Let’s talk about SSPL
The SSPL (Server Side Public License) is a software license created by MongoDB, Inc. The SSPL is designed to ensure that companies that offer MongoDB’s database software as a service (DBaaS), contribute back to the open source community.
The SSPL is a copyleft license that requires any organization that offers MongoDB as a service to release the source code of the entire service under the SSPL as well. This is different from true open source licenses, which only require modifications to the original software to be released under the same license.
The SSPL has generated controversy within the open source community, since it is not truly an open source license and violates the spirit of open source. Some organizations, such as Red Hat, have announced that they will not include software licensed under the SSPL in their distributions.
SSPL…
-
Limits your choices
The SSPL could limit the availability of open-source software for cloud-based services, as some cloud providers may choose to avoid using SSPL-licensed software due to the restrictions of the license. This could limit the options available to average users who rely on cloud-based services and could make it more difficult to access certain types of software.
-
Kills innovation
If different companies are required to open source their own software under different licenses, it could create complexity and confusion for users and developers. This could make it more difficult to build on open-source software and could slow innovation in the ecosystem.
-
Raises your costs
If cloud providers are required to open source their own software under the SSPL, it could increase the costs of providing cloud-based services. These costs could be passed on to users in the form of higher prices for cloud-based services. Smaller providers with lower negotiating power may not be able to provide SSPL software as a service, limiting competition.
-
Locks you in
If a particular cloud provider is the only one offering a particular service that is based on open-source software licensed under the SSPL, it could create a risk of vendor lock-in for users. If users rely on that service and the provider changes the terms of the license or discontinues the service, it could be difficult for users to switch to a different provider or alternative service.
The History of SSPL
The SSPL (Server Side Public License) was created by MongoDB, Inc., the company behind the popular MongoDB database software, and was first released in October 2018. MongoDB was originally licensed under the AGPL (Affero General Public License), a strong copyleft license that requires any modifications or derivative works of the software to be released under the same license. However, MongoDB felt that the AGPL did not adequately address the issue of cloud service providers using their software without contributing back to the open source community, and so they developed the SSPL as a way to ensure that any organizations offering MongoDB as a service would be required to release their modifications under the same license. The SSPL has generated controversy within the open source community, with some arguing that it is not truly open source and others supporting its use as a way to ensure that cloud providers contribute back to the community.
How does SSPL affect Open Source?
The SSPL is considered by many, including us here at FerretDB, to be dangerous to open source for several reasons. First and foremost, the SSPL’s copyleft provisions require any software that uses the licensed code in a network server or cloud environment to be released under the same license. For example, if MongoDB as a database is part of a SaaS application, the application itself should be released under SSPL as well. This requirement can discourage companies from using or contributing to open source projects that use the SSPL, and may create divisions within the open source community.
In addition to its copyleft provisions, the SSPL is not currently recognized as an open source license by the Open Source Initiative (OSI), which is the organization responsible for maintaining the Open Source Definition. This lack of recognition could further discourage adoption of the license and limit its potential impact within the open source community.
Another reason why the SSPL is considered dangerous to open source is that its requirements could discourage commercial use of the software, particularly in the context of cloud or network server environments. This is because the SSPL’s requirements make it difficult for companies to use the software without also releasing their own code under the same license. For companies that rely on proprietary software or trade secrets, this requirement may be unacceptable.
The SSPL has also been criticized for being a divisive license that could create divisions within the open source community. Because the SSPL is a relatively new license that is not widely recognized, some have suggested that it represents a departure from the traditional principles of the open source movement, which is based on the idea of collaboration and sharing of software code.
Overall, the SSPL’s copyleft provisions, lack of recognition as an open source license, potential impact on commercial use, and divisive nature all contribute to the perception that the SSPL is dangerous to open source. As a result, developers and companies may want to carefully consider the potential risks and implications of using the SSPL before deciding to adopt it for their own software or contribute to projects that use the license.
Why You Shouldn't Use SSPL-Licensed Software
One potential risk of using SSPL-licensed software is that the copyleft provisions could make it difficult for you to use or incorporate the software into your own products or services. This is particularly true if you rely on proprietary software or trade secrets that you do not want to release under the same license. In these cases, the requirements of the SSPL could make it impossible to use the software in a way that aligns with your business needs.
Another potential risk of using SSPL-licensed software is that the license is not widely recognized as an open source license. This means that some organizations and developers may be hesitant to use or contribute to projects that use the SSPL. The lack of recognition could limit the potential impact and adoption of the software, which could be problematic if you are relying on the software to meet your business or technical needs.
Finally, it’s important to note that there are alternative options for open source software licensing that may be better suited to your needs. There are many widely recognized and accepted open source licenses available that offer more flexibility and fewer restrictions than the SSPL. Before deciding to use software that is licensed under the SSPL, it’s worth considering these alternative options and weighing the benefits and risks of each.