>You can defeat the Affero clause by putting the software behind a proxy, for example
Could someone elaborate on this? This is NOT my understanding of the license, and it seems absurd considering e.g. Mastodon is AGPL but the standard install requires a reverse proxy[1]. If using a proxy defeats Affero, why would the Mastodon team do this? Are they stupid?
It's never been tested in court, but the theory is you with company A run an Affero GPL (modified code) server. It's not accessible to anyone outside company A, except me, with a proxy-ish server in Company B (which may or may not be controlled/related).
Then I'm the only user of your software, and never request the code, even though ten billion users use it via my proxy.
I'm not so sure it's just being cute. Define a bright line difference between this API proxy and something like an IRC server. Fundamentally it's an RPC black box. Client sends a command and gets a response. How that response is generated the client has no way of knowing or differentiating. For the defense to fail, wouldn't you have to prove that end user C was a recipient of software from company A? How could this possibly be true when user C cannot observe even the existence of A?
Like, imagine this hypothetical.
Set up a server. For each unique client that exists, it proxies to one of two backends. One is wrapping an LGPL library. The other is wrapping a cleanroom non-CL implementation.
A given user will always get one or the other. Think of it as being assigned off the high bit of a user hash or something.
Which users have rights under the LGPL? Remember that half of them have never used the (wrapped) LGPL implementation, and NONE of them can tell which group they are in.
I don't actually see the difference as being that distinct from the long accepted fact that a program compiled by a copyleft compiler or running in a copyleft interpreter is not itself inherently copyleft.
The idea is that the proxy removes all the AGPL compliance features from the web application. So if your app has a View Source link that spits out all the *.php files on disk, your proxy blocks that link. AGPL prohibits you from removing parts of a program intended to implement a "View Source" link, but it doesn't put any specific limitations on the conduct of other, unrelated programs.
The only other thing I could think of to prevent this would be a DMCA 1201 claim - i.e. that the view source link is a DRM system, and that a proxy that removes those links is illegal. Except all v3 licenses explicitly foreclose the ability to make DMCA 1201 claims relating to features of the software.
My guess is, Mastodon used AGPLv3 primarily because the Affero clause scares off big tech companies, notably Google. I don't have access to any IRC logs or issue tracker comments to prove this is the case, though.
There's much that's untested about these licenses in practical terms. This scheme of producing the source but also blocking it... it's hard to see it standing up in court.
Let's assume you modify the AGPL program, so the remote interaction clause kicks in. If you have the software provide links to the source, but you yourself also strip those out before any of those remote-interacting users can ever see or use them, I don't think a court would have a problem saying that you're not actually "offering an opportunity" for the users to download the source and are therefore in violation.
"To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying."
"You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:"
I think you would have a very, very hard time arguing that you had conveyed the source under this definition.
This is like paying a parking ticket on a credit card, charging it back, and then arguing that it's paid because you sent the money.
Could someone elaborate on this? This is NOT my understanding of the license, and it seems absurd considering e.g. Mastodon is AGPL but the standard install requires a reverse proxy[1]. If using a proxy defeats Affero, why would the Mastodon team do this? Are they stupid?
[1] https://github.com/mastodon/mastodon/blob/main/dist/nginx.co...