DEV.co
Open-Source Ecommerce · spree

spree

Spree is an open-source, self-hosted headless eCommerce platform built in Ruby with a REST API, TypeScript SDK, and production-ready Next.js storefront. It supports B2B, multi-vendor marketplaces, and cross-border commerce with no vendor lock-in or platform fees.

Source: GitHub — github.com/spree/spree
15.5k
GitHub stars
5.3k
Forks
Ruby
Primary language
BSD-3-Clause
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryspree/spree
Ownerspree
Primary languageRuby
LicenseBSD-3-Clause — OSI-approved
Stars15.5k
Forks5.3k
Open issues128
Latest releasev5.5.2 (2026-07-06)
Last updated2026-07-08
Sourcehttps://github.com/spree/spree

What spree is

Ruby-based REST API with OpenAPI 3.0 spec, TypeScript SDK, and Spree CLI for backend management. Includes a Next.js 16 + React 19 + Tailwind CSS 4 storefront, MeiliSearch integration, event bus, webhooks 2.0, and multi-channel sales support. Deployment via Docker or cloud platforms.

Quickstart

Get the spree source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/spree/spree.gitcd spree# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

B2B & Wholesale Commerce

Native support for price lists, customer groups, company hierarchies, and catalogs. Publishable keys enable gated storefronts for wholesale segments. Ideal for regional and tiered pricing strategies.

Multi-Vendor & Cross-Border Marketplaces

Markets feature bundles currency, language, payment methods, and shipping per region. EU Omnibus Directive compliance built-in. Support for multiple sales channels and vendor management from a single backend.

Headless & API-First Implementations

Complete REST API with rate limiting and publishable keys. TypeScript SDK ensures type safety. Spree CLI allows scriptable infrastructure management and AI agent integration for rapid development.

Implementation considerations

  • Ruby environment and Rails framework proficiency required for backend customization. Team onboarding and skill gaps are key cost drivers.
  • Self-hosted model requires dedicated DevOps: Docker, database, CI/CD, monitoring, security patches, and disaster recovery are your responsibility.
  • Next.js storefront is production-ready but customization of payments (Stripe, Adyen, PayPal), shipping rules, and fulfillment logic requires development time.
  • Schema generation via `spree generate api_resource` accelerates API endpoint creation, but bulk product imports and catalog migrations require careful data mapping.
  • Agentic development skills (AI agents, MCP servers, LLM prompts) are optional but increasingly valuable for rapid feature development and maintenance.

When to avoid it — and what to weigh

  • No Ruby/Rails Expertise In-House — Backend is Ruby-based. Customization and troubleshooting require Rails knowledge. Migration costs are high if your team lacks this skill set.
  • Minimal DevOps Capability — Self-hosted deployment requires Docker, database management, and infrastructure monitoring. No managed SaaS option. Scaling, backups, and uptime are your responsibility.
  • Simple Storefront Needs — Spree's full feature set (B2B, multi-vendor, compliance) adds complexity. Lighter alternatives may be faster to deploy for basic catalog + checkout.
  • Proprietary Lock-In Not a Concern — If vendor SaaS lock-in is acceptable and managed services (support, uptime SLAs, updates) are priorities, platforms like Shopify or BigCommerce may reduce operational burden despite fees.

License & commercial use

BSD 3-Clause License. Permissive open-source license allowing use, modification, and distribution in proprietary projects with attribution. No copyleft obligations. Full terms at opensource.org/licenses/BSD-3-Clause.

BSD 3-Clause is a permissive OSI license that explicitly permits commercial use, closed-source modifications, and proprietary derivative works, provided the original copyright and license text are retained. Consult legal counsel for your specific deployment model, especially if you are distributing or sublicensing the software. No commercial support, hosting, or SLA guarantees are implied by the license alone; these are separate commercial arrangements.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityModerate
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Self-hosted model places security responsibility on you: database encryption, API key rotation, HTTPS enforcement, dependency updates, and access controls are mandatory. Project includes code coverage tracking and is actively maintained, suggesting attention to testing. No public security audit data, bug bounty program, or CVE history provided. Rate limiting and publishable keys are built into the API but misconfiguration or weak credential management can expose data. RBAC and role-based permissions in Admin Dashboard reduce privilege escalation risk if properly configured.

Alternatives to consider

Shopify Plus / BigCommerce Enterprise

Managed SaaS with built-in uptime, security, compliance, and vendor-provided support. No self-hosting, DevOps, or Ruby expertise required. Higher platform fees and potential vendor lock-in; less code ownership.

WooCommerce (WordPress-based)

PHP-based, lower learning curve for many teams, massive plugin ecosystem. Self-hosted or managed. Simpler for small-to-medium stores; less robust for complex B2B and multi-vendor scenarios out of the box.

Medusa / Commerce.js (Node.js / Headless)

JavaScript/Node.js-native, headless-first design. Easier for Node teams to customize. Smaller ecosystem than Spree; B2B and multi-vendor features less mature.

Software development agency

Build on spree with DEV.co software developers

Run `npx create-spree-app@latest my-store` to test the full stack locally. Requires Node 22+, Docker, and ~5 minutes. Review deployment docs and security setup before production. Engage Devco if you need expert implementation, customization, or DevOps partnership.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

spree FAQ

Can we use Spree in a production SaaS offering?
Yes, BSD 3-Clause permits commercial use and proprietary derivatives. You may build a SaaS platform on Spree, but you must retain original copyright/license notices. Consult legal counsel on your specific terms of service and data liability model.
Do we need to hire a Ruby expert?
Strongly recommended for anything beyond basic configuration. The backend is Rails; customizations (payment methods, shipping, bulk operations, hooks) typically require Ruby. The storefront (Next.js) is accessible to Node/React teams.
How do we scale to high transaction volume?
Unknown from provided data. Spree is self-hosted; scaling depends on your infrastructure (horizontal pod autoscaling, database sharding, caching layers). No benchmarks or capacity guidance provided. Engage with the community or Spree team for production sizing.
What if we want managed hosting / commercial support?
Not provided by Spree project itself. You must deploy to Render, AWS, GCP, etc., and manage your own DevOps. Commercial support, maintenance, or consulting is available through third-party partners; contact spreecommerce.org for recommendations.

Software developers & web developers for hire

Need help beyond evaluating spree? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source ecommerce integrations — and maintain them long-term.

Ready to Evaluate Spree for Your Commerce Stack?

Run `npx create-spree-app@latest my-store` to test the full stack locally. Requires Node 22+, Docker, and ~5 minutes. Review deployment docs and security setup before production. Engage Devco if you need expert implementation, customization, or DevOps partnership.