spree
Spree is an open-source, self-hosted headless eCommerce platform built in Ruby with a REST API, TypeScript SDK, and production-ready Next.js storefront. It supports B2B, multi-vendor marketplaces, and cross-border commerce with no vendor lock-in or platform fees.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | spree/spree |
| Owner | spree |
| Primary language | Ruby |
| License | BSD-3-Clause — OSI-approved |
| Stars | 15.5k |
| Forks | 5.3k |
| Open issues | 128 |
| Latest release | v5.5.2 (2026-07-06) |
| Last updated | 2026-07-08 |
| Source | https://github.com/spree/spree |
What spree is
Ruby-based REST API with OpenAPI 3.0 spec, TypeScript SDK, and Spree CLI for backend management. Includes a Next.js 16 + React 19 + Tailwind CSS 4 storefront, MeiliSearch integration, event bus, webhooks 2.0, and multi-channel sales support. Deployment via Docker or cloud platforms.
Get the spree source
Clone the repository and explore it locally.
git clone https://github.com/spree/spree.gitcd spree# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Ruby environment and Rails framework proficiency required for backend customization. Team onboarding and skill gaps are key cost drivers.
- Self-hosted model requires dedicated DevOps: Docker, database, CI/CD, monitoring, security patches, and disaster recovery are your responsibility.
- Next.js storefront is production-ready but customization of payments (Stripe, Adyen, PayPal), shipping rules, and fulfillment logic requires development time.
- Schema generation via `spree generate api_resource` accelerates API endpoint creation, but bulk product imports and catalog migrations require careful data mapping.
- Agentic development skills (AI agents, MCP servers, LLM prompts) are optional but increasingly valuable for rapid feature development and maintenance.
When to avoid it — and what to weigh
- No Ruby/Rails Expertise In-House — Backend is Ruby-based. Customization and troubleshooting require Rails knowledge. Migration costs are high if your team lacks this skill set.
- Minimal DevOps Capability — Self-hosted deployment requires Docker, database management, and infrastructure monitoring. No managed SaaS option. Scaling, backups, and uptime are your responsibility.
- Simple Storefront Needs — Spree's full feature set (B2B, multi-vendor, compliance) adds complexity. Lighter alternatives may be faster to deploy for basic catalog + checkout.
- Proprietary Lock-In Not a Concern — If vendor SaaS lock-in is acceptable and managed services (support, uptime SLAs, updates) are priorities, platforms like Shopify or BigCommerce may reduce operational burden despite fees.
License & commercial use
BSD 3-Clause License. Permissive open-source license allowing use, modification, and distribution in proprietary projects with attribution. No copyleft obligations. Full terms at opensource.org/licenses/BSD-3-Clause.
BSD 3-Clause is a permissive OSI license that explicitly permits commercial use, closed-source modifications, and proprietary derivative works, provided the original copyright and license text are retained. Consult legal counsel for your specific deployment model, especially if you are distributing or sublicensing the software. No commercial support, hosting, or SLA guarantees are implied by the license alone; these are separate commercial arrangements.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Strong |
| Assessment confidence | High |
Self-hosted model places security responsibility on you: database encryption, API key rotation, HTTPS enforcement, dependency updates, and access controls are mandatory. Project includes code coverage tracking and is actively maintained, suggesting attention to testing. No public security audit data, bug bounty program, or CVE history provided. Rate limiting and publishable keys are built into the API but misconfiguration or weak credential management can expose data. RBAC and role-based permissions in Admin Dashboard reduce privilege escalation risk if properly configured.
Alternatives to consider
Shopify Plus / BigCommerce Enterprise
Managed SaaS with built-in uptime, security, compliance, and vendor-provided support. No self-hosting, DevOps, or Ruby expertise required. Higher platform fees and potential vendor lock-in; less code ownership.
WooCommerce (WordPress-based)
PHP-based, lower learning curve for many teams, massive plugin ecosystem. Self-hosted or managed. Simpler for small-to-medium stores; less robust for complex B2B and multi-vendor scenarios out of the box.
Medusa / Commerce.js (Node.js / Headless)
JavaScript/Node.js-native, headless-first design. Easier for Node teams to customize. Smaller ecosystem than Spree; B2B and multi-vendor features less mature.
Build on spree with DEV.co software developers
Run `npx create-spree-app@latest my-store` to test the full stack locally. Requires Node 22+, Docker, and ~5 minutes. Review deployment docs and security setup before production. Engage Devco if you need expert implementation, customization, or DevOps partnership.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
spree FAQ
Can we use Spree in a production SaaS offering?
Do we need to hire a Ruby expert?
How do we scale to high transaction volume?
What if we want managed hosting / commercial support?
Software developers & web developers for hire
Need help beyond evaluating spree? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source ecommerce integrations — and maintain them long-term.
Ready to Evaluate Spree for Your Commerce Stack?
Run `npx create-spree-app@latest my-store` to test the full stack locally. Requires Node 22+, Docker, and ~5 minutes. Review deployment docs and security setup before production. Engage Devco if you need expert implementation, customization, or DevOps partnership.