Comment by arp242

> they give very detailed instructions on how to check that they are using the software

It's not that detailed; it just says "there is a minio binary, and that's our minio". Okay, but what version is that? This is the crucial part, because Apache vs AGPL license makes a world of difference.

The Apache attribution requirement seems satisfied; perhaps not as prominently as minio would like, but there is no "prominence requirement". It fails to demonstrate any AGPL code is used, although according to some other comments the monio people have a unique and interesting interpretation of relicensing where they think they can retroactively relicense Apache code to AGPL. The claim that backporting any security fixes would trigger the AGPL is also suspect; typically many security fixes are simple in terms of code changed, and tend to be fairly easy to re-implement independently once you know the description of the problem. Either way, "it's likely that [..]" doesn't really demonstrate much of anything and is certainly not "very detailed".

In short, the minio post is vague and full of assumptions; even without this rebuttal I wouldn't put too much stock in it as it seems borderline FUD.