Redis License Compliance in 2025

What happened?

Redis underwent significant licensing changes starting in March 2024. Previously, Redis used the permissive BSD 3-clause license, which allowed wide commercial and personal use without strict conditions. In March 2024, Redis switched from BSD to a dual license, Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1), largely to restrict cloud service providers from offering Redis as a managed service without contributing back, or without entering a commercial arrangement with Redis (now Redis Ltd.).

This move caused broad concern in the community, as many felt Redis was no longer “true” open source. Dual licensing imposed stricter terms: RSALv2 restricted use in managed services, and SSPLv1 compelled organizations to open-source their entire codebase if they provided Redis as a networked service. As a result, some Linux distributions and cloud providers dropped Redis, and a major open source fork called Valkey was created, now under the Linux Foundation.

By mid-2025, Redis reversed course and adopted the OSI-approved AGPLv3 (GNU Affero General Public License) for Redis 8.0 and later, returning to an open source model, though with a copyleft requirement: any service providing Redis over a network must open-source the relevant code. This change was meant to address community frustrations with the SSPL/RSAL approach and to bring Redis back in line with open source principles. Managed service providers must still disclose code or seek commercial agreements under the AGPLv3, but independent and internal users face fewer restrictions than under SSPL/RSAL.

In summary, Redis licensing shifted from BSD to dual-source-available (RSALv2/SSPLv1) in 2024, sparking community division and new forks, but by 2025, Redis adopted AGPLv3 and restored OSI-compatible open source status though with network copyleft obligations.

Path Forward

Recommendation for Organizations

Organizations that purchase a commercial Redis license for the latest version are exempt from the copyleft requirements of the AGPLv3 license. With the introduction of the tri-license model in Redis 8.0, companies can select either the AGPLv3, requiring modified source code of Redis to be disclosed if provided as a networked service, or a commercial license from Redis Ltd., which allows use without sharing source or facing AGPLv3 restrictions.

The commercial license is well-suited for SaaS providers and companies offering managed Redis services, or for those with policies that preclude the use of strong copyleft licenses. It ensures clarity on intellectual property, eliminates source-sharing obligations, and may offer additional support and features compared to AGPLv3.

For purely internal, non-networked usage, many organizations may be able to use Redis under the AGPLv3 by following its terms. However, if companies want to avoid the risk or complexity of compliance, or if they modify Redis and provide it over a network, a commercial license from Redis Ltd. offers straightforward legal assurance and support.

Versions Not Impacted by Recent Licensing

The licensing changes do not affect Redis 7.2.x and older, which remain under the permissive BSD 3-clause license. This license lets organizations use, modify, and distribute Redis, including version 7.2.10—without any copyleft or source-disclosure obligations.

Redis 7.4 introduced dual RSALv2/SSPLv1 licensing, which restricted managed services and excluded Redis from many open source distributions. The move to AGPLv3 in Redis 8.0 brought a recognized open source option but retained strong copyleft provisions, especially for cloud and networked deployments.

For those wanting to avoid new restrictions, Redis 7.2.10 is recommended as the final BSD-licensed release, stable, widely compatible, and unaffected by post-7.2 licensing changes.

AGPLv3 vs. BSD 3-Clause

Redis 8.0+ is licensed under the OSI-approved AGPLv3 but, as a copyleft license, it imposes significant rules compared to BSD: if you modify Redis and make it available as a service over a network, you must open source your changes. The "network clause" ensures that cloud and SaaS operators cannot keep modified server-side Redis code proprietary without acquiring a commercial license.

However, using Redis unmodified as a backend database, for example, carries no obligation to open source proprietary application code; only modifications to Redis itself are subject to disclosure. If your organization creates and exposes custom Redis modules or patches over a network, those must be shared under AGPLv3.

Summary

  • Redis 7.2.10 and earlier: BSD license, fully permissive, no sharing obligations.

  • Redis 8.0+: AGPLv3 option restores open source status, but with copyleft “network” rules. Commercial license available to bypass these rules.

  • For unrestricted, permissive use or proprietary changes, use Redis 7.2.10 or earlier.

  • For open source alignment with strong protections, or if distributing changes, adopt Redis 8.0+ with AGPLv3 or purchase a commercial license.

  • The Valkey fork (led by the Linux Foundation) provides a permissive, BSD-licensed alternative for organizations preferring maximal freedom. https://github.com/valkey-io/valkey - https://valkey.io./

Technical Usage

The latest Redis versions that are not affected by the new licensing model are Redis 7.2.x and earlier, which remain under the original permissive BSD 3-clause license. This includes Redis 7.2.10, the final version in the 7.2.x series, which is safe to use without the copyleft or source-disclosure requirements introduced in Redis 7.4 and later versions.

For non-Docker installations, you can install Redis 7.2.10 directly on Linux, macOS, or Windows (via WSL) using the following methods:

Compliant Docker image: 

redis:7.2.10-alpine@sha256:395ccd7ee4db0867de0d0410f4712a9e0331cff9fdbd864f71ec0f7982d3ffe6

Linux (Ubuntu/Debian, CentOS/RHEL, Amazon Linux)

On Ubuntu/Debian, you can install Redis 7.2.10 from source:

  1. Install dependencies:

    sudo apt update && sudo apt install build-essential wget

  2. Download and compile Redis 7.2.10:

    wget https://download.redis.io/releases/redis-7.2.10.tar.gz
tar xzf redis-7.2.10.tar.gz
cd redis-7.2.10
make
sudo make install

  3. Start Redis:

    bashredis-server

On CentOS/RHEL/Amazon Linux, use yum or dnf:

sudo yum install -y gcc wget
wget https://download.redis.io/releases/redis-7.2.10.tar.gz
tar xzf redis-7.2.10.tar.gz
cd redis-7.2.10
make
sudo cp src/redis-cli /usr/bin/
sudo cp src/redis-server /usr/bin/

Note: Amazon Linux 2023 may default to Redis 6 via package manager; compiling from source ensures version 7.2.10.

Alpine Linux

On Alpine Linux, enable the community repository and install Redis:

echo "http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories
apk update
apk add redis

Then start the service:

rc-service redis start

macOS

On macOS, use Homebrew:

brew install [email protected]

Or compile from source as shown above.

Windows

On Windows, Redis is not natively supported, but you can use Windows Subsystem for Linux (WSL):

  1. Install WSL2 and a Linux distribution (e.g., Ubuntu).

  2. Follow the Linux installation steps above within the WSL environment.

Alternatively, use Docker Desktop on Windows to run the same redis:7.2.10-alpine image without full Linux installation.

Verification

After installation, verify the version:

redis-cli --version

And test connectivity:

redis-cli ping
# Expected output: PONG

By installing Redis 7.2.10 from source or a trusted repository, organizations can avoid the licensing changes introduced in Redis 7.4+ while maintaining full functionality outside of containerized environments

PreviousControversial SubjectsNextAppSec Testing

Last updated