Language Selection

English French German Italian Portuguese Spanish

MongoDB Becomes Less Affero GPL-Like

Filed under
Server
OSS
Legal
  • Fed up with cloud giants ripping off its database, MongoDB forks new open-source license

    After Redis Labs relicensed the modules it developed to complement its open-source database, from AGPL to Apache v2.0 with a Commons Clause, the free-software community expressed dismay.

    And, inevitably, some responded by forking the affected code.

    Today, the maker of another open source database, MongoDB, plans to introduce a license of its own to deal with the issue cited by Redis: cloud service providers that sell hosted versions of open-source programs – such as Redis and MongoDB database servers – without offering anything in return.

    "Once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community," said Dev Ittycheria, CEO of MongoDB, in a phone interview with The Register.

    Ittycheria pointed to cloud service providers such as Alibaba, Tencent, and Yandex. Those companies, he claims, are testing the boundaries of the AGPL by benefiting from the work of others while failing to share their code.

  • MongoDB switches up its open-source license

    MongoDB is a bit miffed that some cloud providers — especially in Asia — are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. To combat this, MongoDB today announced it has issued a new software license, the Server Side Public License (SSPL), that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions.

    Previously, MongoDB used the GNU AGPLv3 license, but it has now submitted the SSPL for approval from the Open Source Initiative.

  • MongoDB license could push open source deeper into cloud: Is this what industry needs?

    Things just got serious in open source land. Despite the occasional Commons Clause or Fair Source licensing attempt to change the meaning of the words "open source" to include "the right for a private company to make money from its open source efforts," we've stuck to the Open Source Definition, and it has served us well. Open source communities have become the center of the innovation universe, giving us exceptional code like Linux, Kubernetes, Apache Kafka, and more.

  • It's MongoDB's turn to change its open source license

    The old maxim that the nice thing about standards is that there are so many to choose from could well apply to open source licensing. While now nearing a couple years old, the last WhiteSource Software survey of the top 10 open source licenses found close competition between the GPL, MIT, and Apache licenses. While the commercial-friendly Apache license has dominated the world of big data platforms and AI frameworks, MIT and GPL (which has "copyleft" provisions requiring developers to contribute back all modifications and enhancements) continues to be popular. GPL and variants such as the AGPL have been popular amongst vendors that seek to control their own open source projects, like MongoDB.

  • Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License

    MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

    "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

    “Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available."

    MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:"We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI."

    At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

"submitted the SSPL... approval from the Open Source Initiative"

Bradley M. Kuhn's Take

    • Bradley M. Kuhn: Toward Community-Oriented, Public & Transparent Copyleft Policy Planning

      More than 15 years ago, Free, Libre, and Open Source Software (FLOSS) community activists successfully argued that licensing proliferation was a serious threat to the viability of FLOSS. We convinced companies to end the era of “vanity” licenses. Different charities — from the Open Source Initiative (OSI) to the Free Software Foundation (FSF) to the Apache Software Foundation — all agreed we were better off with fewer FLOSS licenses. We de-facto instituted what my colleague Richard Fontana once called the “Rule of Three” — assuring that any potential FLOSS license should be met with suspicion unless (a) the OSI declares that it meets their Open Source Definition, (Cool the FSF declares that it meets their Free Software Definition, and (c) the Debian Project declares that it meets their Debian Free Software Guidelines. The work for those organizations quelled license proliferation from radioactive threat to safe background noise. Everyone thought the problem was solved. Pointless license drafting had become a rare practice, and updated versions of established licenses were handled with public engagement and close discussion with the OSI and other license evaluation experts.

      Sadly, the age of license proliferation has returned. It's harder to stop this time, because this isn't merely about corporate vanity licenses. Companies now have complex FLOSS policy agendas, and those agendas are not to guarantee software freedom for all. While it is annoying that our community must again confront an old threat, we are fortunate the problem is not hidden: companies proposing their own licenses are now straightforward about their new FLOSS licenses' purposes: to maximize profits.

      Open-in-name-only licenses are now common, but seem like FLOSS licenses only to the most casual of readers. We've succeeded in convincing everyone to “check the OSI license list before you buy”. We can therefore easily dismiss licenses like Common Clause merely by stating they are non-free/non-open-source and urging the community to avoid them. But, the next stage of tactics have begun, and they are harder to combat. What happens when for-profit companies promulgate their own hyper-aggressive (quasi-)copyleft licenses that seek to pursue the key policy goal of “selling proprietary licenses” over “defending software freedom”? We're about to find out, because, yesterday, MongoDB declared themselves the arbiter of what “strong copyleft” means.

Late coverage of this

  • MongoDB introduces the Server Side Public License for open source

    Recently, a group of disgruntled developers and companies took to the Commons Clause as a way to protect their open-source work. However, this caused great controversy within the open-source industry because the clause added restrictions to open-source licenses, therefore violating the accepted definition of open source as well as the guidelines for the Open Source Initiative’s (OSI) approved open-source licenses, according to Vicky Brasseur, vice president of the OSI.

A week later again

  • MongoDB Changes License

    MongoDB has revamped its open source license type in an attempt to prevent commercial organizations in Asia using the database commercially without sticking to the open source rules.

    The problem MongoDB has had is that some cloud service providers have been offering the Community Edition of its database as a service to clients. In a bid to prevent this happening, the database company has issued a new software license called the Server Side Public License (SSPL). This will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions. Until now, MongoDB has been using the GNU AGPLv3 license.

    In practical terms, this doesn't make a lot of difference to most users as the changes to the license terms don't apply to them. The changes are only designed to apply to companies who want to run MongoDB as a publicly available service.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

WiFi Goes Open

For most people, adding WiFi to a project means grabbing something like an ESP8266 or an ESP32. But if you are developing your own design on an FPGA, that means adding another package. If you are targeting Linux, the OpenWifi project has a good start at providing WiFi in Verilog. There are examples for many development boards and advice for porting to your own target on GitHub. You can also see one of the developers, [Xianjun Jiao], demonstrate the whole thing in the video below. The demo uses a Xilinx Zynq, so the Linux backend runs on the Arm processor that is on the same chip as the FPGA doing the software-defined radio. We’ll warn you that this project is not for the faint of heart. If you want to understand the code, you’ll have to dig into a lot of WiFi trivia. Read more

Kernel: Linux 5.8, Linux 5.7, FSGSBASE and HWMON

  • Improved EXT4 + XFS DAX Implementation Appears Ready To Go For Linux 5.8

    Adding to the expected changes for Linux 5.8 is improved EXT4 and XFS file-system direct access "DAX" support. DAX is the means of direct access to files backed by persistent memory (such as Intel Optane DC Persistent Memory) without needing to be copied via the page cache. Thus DAX bypasses that extra copy for reads/writes to the storage device and mapping the storage device directly into user-space.

  • The Top Linux 5.7 Features From Apple Fast Charge To Official Tiger Lake Graphics

    Assuming no last minute concerns, the Linux 5.7 kernel is set to debut as stable this weekend. Given all the weeks since the merge window and our many articles covering all the feature activity at that point (and not to be confused with our activity of new work being queued for the upcoming Linux 5.8 cycle), here is a look back at some of the top features of the Linux 5.7 kernel. Among the most interesting new features and improvements for Linux 5.7 include: - Intel Tiger Lake "Gen12" graphics are now enabled by default in being deemed stable enough for out-of-the-box support where as on prior kernels the support at the time was hidden behind a kernel module parameter.

  • Performance-Helping FSGSBASE Patches Spun For Linux A 13th Time

    The FSGSBASE Linux kernel patches that have the potential of helping performance going back to Intel Ivy Bridge era CPUs in select workloads have now hit their 13th revision to the series in the long-running effort to getting this support mainlined.

  • Linux's Hardware Monitoring "HWMON" Picking Up Notification Support

    In addition to the AMD Zen "amd_energy" driver coming for Linux 5.8, another late change now queued into hwmon staging is introducing notification support for the hardware monitoring subsystem. HWMON subsystem maintainer and Google employee Guenter Roeck has queued up notification support for this subsystem. This serves as a generic notification mechanism not only to notify user-space but also the thermal subsystem for any HWMON driver events. In the HWMON context, these events could be important like warnings/critical alarms over detected temperatures or voltages for different components.

Linux on Devices and Open Hardware/Modding

  • Developing Qt5 applications natively on Wind River Linux

    Wind River Linux provides the technologies essential to building a flexible, stable, and secure platform for your embedded devices. Based on OpenEmbedded releases from the Yocto Project, it is designed to let you customize your platform to include only the packages and features you need. Powered by bitbake, it provides the ability to build an entire Linux distribution from source by following repeatable recipes. This is really powerful, but can be foreign to application developers that already have a workflow they are comfortable with. Developers building graphical user interfaces (GUI) have their own set of tools that they rely on. Often they prefer to use an Integrated Development Environment (IDE) tailored to the language and frameworks they are working with. Typically this IDE and the tools it uses are running natively on the same platform they are building for. Fortunately, these developers can still do this on Wind River Linux. This tutorial describes building Wind River Linux with the GCC toolchain and Qt Creator included to enable native application development.

  • Udoo Bolt Gear mini-PC launches with Ryzen V1000 Udoo Bolt SBC

    Seco has launched a $399 “Udoo Bolt Gear” mini-PC kit built around its Ryzen Embedded V1000 based Udoo Bolt SBC. The $399 kit includes a metal case, 65W adapter, and a WiFi/BT M.2 card. A growing number of open-spec, community-backed SBCs ship with optional. and in some cases, standard enclosures, but most of these are simple plastic cases. Seco’s new Udoo Bolt Gear mini-PC, which is based on its Udoo Bolt SBC, provides a metal case, a power adapter, US and EU cables, a VESA mount, and a WiFi/BT kit. There are also plenty of vents to help the SBC’s standard fan cool AMD’s Ryzen Embedded V1000 SoC. [...] The Bolt and the Bolt Gear are further equipped with an Arduino Leonardo compatible Microchip Atmega32U4 MCU. The MCU can be used for robotics and other real-time applications. It can also be configured to run while the system is turned off and then turn on the computer based on trigger input.

  • Ultra-narrow DipDuino Arduino Compatible Board is a Perfect Breadboard Companion

    We previously wrote about a uChip DIP-sized Arduino Zero compatible board with 0.3″ spacing between the two rows of pins making it perfect for breadboards as it left four rows on each side of the breadboard. There’s now another similar option with the appropriately named DipDuino board equipped with a Microchip Atmega328P MCU compatible with Arduino Pro or Pro Mini boards.

  • Using Photoresistor From Raspberry PI To Detect Light

    Photoresistor (also known as photocell) is a Light Dependent Resistor (LDR). As the name suggests, this components act just like a resistor, changing its resistance in response to how much light is falling on it. Ususally, photoresistors have a very high resistance in near darkness and a very low resistance in bright ligh. This component is used to manage electronic or electric devices to answer light conditions enabling or disabling functions. Photoresistors are analogic components. So it can be used with microcontrollers having analogic inputs (like Arduino) to read light level. Unfortunately, Raspberry PI has only digital inputs (with threshold between High and Low being around 1V). This means that, without specific analogic-to-digital hardware, we’ll be able only to read if light is high or low.

SUSE: Mainframe at Home, INNOVATORS Project and YaST Development Sprints 99 and 100

  • Developing Software for Linux on Mainframe at Home

    When developing for architectures that are not mainstream, developers often have challenges to get access to current systems that allow to work on a specific software. Especially when asking to fix an issue that shows up only on big endian hardware, the answer I repeatedly get is, that it’s hard to get access to an appropriate machine. I just recently saw reports that told that the qemu project made substantial progress with supporting more current Mainframe hardware. Thus I thought, how hard could it be to create a virtual machine that allows to develop for s390x on local workstation hardware. It turned out to be much easier than I thought. First, I did a standard install of tumbleweed for s390x, which went quite easy. But then I remembered that also the OBS supports emulators, and specifically qemu to run virtual machines.

  • openSUSE for INNOVATORS Project is born

    It is with great enthusiasm that I announce the INNOVATORS for openSUSE project, is an initiative to share projects, articles and news about innovative projects on the openSUSE platform developed by the community and public and private companies. All information on this wiki is related to innovative projects that use augmented reality technology, artificial intelligence, computer vision, robotics, virtual assistants and any and all innovative technology (in all hardware plataforms ).

  • Highlights of YaST Development Sprints 99 and 100

    One hundred development sprints, that’s a nice rounded number… and a good moment to rethink the way we write and publish our reports. Yes, you read it right. This post will be the last one following our traditional format, assuming something can already be called “traditional” after four and a half years. As we will explain at the end of this post, subsequent reports will look more as a digest with links to information and not that much as a traditional blog post that tries to tell a story.