MongoDB-SSPL-1.0 license issue

xliu · August 17, 2022, 5:57pm

We use elasticsearch 7.17.4. Nexus-iq reports 'Banned' license threat group ('MongoDB-SSPL-1.0').

Nexus IQ Server is Sonatype's policy engine. Sonatype has MongoDB-SSPL-1.0 in Banned list.

The policy error comes out from varous elasticsearch module and plugin.
org.elasticsearch : elasticsearch-plugin-classloader : 7.17.4
org.elasticsearch.plugin : lang-mustache-client : 7.17.4
org.elasticsearch.plugin : lang-mustache-client : 7.17.4
org.elasticsearch : elasticsearch-lz4 : 7.17.4
...

We have the elasticsearch license. Should it cover all other needed licenses under elasticsearch?

leandrojmp · August 17, 2022, 6:05pm

You need to provide more context about your issue.

What is Nexus-iq? What issue are you having with any tool from Elastic?

xliu · August 17, 2022, 7:46pm

Updated description... Nexus-iq scans jar file and reports such license issue from elasticsearch jars.

leandrojmp · August 17, 2022, 8:38pm

You need to ask your legal team, this is not an Elastic issue.

If your company can only run software under OSS licenses, than you can not run Elastic as its license is not OSS anymore.

system · September 14, 2022, 8:39pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.