GeoServer 3 Call for Crowdfunding
GeoServer is at a critical turning point and it needs your help to continue its journey as the leading free and open-source platform for geospatial data. With GeoServer 3 we are transforming the way you interact with geospatial data—making it faster, more intuitive, and more secure.
This major upgrade, led by Camptocamp, GeoSolutions, and GeoCat, will deliver:
-
Future-Proof Performance: A modernized core for compatibility with the latest data management and deployment technologies.
-
Enhanced Image Processing: Faster, smoother handling of spatial imagery and larger datasets.
-
Improved Security and Compliance: Meet regulatory standards and protect your data with the latest security enhancements.
-
Streamlined User Experience: Easier navigation, integrating new services, and empowering users at all levels.
The scope of this work is beyond routine updates or maintenance since the transition to GeoServer 3 requires extensive redevelopment of core systems as well as implementing modern security practices and also thorough testing and validation across all GeoServer extensions.
The consortium members - Camptocamp, GeoSolutions, and GeoCat- have a long-standing history of supporting and contributing to GeoServer and are fully committed to the success of this migration. However, this is a major effort that cannot be completed without community support.
By supporting this crowdfunding campaign, you are investing in the future of GeoServer and helping to sustain the innovative, open-source geospatial community.
Why GeoServer 3
As the digital landscape evolves, staying up-to-date with the latest technology is no longer optional — it’s essential. GeoServer 3 is being developed to address crucial challenges and ensure that GeoServer remains a reliable and secure platform for the future. Several key factors make this upgrade critical right now:
-
Regulatory Compliance: New regulations, including the CISA known exploited vulnerabilities list, demand that systems be fully patched to ensure operational readiness. Without the latest updates, GeoServer risks falling short of these standards, which is why migrating to Spring 6 is essential.
-
End of Support for Spring 5: By January 2025, Spring 5 will no longer receive security updates, leaving systems vulnerable. As GeoServer operates as middleware between web services and essential data layers, this upgrade to Spring 6 is crucial to maintaining secure connections and protecting data from potential breaches.
-
Security Enhancements: Upgrading to Spring 6 enables OAuth2 protocols for secure authentication, especially critical for large-scale or enterprise-level use. These advancements will help organizations meet evolving security requirements and protect sensitive geospatial data.
-
Switching to JDK 17: This upgrade also marks GeoServer’s transition to JDK 17, which brings improvements in performance, security, and long-term support. Keeping GeoServer aligned with the latest Java versions ensures compatibility with modern deployment technologies Tomcat 10 and Jakarta and future-proofs the platform.
-
Improved Image Processing: GeoServer 3 will replace the outdated Java Advanced Imaging (JAI) library with the more modern and flexible ImageN toolkit. This switch will significantly enhance image processing capabilities, enabling faster handling of large spatial datasets and improving Java compatibility.
-
Future-Proof Technology Stack: With the migration to Spring 6 and the shift to JDK 17, GeoServer 3 ensures long-term viability. Addressing the entire GeoServer stack, including enterprise components GeoFence and Cloud Native GeoServer, allows organizations to seamlessly adopt modern infrastructure and deployment models without compromising performance or security.
With this work, GeoServer is moving into a more secure, high-performing future—ready to tackle the evolving needs of the geospatial community. For more information on the work to be performed and its phases, please visit this document.
Crowdfunding structure
The crowdfunding will be structured in two phases to ensure success:
-
Commitment Phase: Sponsors and community members will pledge their financial support during this phase, but no funds will be collected. The goal is to reach a predefined target that covers the full scope of work necessary for the migration.
-
Funding Activation: Once the target is reached, the crowdfunding will be activated, and sponsors will be invoiced for their pledged amounts. This ensures there is enough financial backing to complete the migration without risking underfunding.
This structured approach ensures that GeoServer 3 is fully funded before any work begins, preventing the risk of an incomplete migration. This guarantees that the project will have the necessary resources to be completed in its entirety.
This structure forms a multi-party agreement:
-
Consortium: Three companies are forming a consortium (Camptocamp, GeoSolutions, and GeoCat) providing expertise, a proven track record, and capacity. These companies are also taking on responsibility for project management, estimating, and importantly risk.
-
Supporters: We are seeking organisations to pledge their support via funding during the commitment phase. No funds will be collected until we reach the target established below for the full scope of work necessary.
-
Community: We ask that our community step forward to match the contributions above with both financial contributions and in-kind development and testing.
Crowdfunding target
The financial target is ambitious, 550,000.00 €. CamptoCamp, GeoCat and GeoSolutions have generously stepped up and will provide 50,000.00€ each, which means the current funding goal starts at 400,000.00 €. Here below you will find the live updated situation as far as committed funding is concerned.
How to participate
If you are ready to support GeoServer 3, please, fill this online form or contact us at gs3-funding@googlegroups.com to express your interest and pledge your support.
Together, we can secure the future of GeoServer for years to come.
Vulnerability
- GeoServer 2.25.4 Release
- GeoServer 2.26.0 Release
- CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions
- GeoServer 2.25.2 Release
- GeoServer 2.24.4 Release
- GeoServer 2.23.6 Release
- GeoServer 2.25.1 Release
- GeoServer 2.25.0 Release
- GeoServer 2.23.5 Release
- GeoServer 2.24.2 Release