Ask HN: How to be compliant with the AGPL licence? We’re considering using an AGPL-licensed database tool as part of our saas.
AGPL has always felt a bit scary. It’s got a reputation for being “viral” ( in a way that even companies like Google explicitly avoid it in their projects. There’s a lot of FUD and ambiguity around what it means to be compliant — especially for server-side use. I have read about how companies like iText or MinIO that are kind of abusing the licence to get you to pay for a subscription to their services. Our plan to be compliant is: Fork the AGPL repo and modify it slightly for our workload Publish our changes in a public GitHub repo under the same AGPL license (linking the original repo) Publish that version as an npm package Use that package in our Node.js server Add a clear link to the source on our website (in docs or footer) There’s no private fork — just a clean public repo that exactly matches what we run in production. Would this be enough to comply with AGPL’s network-use clause? Or do we need to go further, e.g. display the AGPL license explicitly in our app UI, or provide the source in a different way? Has anyone here dealt with this in production? We want to do the right thing, even if it means to not use the project at all. |