When Cloud Services Misuse Open‑Source Code: The SkyWalking License Violation Case

Recently, DD saw a post by Apache SkyWalking founder Wu Sheng complaining that a commercial cloud service failed to provide proper post‑sale support, highlighting a common issue where users of commercial products turn to the original open‑source project for help.

On January 28, the official Apache SkyWalking blog reported that ByteDance’s cloud service unit, Volcengine, violated the Apache 2.0 license while using SkyWalking.

The blog linked to the original report (https://skywalking.apache.org/blog/2022-01-28-volcengine-violates-aplv2/) and noted that an anonymous submitter provided a report and a download link for the alleged infringing Java Agent:

https://datarangers.com.cn/apminsight/repo/v2/download/java-agent/apminsight-java-agent_latest.tar.gz

SkyWalking confirmed through source code comparison that the distributed package was indeed a version of the SkyWalking Java Agent. The main evidence includes three points: agent.config file keys and format are identical to SkyWalking’s Volcengine version. apmplus-agent.jar contains core classes that match those in SkyWalking’s Volcengine distribution.

Code naming, package structure, and hierarchy are consistent with SkyWalking 6.x.

Volcengine’s team altered the package name, removed the Apache Foundation header, and omitted the LICENSE and NOTICE files from the distribution.

After the blog post, Volcengine’s representatives responded that they would add SkyWalking’s copyright notice to the relevant documentation and SDK, and they would apologize to the developers.

The incident reflects a growing trend of open‑source projects facing misuse by commercial cloud providers, raising questions about companies’ understanding of open‑source licenses and the enforcement of compliance.