I'm not sure I follow with the LGPL requirement.. how do you envision downstream users complying with the relinking requirement, particularly in cases where Sidequest is orchestrating jobs across tightly-coupled backend infrastructure?
I'm not sure I follow with the LGPL requirement.. how do you envision downstream users complying with the relinking requirement, particularly in cases where Sidequest is orchestrating jobs across tightly-coupled backend infrastructure?
AFAIK, the relinking requirement only applies if you distribute the software to someone.
If you’re running Sidequest entirely on your own infrastructure to orchestrate jobs across your backend, you’re not distributing the software at all, you’re providing a service. The tight coupling does not itself trigger extra obligations. What matters legally is distribution, not architecture.
Edgecase is if you give your software to a customer to run on their own servers (self‑hosted deployment/docker image shipped to customer). In those cases, you would need to allow them to replace Sidequest.js (ie, not obfuscating it away).
Someone more knowledgeable can correct me, if I'm wrong
Layman here also, but I think you are correct about GPL and LGPL (this case), but not for AGPL which adds a requirement that: "... If your software can interact with users remotely through a computer network, you should also make sure that it provides a way for users to get its source"
https://www.gnu.org/licenses/gpl-faq.html#AGPLv3ServerAsUser
My guess is the 2-level separation. You WILL need to make some part in your system LGPL by using "Sidequest.js" tightly, but then expose very simple APIs (like /start /status etc..) that will stop the LGPL from "infecting" other parts, as they can replace the "linking" with anything that will support those simple APIs.
Which is a good way to get improvements other are doing that relate to your source code through LGPL's source exposing, while not forcing it everywhere (GPL case). Especially, for backend libs.
And since AGPL will essentially make it non viable for SaaS (as network separation won't do), LGPL is what left.