With the recent licensing changes to several Redis Labs modules making them no longer free and open source, GNU/Linux distributions such as Debian and Fedora are no longer able to ship Redis Labs’ versions of the affected modules to their users.
As a result we have begun working together to create a set of module repositories forked from prior to the license change. We will maintain changes to these modules under their original open source licenses, applying only free and open fixes and updates.
We are committed to making these available under an open source license permanently and welcome community involvement.
Contribute to our GitHub repositories.
Share this page and spread the word about the “Commons Clause” more generally, for example by tweeting a link to this page.
It is conceivable that reimplementing or merging security-related fixes that are now released solely under the “Commons Clause” license could be problematic.
However, in our experience the vast majority of security fixes are trivial enough to be not subject to copyright law (eg. off-by-one-errors, calls to sanitise user input correctly, etc.). In contrast, fixes that are highly invasive (SPECTRE/Meltdown mitigation or the recent issues around various algorithms in GnuPG) which would be subject to copyright are relatively rare in comparison.
One exception could be the testcases to patches which are clearly of value in the security production cycle to prevent future regressions and to ensure you are actually fixing the issue at hand.
Please see the following links: