Update license expressions to new syntax #65442
Conversation
BrewTestBot
added
the
automerge-skip
|
Note: audit fails for two formulae: $ brew audit $(git show --name-only | sed '1,2d')
mongoose:
* Formula mongoose contains non-standard SPDX licenses: ["Cesanta"].
For a list of valid licenses check: https://spdx.org/licenses/
ttf2eot:
* Formula ttf2eot contains non-standard SPDX licenses: ["BSD-*"].
For a list of valid licenses check: https://spdx.org/licenses/
Error: 2 problems in 2 formulae detectedWhat should I do with these?
|
Formula/ipfs.rb
Outdated
| @@ -4,8 +4,7 @@ class Ipfs < Formula | |||
| url "https://github.com/ipfs/go-ipfs.git", | |||
| tag: "v0.7.0", | |||
| revision: "ea77213e31ef2b3cad81d40bf82bb9baef3ea7b6" | |||
| # license ["Apache-2.0", "MIT"] - pending https://github.com/Homebrew/brew/pull/7953 | |||
| license "Apache-2.0" | |||
| license any_of: ["Apache-2.0", "MIT"] | |||
There was a problem hiding this comment.
Not sure how to handle this exactly. According to the license file:
This project is transitioning from an MIT-only license to a dual MIT/Apache-2.0 license.
Unless otherwise noted, all code contributed prior to 2019-05-06 and not contributed by
a user listed in this signoff issue is
licensed under MIT-only. All new contributions (and past contributions since 2019-05-06)
are licensed under a dual MIT/Apache-2.0 license.
I don't think we can use :any_of because that implies that the MIT doesn't have to apply. In reality, it seems to be MIT and the option of Apache-2.0 as well. It feels like maybe it should be:
license all_of: [
"MIT",
any_of: ["MIT", "Apache-2.0"],
]Probably good to get another maintainer opinion on this.
There was a problem hiding this comment.
Sounds reasonable to me. I'll make the change you're proposing, but will be happy to update to follow whatever consensus emerges.
Formula/ttf2eot.rb
Outdated
| @@ -4,8 +4,7 @@ class Ttf2eot < Formula | |||
| url "https://github.com/wget/ttf2eot/archive/v0.0.3.tar.gz" | |||
| sha256 "f363c4f2841b6d0b0545b30462e3c202c687d002da3d5dec7e2b827a032a3a65" | |||
| # License: Derived from WebKit, so BSD/LGPL 2/LGPL 2.1. | |||
| # license ["LGPL-2.0", "BSD-*"] - pending https://github.com/Homebrew/brew/pull/7953 | |||
| license "LGPL-2.0" | |||
| license any_of: ["LGPL-2.0", "BSD-*"] | |||
There was a problem hiding this comment.
| license any_of: ["LGPL-2.0", "BSD-*"] | |
| license any_of: ["LGPL-2.0-only", "BSD-2-Clause"] |
Based on: https://webkit.org/licensing-webkit/. Didn't see any indication of -only or -or-later so went with -only. Maybe another maintainer can find some more info?
If we're not sure about that, we should probably:
| license any_of: ["LGPL-2.0", "BSD-*"] | |
| license :cannot_represent |
There was a problem hiding this comment.
I do see at the end of that page this note:
WebKit open source web browser engine.
Copyright (C) 2015 Apple, Inc.This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
Doesn't that make it clear the -or-later versioning is intended?
There was a problem hiding this comment.
No, that's part of the standard -or-later and -only license.
See the SPDX entries for LGPL-2.0-only and LGPL-2.0-or-later. They both contain the above lines in the "How to Apply These Terms to Your New Libraries" section.
We really need to see the source files to see which header is used. That will be able to tell us whether -only or -or-later is more approriate.
There was a problem hiding this comment.
Ah, I see. Well, that's confusing 🙃 I'll look into WebKit's source files, then.
There was a problem hiding this comment.
Ok, I cloned the repo (from this mirror) and ran a search in the source files. It seems pretty clear that the -or-later variant is the intended one:
$ rg -l 'the Free Software Foundation; either' | wc -l
2982
$ rg -l 'the Free Software Foundation; version' | wc -l
0See also this commit for an example of the typical license headers they use.
There was a problem hiding this comment.
(That said, it seems that in this case we'd need to use all_of rather than any_of, since each file is only licensed under one of the two licenses; WDYT?)
|
Thanks for the thorough review @Rylan12! I'll make the obvious changes right away, and will leave the unclear ones to when others have a chance to chime in. |
BrewTestBot
removed
the
automerge-skip
Rylan12
added
the
CI-syntax-only
Formula/mongoose.rb
Outdated
| @@ -3,7 +3,7 @@ class Mongoose < Formula | |||
| homepage "https://github.com/cesanta/mongoose" | |||
| url "https://github.com/cesanta/mongoose/archive/6.17.tar.gz" | |||
| sha256 "5bff3cc70bb2248cf87d06a3543f120f3b29b9368d25a7715443cb10612987cc" | |||
| license any_of: ["GPL-2.0", "Cesanta"] | |||
| license any_of: ["GPL-2.0-only"] | |||
There was a problem hiding this comment.
Sorry, maybe I wasn't clear enough here. No quotes or brackets needed:
| license any_of: ["GPL-2.0-only"] | |
| license "GPL-2.0-only" |
There was a problem hiding this comment.
Oops! That was definitely an overlook on my side — it was late here 😅 I'll update.
|
Additionally, next time you update the PR, can you separate the changes to one-commit-per-formula with the message Thanks, again! |
waldyrious
force-pushed
the
update-license-expressions
branch
from
7c50247 to
9ac365f
Compare
Co-authored-by: Rylan Polster <rslpolster@gmail.com>
|
🤖 A scheduled task has triggered a merge. |
|
Thanks, @waldyrious! |
Updating formulae license expressions in the context of #58225, now that richer license syntax has been made available in #7953 and #8260.
brew install --build-from-source <formula>, where<formula>is the name of the formula you're submitting?brew test <formula>, where<formula>is the name of the formula you're submitting?brew audit --strict <formula>(after doingbrew install <formula>)?