Replace Redis with an open-source alternative due to licensing changes #2901
Comments
|
Thanks for raising this issue. I agree that the licensing changes in redis are not ideal. |
|
The Linux foundation has launched an open-source fork of Redis called Valkey. https://github.com/valkey-io/valkey |
|
Currently Reflex isn't using the latest version of Redis anyway. As of today, it uses version 5.0.4 (">=4.3.5,<6.0"). The license change was made in Redis 7.2.4. Valkey is at 7.2.5. So maybe there are some compatibility issues using Redis 6+ |
|
For cases like this, I would recommend setting up dependency-review-action to avoid accidentally including a lessor-permissive licensed dependency. |
This change will add a new action to scan the dependency's licenses for any that may not be allowed for this project. The pip-licenses command was run to get a dump of all the licenses associated with this repo and put into the allow-licenses list. Normally, you might only want to use deny-licenses list, but for packages like Redis, there is no defined SPDX identifier for it. Note: this list will require future maintenance as dependencies get added that are not already in the allow list. https://spdx.org/licenses/ https://github.com/raimon49/pip-licenses Related to issue reflex-dev#2901 Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
…#3306) This change will add a new action to scan the dependency's licenses for any that may not be allowed for this project. The pip-licenses command was run to get a dump of all the licenses associated with this repo and put into the allow-licenses list. Normally, you might only want to use deny-licenses list, but for packages like Redis, there is no defined SPDX identifier for it. Note: this list will require future maintenance as dependencies get added that are not already in the allow list. https://spdx.org/licenses/ https://github.com/raimon49/pip-licenses Related to issue #2901 Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
…reflex-dev#3306) This change will add a new action to scan the dependency's licenses for any that may not be allowed for this project. The pip-licenses command was run to get a dump of all the licenses associated with this repo and put into the allow-licenses list. Normally, you might only want to use deny-licenses list, but for packages like Redis, there is no defined SPDX identifier for it. Note: this list will require future maintenance as dependencies get added that are not already in the allow list. https://spdx.org/licenses/ https://github.com/raimon49/pip-licenses Related to issue reflex-dev#2901 Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
I second valkey, switched all my redis backends to it and works great |
Describe the bug
Redis, the popular in-memory data structure store, has recently changed its licensing model from open-source to a proprietary license. I believe this change conflicts with this project's principles. Additionally, it may also conflict with our individual principles and values, as many of us strongly believe in the importance of free and open-source software.
To address this issue, we should replace Redis with an open-source alternative.
I propose that we replace Redis with KeyDB. Which is a fork of Redis that is faster and free as in freedom. However, there are other open-source alternatives available as well
The text was updated successfully, but these errors were encountered: