Trusted by teams at
Hook0 is fully open-source under SSPL — audit every line of code, self-host for compliance, or use Hook0 Cloud for managed infrastructure, automatic updates, and EU hosting. Bootstrapped, no open-core tricks.
Trusted by teams at
Webhooks carry sensitive payloads. With open-source, your security team can audit exactly how data is handled, signed, and delivered. No black boxes.
If the vendor disappears, raises prices, or pivots, you still have the code. Fork it, maintain it, or migrate at your own pace. Your webhook infrastructure is yours.
Deploy on your own servers, your own cloud, or air-gapped networks. Open-source means you choose where your data lives, not the vendor.
Report bugs, send PRs, request features. Open-source projects align incentives: the product gets better because users can shape it directly.
| Criteria | SSPL (Hook0) | Open-Core (Svix) | MIT (Convoy) | Proprietary (Hookdeck) |
|---|---|---|---|---|
| Source code available | Yes, 100% on GitHub & GitLab | Partial (core only) | Yes, on GitHub | No |
| Can audit code | Every line, including infra | Core only, enterprise is closed | Yes | No |
| Can self-host | Yes, free (Docker / K8s) | Enterprise plan only | Yes, free | No |
| Feature parity (cloud = self-host) | Same codebase, all features | Different editions, features gated | Cloud is a separate product | N/A (cloud-only) |
| Vendor lock-in risk | Low — fork anytime, standard PostgreSQL | Medium — enterprise features lost if you leave | Low — MIT allows forking | High — no source, no self-host |
| Data sovereignty | Full control (self-host or EU Cloud) | US cloud or enterprise self-host | Self-host only | US cloud, no self-host option |
| Community contributions | PRs welcome on full codebase | PRs on core only | PRs welcome | No community access |
| License restrictions | Cannot resell as managed service | Enterprise features require paid license | None (permissive) | All usage subject to vendor terms |
Webhooks carry sensitive payloads. Your security and compliance teams can review the entire codebase — API, worker, database schema — before deploying to production. No closed-source black boxes.
Migrate anytime. No proprietary APIs, no proprietary data formats. Hook0 stores everything in standard PostgreSQL. If you leave, your data and infrastructure knowledge come with you.
Start with Hook0 Cloud for the fastest path to production. Switch to self-host later for compliance or data sovereignty — or the other way around. Same codebase, zero migration effort.
Yes. Hook0 is fully open-source under the SSPL-1.0 license. Every line of code is on GitHub and GitLab. There is no proprietary enterprise edition.
SSPL-1.0 (Server Side Public License). You can freely self-host, modify, and audit the code. The only restriction is offering Hook0 as a managed service to third parties without open-sourcing your stack.
Self-hosting Hook0 requires Docker Compose or Kubernetes and a PostgreSQL database. You manage your own infrastructure, scaling, backups, updates, and monitoring. The self-hosted binary is built from the same codebase as Hook0 Cloud — no features are stripped out. Hook0 Cloud handles all of that for you if you prefer a managed path.
Open-core webhook tools split their codebase into a free community edition and a paid enterprise edition. The risk: features you rely on today (SSO, advanced monitoring, self-hosting support) can be moved behind the paywall at any time. You cannot audit the closed-source parts for security. And if you self-host, you run a stripped-down version. Hook0 avoids this — the full codebase is available under SSPL, with no enterprise edition.
Yes. Hook0 is open-source and self-hostable at no license cost. Hook0 Cloud adds managed infrastructure, automatic updates, EU hosting, priority support, and SLA — so you can focus on your product instead of operating webhook infrastructure. Start with the free cloud tier (100 events/day, no credit card).
Stop building webhook infrastructure. Start shipping features. Get started in minutes.