue impacting many organizations. We hope this will help inspire more projects and protect open source innovation."
So while the SSPL isn't all that different from the GNU GPLv3, with all the usual freedoms to use, modify and redistribute the code (and virtually the same language), the SSPL explicitly states that anybody who wants to offer MongoDB as a service -- or really any other software that uses this license -- needs to either get a commercial license or open source the service to give back the community. "The market is increasingly consuming software as a service, creating an incredible opportunity to foster a new wave of great open source server-side software. Unfortunately, once an open source project becomes interesting, it is too easy for cloud vendors who have not developed the software to capture all of the value but contribute nothing back to the community," said Eliot Horowitz, the CTO and co-founder of MongoDB, in a statement. "We have greatly contributed to -- and benefited from -- open source and we are in a unique position to lead on an issue impacting many organizations. We hope this will help inspire more projects and protect open source innovation."
The SSPL to AGPL comparison makes it crystal clear that this new SSPL is a slightly modified AGPL, with the FSF copyright notice and preamble removed and a MongoDB copyright notice added in its place, with not much more than one section rewritten. Did the FSF give permission for this, and if not, by what logic would this be allowed?
Mongo is shit. UniFi uses the DB for its UniFi Controller application. I've seen more corruption with it than I care to keep track of; and all of it is the result of bad MongoDBs not mounting. There's ways of fixing it, but it's far easier to just shit-can the DB and start fresh with a backup of my config.
Life is not for the lazy.
AIUI, under SSPL if you now sell "MongoDB Instances" for people to connect to, and that you'll cover replication and backups for those MongoDB Instances them using some nifty new proprietary add-on you built, then you're going to need to open source that replication and backup code too.
I don't think this would cover some large SaaS provide that simply *uses* MongoDB on the backend, only one that's *selling* MongoDB instances as a service in and of itself.
unfortunately this subtle distinction makes SSPL a non-free license. debian for example will be forced to move mongodb and anything under this SSPL license into the "nonfree" distribution section, thus ensuring that it is excluded from use in all and any debian critical core-level services.
it's a particularly sad state of affairs - a reaction to unethical corporate spongeing - that a major prominent software team has to consider changing the license to a non-free one just to be able to pay their developers to keep working, whilst corporations all around them make hundreds of millions of dollars in profits, using their work??
it's a repeat of the exact same pattern of corporate exploitation that caused me to stop working on samba-tng and exchange 5.5 reverse-engineering, 18+ years ago.
haven't these pathological spongeing corporations learned yet from heartbleed, shellshock and the lessons of the gentoo developer that was $45k in debt and had to go work for microsoft, and the GPG developer that was $10k in debt??
I think it actually is the intention. They think they're at a point where they're embedded in enough places that they can change the license to make it impractical to use their product without paying for a proprietary license. Of course they still want to pay lip service to being open source, and get the benefits of the community fixing their bugs. We'll now get to see whether MongoDB the company is truly providing value. If they aren't, a community fork under the old license (can't retroactively cancel AGPL on existing versions) will eat their lunch.