Elasticsearch licence change to SSPL

I know a lot of cfml people use this, please be aware of the recent problematic licence change

1 Like

Sigh… Looks like a game changer. Never used ElasticSearch, but I wanted (and still want) to experiment with Ortus Solutions new bug reporting framework
StacheBox module in a near future, which makes use of it. I’ve attended Ortus latam IntoTheBox conference, and it was really, really amazing stuff. Don’t know how this will affect this pretty new module which just have been introduced. Sad.

I haven’t used this, but AWS created their own distribution of ElasticSearch a few months ago: Open Distro for Elasticsearch | Open Distro which is, and I assume will stay Apache2 licensed. I think this distribution will end up being a fork, even though it was not intended to be. Assuming that Amazon Elasticsearch Service uses that distribution, I’d also assume that it would continue to get security fixes and updates.

Thanks for the heads up Zac, I hadn’t seen that yet.

Pete Freitag
Foundeo Inc.
Makers of CFML Security Tools: Fixinator, FuseGuard and HackMyCF

1 Like


I’m not an license expert. I’m Elasticsearch user since version 0.20 (when elastic, the company, not even exists).

The compromise to the open source community of the project and the company is out of any doubt in this almost, 10 years. The change to the SSPL license (the same that uses mongodb), as they say here Doubling down on open, Part II | Elastic Blog, is for protect from the companies that use the project to offer forks of elasticsearch as a service without contributing back to the project. For people that uses normally, nothing will change.

Elastic and Amazon doesn’t have good relations in the past: On "Open" Distros, Open Source, and Building a Company | Elastic Blog.

So, keeping an eye in any new movement, I will remain with the original.