Server Side Public License

The Server Side Public License (SSPL) is a source-available copyleft software license introduced by MongoDB Inc. in 2018.^[2][3]

Server Side Public License

Author	MongoDB Inc.
Published	16 October 2018
SPDX identifier	SSPL-1.0
Debian FSG compatible	No
FSF approved	No
OSI approved	No
GPL compatible	No[1]
Copyleft	Yes
Website	www.mongodb.com/licensing/server-side-public-license

It includes most of the text and provisions of the GNU Affero General Public License version 3 (AGPL v3),^[4] but modifies its provisions for software that is conveyed over a network—requiring that anyone who offers the functionality of SSPL-licensed software to third-parties as a service must release the entirety of their source code, including all software, APIs, and other software that would be required for a user to run an instance of the service themselves, under the SSPL. In contrast, the AGPL v3's equivalent provision covers only the licensed work itself.

The SSPL is not recognized as free software by the Open Source Initiative (OSI), Red Hat,^[5] or Debian^[6] as the aforementioned provision is discriminatory towards specific fields of use.^[3][7] Specifically, it is asserted that this is discriminatory against users of the software who use proprietary software within their stack, as the license requires the open-sourcing of every part interacting with the service, which under these circumstances might not be possible. This is in violation of criteria 6^[8] and 9^[9] of the Open Source Definition as used by the Open Source Initiative.

License terms

The SSPL is based on the GNU Affero General Public License (AGPL), with a modified Section 13 that requires that those making SSPL-licensed software available to third-parties (modified or not) as part of a "service" must release the source code for the entirety of the service, including without limitation all "management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available", under the SSPL.^[4] The chapter structure of the Server Side Public License is identical to that to the AGPL, except that the GPL preamble and application instructions are stripped from the license text.^[4]

MongoDB Inc. stated that Section 13 in the AGPL (which requires that those using the AGPL-licensed software over a network have the ability to obtain the source code for the software, as used) had an unclear scope, and that the SSPL's version "clearly and explicitly sets forth the conditions to offering the licensed program as a third-party service".^[3][10][11]

Licensed software

See also: Category:Software using the Server Side Public License

In October 2018, the MongoDB database was relicensed under the SSPL. Debian, Red Hat Enterprise Linux, and Fedora subsequently dropped MongoDB, citing concerns about the SSPL. Amazon released a partially compatible but proprietary service named DocumentDB.^[12][13]

In November 2020, Graylog announced that version 4.0 of its source-available release will be licensed under the SSPL.^[14]

In January 2021, Elastic NV announced that future versions of their code in Elasticsearch and Kibana, licensed until then under the open-source Apache License 2.0, would be dual-licensed instead under SSPL and their own Elastic license.^[15] Critics of the re-licensing decision predicted that it would harm Elastic's ecosystem, and Amazon responded with plans to fork the projects for continued development of versions licensed under the Apache License.^[16] Other users of the Elasticsearch ecosystem, led by Amazon Web Services, and including Logz.io, CrateDB, Red Hat and Aiven, also collaborated on the open source fork, leading to the creation of the OpenSearch software.^{[17][18][19][20]}

Redis moved away from the three-clause BSD license on March 20th, 2024.^[21] Users now have a choice between the SSPLv1 license and their own Redis Source Available License (RSALv2). This change in licensing upset many users, prompting The Linux Foundation to create a fork called Valkey, using Redis' final BSD-licensed iteration as a base.^[22]

Certification with OSI

In 2018, MongoDB submitted the license to the Open Source Initiative (OSI) for approval. The company withdrew its submission in 2019.^[23][24] In January 2021, following the re-licensing move by Elastic, OSI released a statement declaring that the SSPL does not comply with its Open Source Definition because it discriminates against specific fields of endeavor,^[8] describing it as a "fauxpen" source license.^[7]