CockroachDB to Change License Type

The only restriction in new bundle of licenses is the ban on selling commercial versions of CockroachDB, made in the form of cloud services
05 June 2019   260

The developers of the distributed DBMS CockroachDB have announced the migration of the project source code into a bundle from the Business Source License (BSL) and Cockroach Community License (CCL), which is not free due to the discrimination of certain categories of users. The BSL license was proposed by MySQL co-founders three years ago as an alternative to the Open Core model. The essence of BSL is that the extended functionality code is initially available for making changes, but for a certain period of time it can be used for free only if the additional conditions are met that require a commercial license to be circumvented.

The new license allows the use of CockroachDB on any number of nodes in the cluster and embedding in applications, including those that are sold to customers or run as services. The only restriction that prevents the license from being considered free and open is the ban on selling commercial versions of CockroachDB, made in the form of cloud services. To issue a CockroachDB in the form of paid cloud services now requires the purchase of a commercial license.

As in the case of the re-licensing of MongoDB, Redis and TimescaleDB modules, the reason for the transition to a non-free license is the fight against the parasitization of cloud service providers who create derivative commercial products and resell open DBMS as cloud services but do not participate in the community and do not help in developing. It happens when the cloud providers, who are not related to the project, resell ready-made open solutions and benefit, but the developers are left with nothing.

Cosmos to Undergo a Hardfork to Fix Vulnerability

Service providers were advised to upgrade immediately to the most recent and most secure version of CosmosSDK because issue was serious
31 May 2019   230

Tendermint team reported on successful hardfork implementation to a mainnet of Cosmos. Thi was done to fix critical vulnerability.

Two days ago the company discovered a bug in CosmosSDK, a solution for creating applications on the blockchain using the Golang programming language.

To eliminate the vulnerability, it was decided to conduct hardfork. Having secured a sufficient number of confirmations from validators, Tendermint carried out an upgrade of the network on block # 482100.

Service providers were advised to upgrade immediately to the most recent and most secure version of CosmosSDK.

It is reported that the bug threatened the safety model of the chains in the Cosmos PoS system. In this case, the developers emphasize that the vulnerability did not allow to steal or create new ATOM tokens.

Tendermint promised to reveal the technical details of the bug in 7-10 business days.