We are currently using the OpenSource Variant of EMQX, which is stated to be fully licensed under Apache-2.0 License
. When we checked the source code however, we found that since Version 5.0.24 the structure regarding the Licenses has changed, and that at least the “emqx-bridge-mongodb” is licensed under BSL1.1. (see Readme for emqx-bridge-mongodb at version 5.0.26
In our software we use MongoDB to manage the Access Control Lists (ACLs) for the MQTT Broker.
Is the “emqx-bridge-mongodb” not used in such a context?
How can we ensure, that the downloadable Open Source Binary Artifacts only contain Apache-2.0 Licensed code?
Authentication and authorization mechanisms using various database backends are available in the open source edition. Bridge is unrelated to the authN/authZ, it is used for pushing the MQTT messages to the database. So you should be fine.