The developers of the Grafana data visualization platform announced the transition to the AGPLv3 license, instead of the previously used Apache 2.0 license. A similar license change was made for the Loki log aggregation system and the Tempo distributed tracing backend. Plugins, agents, and some libraries will continue to be licensed under the Apache 2.0 license.
Interestingly, some users note that one of the reasons for the success of the Grafana project, which at the initial stage tried to optimize the interface of the pre-existing Kibana product for visualizing time-varying data and moving away from being tied to Elasticsearch storage, was the choice of a more permissive code license. Over time, the Grafana developers formed the company Grafana Labs, which began promoting commercial products such as the Grafana Cloud cloud system and the commercial solution Grafana Enterprise Stack.
The decision to change the license was made in order to stay afloat and withstand competition with suppliers who are not involved in the development, but use modified versions of Grafana in their products. In contrast to the drastic measures taken by projects such as ElasticSearch, Redis, MongoDB, Timescale and Cockroach, which moved to a non-open license, Grafana Labs tried to make a decision that balances the interests of the community and business. The transition to AGPLv3, according to Grafana Labs, is the optimal solution: on the one hand, AGPLv3 meets the criteria of free and open licenses, and on the other hand, it does not allow parasitism on open projects.
Those who use unmodified versions of Grafana in their services or publish modification code (for example, Red Hat Openshift and Cloud Foundry) will not be affected by the license change. The change will also not affect Amazon, which provides the cloud product Amazon Managed Service for Grafana (AMG), since this company is a strategic development partner and provides many services to the project. Companies with a corporate policy that prohibits the use of the AGPL license can continue to use older Apache-licensed releases for which they plan to continue publishing vulnerability fixes. Another way out is to use the proprietary Enterprise edition of Grafana, which can be used for free if additional paid functions are not activated through the purchase of a key.
Let us recall that a feature of the AGPLv3 license is the introduction of additional restrictions for applications that ensure the functioning of network services. When using AGPL components to ensure the operation of the service, the developer is obliged to provide the user with the source code of all changes made to these components, even if the software underlying the service is not distributed and is used exclusively in the internal infrastructure to organize the operation of the service. The AGPLv3 license is only compatible with GPLv3, which results in a licensing conflict with applications shipped under the GPLv2 license. For example, shipping a library under AGPLv3 requires all applications that use the library to distribute code under the AGPLv3 or GPLv3 license, so some Grafana libraries are left under the Apache 2.0 license.
In addition to changing the license, the Grafana project has been transferred to a new developer agreement (CLA), which defines the transfer of property rights to the code, which allows Grafana Labs to change the license without the consent of all development participants. Instead of the old agreement based on the Harmony Contributor Agreement, an agreement has been introduced based on a document signed by the participants of the Apache Foundation. It is indicated that this agreement is more understandable and familiar to developers.
Source: opennet.ru