MongoDB’s Server Side Public License was controversial when it was first announced back in October. But the team were, back then, confident that the new license met the Open Source Initiative’s approval criteria. However, things seem to have changed. The news that Red Hat was dropping MongoDB over the SSPL in January was a critical blow and appears to have dented MongoDB’s ambitions. Last Friday, Co-founder and CTO Eliot Horowitz announced that MongoDB had withdrawn its submission to the Open Source Initiative.
Horowitz wrote on the OSI approval mailing list that “the community consensus required to support OSI approval does not currently appear to exist regarding the copyleft provision of SSPL.” Put simply, the debate around MongoDB’s SSPL appears to have led its leadership to reconsider its approach.
Update: this article was amended 19.03.2019 to clarify that the Server Side Public License only requires commercial users (ie. X-as-a-Service products) to open source their modified code. Any other users can still modify and use MongoDB code for free.
What’s the purpose of MongoDB’s Server Side Public License?
The Server Side Public License was developed by MongoDB as a means of protecting the project from “large cloud vendors” who want to “capture all of the value but contribute nothing back to the community.” Essentially the license included a key modification to section 13 of the standard GPL (General Public License) that governs most open source software available today.
You can read the SSPL in full here , but this is the crucial sentence:
“If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License.”
This would mean that users are free to review, modify, and distribute the software or redistribute modifications to the software. It’s only if a user modifies or uses the source code as part of an as-a-service offering that the full service must be open sourced.
So essentially, anyone is free to modify MongoDB. It’s only when you offer MongoDB as a commercial service that the conditions of the SSPL state that you must open source the entire service.
What issues do people have with the Server Side Public License?
The logic behind the SSPL seems sound, and probably makes a lot of sense in the context of an open source landscape that’s almost being bled dry.
But it presents a challenge to the very concept of open source software where the idea that software should be free to use and modify – and, indeed, to profit from – is absolutely central.
Moreover, even if it makes sense as a way of defending open source projects from the power of multinational tech conglomerates, it could be argued that the consequences of the license could harm smaller tech companies. As one user on Hacker News explained back in October:
“Let [sic] say you are a young startup building a cool SaaS solution. E.g. A data analytics solution. If you make heavy use of MongoDB it is very possible that down the line the good folks at MongoDB come calling since ‘the value of your SaaS derives primarily from MongoDB…’ So at that point you have two options – buy a license from MongoDB or open source your work (which they can conveniently leverage at no cost).”
The Hacker News thread is very insightful on the reasons why the license has been so controversial. Another Hacker News user, for example, described the license as “either idiotic or malevolent.”
Read next: We need to encourage the meta-conversation around open source, says Nadia Eghbal [Interview]
What next for the Server Side Public License?
The license might have been defeated but Horowitz and MongoDB are still optimistic that they can find a solution. “We are big believers in the importance of open source and we intend to continue to work with these parties to either refine the SSPL or develop an alternative license that addresses this issue in a way that will be accepted by the broader FOSS community,” he said.
Whatever happens next, it’s clear that there are some significant challenges for the open source world that will require imagination and maybe even some risk-taking to properly solve.