Licenses for default embedded fonts not included in epaint crate license
#2321
Labels
bug
Something is broken
Comments
repi
added a commit
to EmbarkStudios/rust-ecosystem
that referenced
this issue
Nov 19, 2022
Yes I did actually manually (lightly) audit all these crates by opening up the exact versions and looking for `unsafe` usage (none found!), dependencies, ambient capabilities through std/core, and such. And looks good! reviewing large Rust crates is not that hard when not using any such features 💯 Thanks @emilk 😃 Did find one under specified license though in `epaint` that I've stubbed out as a violation here - Filed: emilk/egui#2321 - Once this is resolved later we can enable the violation so previous versions will fail to be audited due to it. But can't do it yet because would fail `cargo vet` in our projects. Part of: - https://github.com/EmbarkStudios/ark/issues/6167 - https://github.com/EmbarkStudios/ark/issues/7090
|
Thanks for taking a look at this and opening an issue! I agree that the clean solution is desirable, but also more complicated, so maybe I'll start with the simple solution. |
|
sounds good! |
repi
added a commit
to EmbarkStudios/rust-ecosystem
that referenced
this issue
May 26, 2023
In versions 0.19.0 and before the license was not including embedded static resources. This was tracked in emilk/egui#2321 and resolved in 0.20.0.
|
Link to the ubuntu font license 404s |
|
Also just hit this - I think a separate crate for the fonts would be the right way to go |
|
You wanna make a PR for that? |
alex-pinkus
pushed a commit
to alex-pinkus/egui
that referenced
this issue
Jul 20, 2024
This allows license checking tools to omit the OFL and UFL licenses when `default_fonts` are turned off. Fixes emilk#2321
1 task
alex-pinkus
pushed a commit
to alex-pinkus/egui
that referenced
this issue
Jul 20, 2024
This allows license checking tools to omit the OFL and UFL licenses when `default_fonts` are turned off. Fixes emilk#2321
emilk
pushed a commit
that referenced
this issue
Jul 31, 2024
This allows license checking tools to omit the OFL and UFL licenses when `default_fonts` are turned off. There was some discussion of versioning on the original issue; I have chosen to label this version as `0.28.1` to match the other crates. Happy to adjust the version as needed. <!-- Please read the "Making a PR" section of [`CONTRIBUTING.md`](https://github.com/emilk/egui/blob/master/CONTRIBUTING.md) before opening a Pull Request! * Keep your PR:s small and focused. * The PR title is what ends up in the changelog, so make it descriptive! * If applicable, add a screenshot or gif. * If it is a non-trivial addition, consider adding a demo for it to `egui_demo_lib`, or a new example. * Do NOT open PR:s from your `master` branch, as that makes it hard for maintainers to test and add commits to your PR. * Remember to run `cargo fmt` and `cargo clippy`. * Open the PR as a draft until you have self-reviewed it and run `./scripts/check.sh`. * When you have addressed a PR comment, mark it as resolved. Please be patient! I will review your PR, but my time is limited! --> * Closes <#2321> * [X] I have followed the instructions in the PR template --------- Co-authored-by: Alex Pinkus <pinkus@amazon.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
epaintcrate uses licenseMIT OR Apache-2.0but when one uses it with the default features or thedefault_fontsfeatures a set of default fonts are embedded in the binary that have additional licenses.This makes it so tools like cargo-deny (license compliance) and cargo-about (license attribution) can't see and validate/include the required licenses.
These are the licenses used for the default fonts:
fonts/emoji-icon-font.ttf- license: MITfonts/Hack-Regular.ttf- license: MITfonts/NotoEmoji-Regular.ttf- license:OFL-1.1fonts/Ubuntu-Light.ttf- license: "UBUNTU FONT LICENSE 1.0"LicenseRef-UFL-1.0.So to be fully correct in the license definition of the
epaintcrate I believe we would have to specify to license as:(MIT OR Apache-2.0) AND OFL-1.1 AND LicenseRef-UFL-1.0.A recent and good previous example for another crate was dtolnay/unicode-ident#9.
A drawback of that however would be that if you use the crate with
default-features = falseand not withfeatures = ["default_fonts"]tools wouldn't know that these licenses are then not required.So believe the most clean solution for everyone would be to split out the default fonts into a separate crate (like
epaint-default-fonts) that has this full license, a crate that just doesinclude_bytes!on the fonts and exposes global variable with them. And then inepaintwe can keepMIT OR Apache-2.0license and include theepaint-default-fontsoptionally in that.Tools like cargo-deny and cargo-about would fully understand this and then only require that the
OFL-1.1andLicenseRef-UFL-1.0are on the allow list if the optional default fonts are included.What do you think about such an approach @emilk ?
The text was updated successfully, but these errors were encountered: