Ask HN: How to be compliant with the AGPL licence?

We’re considering using an AGPL-licensed database tool as part of our saas. AGPL has always felt a bit scary. It’s got a reputation for being “viral” ( in a way that even companies like Google explicitly avoid it in their projects. There’s a lot of FUD and ambiguity around what it means to be compliant — especially for server-side use. I have read about how companies like iText or MinIO that are kind of abusing the licence to get you to pay for a subscription to their services.

Our plan to be compliant is:

Fork the AGPL repo and modify it slightly for our workload

Publish our changes in a public GitHub repo under the same AGPL license (linking the original repo)

Publish that version as an npm package

Use that package in our Node.js server

Add a clear link to the source on our website (in docs or footer)

There’s no private fork — just a clean public repo that exactly matches what we run in production.

Would this be enough to comply with AGPL’s network-use clause? Or do we need to go further, e.g. display the AGPL license explicitly in our app UI, or provide the source in a different way?

Has anyone here dealt with this in production? We want to do the right thing, even if it means to not use the project at all.