OpenSource Risk Experts
Map your blast radius

RELICENSING

Why Open Source Projects Are Relicensing

By OpenSource Risk Experts  ·  May 17, 2026

Why open source projects are relicensing is a question that has moved from a niche licensing debate to a board level concern, because the answer determines whether software you depend on will still be free to run next year. The short version is commercial. A wave of widely used projects, many of them backed by a single company, has shifted from open source licenses to source available terms to defend revenue against cloud competition. The code stays visible. The right to use it competitively narrows. This article explains the pressures that drive the move and what each one means for the enterprise that runs the software.

We write from the buyer side, as an independent advisory paid only by the buyer. This is not legal advice. For interpretation of any license, we point you to your own counsel. The aim here is to make the vendor's motive legible, so your response is grounded rather than reactive.

The cloud competition that started the wave

The dominant driver is the managed service. A company builds an open source project, invests heavily in it, and gathers a large user base. A cloud provider then offers that same software as a paid, fully managed service, capturing recurring revenue without bearing the development cost. The original vendor sees its core asset monetized by a far larger competitor, with the open source license providing no way to object. Relicensing to a source available license is the lever that restricts this specific use, allowing the source to remain public while denying competitors the right to sell it as a service.

This is the through line in the recent moves. Elasticsearch and Kibana moved to the Server Side Public License and the Elastic License as of 2021, with the managed service question central to the decision, and the AWS led fork OpenSearch emerged in response. MongoDB moved to the Server Side Public License in 2018 for the same reason. Redis moved to the RSALv2 and the Server Side Public License as of March 2024, and the community fork Valkey followed. In each case the vendor was not trying to hide the code. It was trying to stop a competitor from selling it.

Funding pressure and the single vendor model

Many of the projects that relicensed share a structure. They are open source in license but corporate in funding, built and maintained largely by one company that must eventually return value to investors. Open source distribution is excellent for adoption and poor for direct monetization. When growth slows or the public markets demand profitability, the tension between a free product and a revenue target sharpens. Relicensing is one of the few levers a single vendor controls that can convert a large free user base into a paying one, by making competitive and sometimes commercial use a paid event.

HashiCorp illustrates the pattern. It moved Terraform, Vault, Consul, Nomad, and Packer to the Business Source License as of August 2023, citing competitive use by vendors building on its tools, and IBM later acquired the company. The community fork of Terraform, OpenTofu, formed to preserve an openly licensed path. The lesson for buyers is that a project's governance and funding tell you a great deal about its relicensing risk. A project controlled by one commercial entity carries a different profile than one held by a foundation.

CLOUD COMPETITION

Providers sell the software as a managed service. Source available terms restrict that competitive use.

FUNDING PRESSURE

A single vendor must convert a free user base into revenue. Relicensing is a lever it controls.

CONTROL

A corporate maintainer can change terms unilaterally. A foundation governed project rarely can.

Source available is not the same as open source

A frequent misreading is that a relicensed project has gone closed. It has not. The Business Source License and the Server Side Public License keep the source public and readable, and often permit free use that is not competitive. What they do not satisfy is the Open Source Initiative definition, because they restrict fields of use. They are source available, a category that sits between open source and proprietary. The practical consequence is that the freedom to read and modify the code is largely intact, while the freedom to deploy it in any way you choose is not.

This distinction is the heart of the enterprise risk, and we treat it in depth in source available is not open source and why it matters. The mechanics of the two main license families are covered in the Business Source License explained and the Server Side Public License explained. Understanding the family tells you which of your uses, if any, the new terms touch.

What the trend means for buyers

For most enterprises the relicensing wave is not an emergency but a standing condition. The risk is not that any one project changed, but that the practice is now established and any single vendor project you depend on could be next. The right response is structural. Know what you run, know which components are controlled by a single commercial entity, and know how your use maps to the restrictions a source available license would impose. With that map in hand, a future relicense is a scoped decision rather than a scramble.

The full sequence of changes is set out in the 2023 to 2026 relicensing wave explained, and the wider landscape sits in the relicensing exposure pillar. When you want to size your exposure to the next change before it arrives, our relicensing exposure review traces the blast radius through everything you have built on these components.

COMMON QUESTIONS

Questions buyers ask.

Why are open source projects relicensing?

The common driver is commercial. A project backed by a single company watches cloud providers run its software as a paid managed service without contributing back. Relicensing to a source available license such as the Business Source License or the Server Side Public License is the lever to restrict that competitive use and protect the vendor's revenue, while keeping the source visible.

Is relicensing the same as going closed source?

No. Most relicensing moves keep the source code public and free to read and often free for non-competing use. They are source available, not closed. The change is in the rights granted, which now restrict competitive production use, not in whether you can see the code.

Which projects have relicensed recently?

HashiCorp moved Terraform, Vault, Consul, Nomad, and Packer to the Business Source License as of August 2023. Redis moved to the RSALv2 and the Server Side Public License as of March 2024. Elasticsearch and Kibana moved to the Server Side Public License and the Elastic License as of 2021. MongoDB moved to the Server Side Public License in 2018.

What does relicensing cost the enterprise that uses the software?

It depends on how you use the software. Internal use is often unaffected, but offering it competitively or redistributing it can trigger a commercial license demand or a migration to a fork. The cost is the exposure of the production use plus the cost to cure it.

Is this legal advice?

No. We provide commercial and licensing risk advisory, not legal advice. For interpretation of license terms and compliance questions, we recommend your own counsel.

CONTAINMENT

Size your exposure to the next change.

A confidential relicensing exposure review. Independent, buyer side, paid only by you.

Not ready to talk? Read the free open source license risk guides first.

Review your exposure