stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
c32fff8f86a4ecd5f88ad3c80f73871f7fd628e1
git.stella-ops.org/docs/legal/LEGAL_FAQ_QUOTA.md

2.7 KiB
Executable File
Raw Blame History

Legal FAQ — Free-Tier Quota & BUSL-1.1 Additional Use Grant

Operational behaviour (limits, counters, delays) is documented in 30_QUOTA_ENFORCEMENT_FLOW1.md. This page covers only the legal aspects of offering Stella Ops as a service or embedding it into another product while the free-tier limits are in place.

1 ? Does enforcing a quota violate BUSL-1.1?

No. BUSL-1.1 permits usage controls and requires production use to remain within the Additional Use Grant (3 environments, 999 new hash scans per 24 hours, and no SaaS/hosted third-party service). Quota enforcement documents compliance.

The Stella Ops quota:

  • Is enforced solely at the service layer (Valkey counters, Redis-compatible).
  • Never disables functionality; it introduces time delays only after the free allocation is exhausted.
  • Can be bypassed by rebuilding from source, but production use outside the Additional Use Grant requires a commercial license.

2 ? Can I redistribute Stella Ops with the quota removed?

Yes, provided you:

  1. Include the LICENSE and NOTICE files with your distribution, and
  2. Mark modified files with prominent change notices.

Recipients are still bound by BUSL-1.1 and the Additional Use Grant; production use outside the grant requires a commercial license.

3 ? Embedding in a proprietary appliance

You may ship Stella Ops inside a hardware or virtual appliance under BUSL-1.1. You must include LICENSE and NOTICE and preserve attribution notices. Production use must remain within the Additional Use Grant unless a commercial license is obtained. Proprietary integration code does not have to be disclosed.

4 ? SaaS redistribution

The BUSL-1.1 Additional Use Grant prohibits providing Stella Ops as a hosted or managed service to third parties. SaaS/hosted use requires a commercial license.

5 · Is e-mail collection for the JWT legal?

  • Purpose limitation (GDPR Art. 5-1 b): address is used only to deliver the JWT or optional release notes.
  • Data minimisation (Art. 5-1 c): no name, IP or marketing preferences are required; a blank e-mail body suffices.
  • Storage limitation (Art. 5-1 e): addresses are deleted or hashed after <= 7 days unless the sender opts into updates.

Hence the token workflow adheres to GDPR principles.

6 · Change-log

Version Date Notes
3.0 2026-01-20 Updated for BUSL-1.1 Additional Use Grant.
2.1 2026-01-20 Updated for Apache-2.0 licensing (superseded by BUSL-1.1 in v3.0).
2.0 2025-07-16 Removed runtime quota details; linked to new authoritative overview.
1.0 2024-12-20 Initial legal FAQ.