The developers of the platform data visualization Grafana, announced the transition to the AGPLv3 license, instead of the Apache 2.0 license used previously.
Interestingly, some users point out that one of the reasons from the success of the Grafana project, which initially sought to optimize the existing Kibana product interface to visualize time-varying data and move away from linking to the Elasticsearch repository, was the choice of a more permissive code license. Over time, Grafana developers formed Grafana Labs, which began promoting commercial products such as the Grafana Cloud cloud system and the Grafana Enterprise Stack commercial solution.
The decision to change the license was made to stay afloat and compete with suppliers that are not involved in the development, but that they use modified versions of Grafana in their products. In contrast to the drastic measures taken by projects like ElasticSearch, Redis, MongoDB, Timescale, and Cockroach, which switched to a non-open license, Grafana Labs tried to make a decision that balances the interests of the community and the business. The transition to AGPLv3, according to Grafana Labs, is the best solution: on the one hand, AGPLv3 meets the criteria of free and open licenses, and on the other hand, it does not allow parasitizing open source projects.
Our company has always tried to balance the "value creation" of open source and community with the "value capture" of our monetization strategy. The choice of license is a key pillar of this strategy, and it is something that we have deliberated extensively on since the company began.
In the last few years, we've watched closely as almost every open source company at scale that we admire - such as Elastic, Redis Labs, MongoDB, Timescale, Cockroach Labs, and many others - have evolved their licensing regime. In almost all of these cases, the result has been a switch to a non-OSI-approved available font license.
Those who use unmodified versions Grafana on their services or post the change code (for example, Red Hat Openshift and Cloud Foundry) they will not be affected by the license change. The change will also not affect Amazon, which provides the Amazon Managed Service cloud product for Grafana (AMG), as this company is a strategic development partner and provides many services to the project.
Companies with corporate policies that prohibit the use of AGPL can continue to use older licensed versions of Apache for which vulnerability patches are expected to continue to be released. Another way out is to use Grafana's proprietary Enterprise edition, which can be used for free if no additional paid features are activated by purchasing the key.
Recall that the peculiarity of the AGPLv3 license is the introduction of additional restrictions for applications that ensure the operation of network services. When using AGPL components to ensure the operation of the service, the developer is obliged to provide the user with the source code of all changes made to these components, even if the software underlying the service is not distributed and is used exclusively in the internal infrastructure to organize the operation of the service.
The AGPLv3 license is only compatible with GPLv3, which creates a license conflict with the applications provided under the GPLv2 license. For example, releasing a library under AGPLv3 requires all applications using this library to distribute code under the AGPLv3 or GPLv3 license, so some Grafana libraries are licensed under the Apache 2.0 license.
In addition to changing the license, the Grafana project was transferred to a new agreement with developers (CLA), which determines the transfer of property rights over the code, allowing Grafana Labs to change the license without the consent of all development participants.
The old Harmony Contributor Agreement is replaced by a document-based agreement signed by Apache Foundation contributors. This agreement is indicated to be more understandable and familiar to developers.