Redis making licensing changes - we need to be mindful of this

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Redis making licensing changes - we need to be mindful of this

Joe Witt
Team,

https://issues.apache.org/jira/browse/LEGAL-402

Redis has made some licensing changes to some of their
code/libraries/products/etc.. The details of this aren't fully clear
to me.

But, what i'm flagging is whenever we update or interact with our
Redis bundle we'll need to check for any licensing changes that might
impact us.  if what we leverage is using this new license it will
almost certainly be officially listed as Category-X.  If it doesn't
then we remain fine.

So, to all those Redis fans out there that use NiFi integration with
it - lets be careful.

We have a redis distributed cache service.  If that is impacted we
will likely have to remove it from our releases going forward.  again,
only IF impacted.

Thanks
Reply | Threaded
Open this post in threaded view
|

Re: Redis making licensing changes - we need to be mindful of this

Matt Burgess-2
Joe,

Thanks for bringing this to our attention, definitely something to
keep aware of. I did some initial digging, it appears that the
"normal" Redis stuff is still Apache 2.0 licensed, and it appears that
will remain; also AFAICT we are only using the "normal" Redis bits via
spring-data-redis, but if that's not the case I expect SpringSource to
have something to say about this as well.

The RedisLabs folks have added the Commons Clause Restriction [1] to
their License, basically you can still do what you want with the code
but you can't sell it. They're making their special extensions
"source-available" but still want exclusive commercial rights to it.
The extensions [2] include RediSearch (full-text search of Redis),
redis-graph (graph extensions), rbloom (Bloom Filter extension),
rejson (JSON datatype), and redis-ml (Machine Learning). I don't
believe we're using any of these but as Joe said, if we touch Redis we
need to make sure everything is copacetic.

As always, if adding any new dependencies, this will be something to
watch closely for, since (as the LEGAL case mentions) it might look a
lot like an Apache 2.0 License but instead will be the worst kind
(Cat-X). DGraph [3] is an example of another project that uses this
clause.

Regards,
Matt

[1] https://commonsclause.com/
[2] https://github.com/RedisLabsModules
[3] https://github.com/dgraph-io/dgraph

On Wed, Aug 22, 2018 at 1:57 PM Joe Witt <[hidden email]> wrote:

>
> Team,
>
> https://issues.apache.org/jira/browse/LEGAL-402
>
> Redis has made some licensing changes to some of their
> code/libraries/products/etc.. The details of this aren't fully clear
> to me.
>
> But, what i'm flagging is whenever we update or interact with our
> Redis bundle we'll need to check for any licensing changes that might
> impact us.  if what we leverage is using this new license it will
> almost certainly be officially listed as Category-X.  If it doesn't
> then we remain fine.
>
> So, to all those Redis fans out there that use NiFi integration with
> it - lets be careful.
>
> We have a redis distributed cache service.  If that is impacted we
> will likely have to remove it from our releases going forward.  again,
> only IF impacted.
>
> Thanks