LICENSE file #43

New issue

Closed

opened 2021-04-25 19:58:05 +00:00 by josch · 0 comments

josch commented

2021-04-25 19:58:05 +00:00

Owner

By Todd on 2018-06-02T22:30:54.065Z

I am trying to package img2pdf for openSUSE. However, there is no license file I can find, either in the github or tarball. In order for people to know how they can use your code it is really important to have a license file. Would it be possible to add one? Thank you.

By josch on 2018-06-02T23:24:01.924Z

Yes, there is no license file. But it is incorrect that a license file puts some code under certain copyright conditions.

As the copyright holder of some software you do not indicate that others can use your code according to some conditions by putting the license text in a file somewhere in your project directory. The legally correct way to indicate, that others can use your software according to certain conditions is, to write something like this:

Copyright 2018 Firstname Lastname
This software is distributed under the terms of blablabla

This is called a copyright notice. A copyright notice is different from a license file. A license file itself does not grant any copyright to others than the copyright owner. A license file by itself is just another file in the project source directory. You could ship a project having license files for BSD, GPL and Expat but that would not mean that your code is licensed under all these three.

If you now have a look at img2pdf/src/img2pdf.py, then you will see that at the top of the file it contains such a copyright notice which informs third parties like you about the conditions under which you are allowed to use my software. It also informs you that if you do not already have a copy of the LGPL3+, then you can obtain a copy of that license from http://www.gnu.org/licenses There is no legal obligation for me to include the terms of the LGPL3+ with copies of my software.

The software was also accepted in Debian, so it underwent review of Debian ftp-masters. It is thus unlikely, that img2pdf in its current form is causing problems for openSUSE in terms of its copyright status.

In case I'm wrong, please show me how.

Thank you for packaging img2pdf for openSUSE!

By Todd on 2018-06-03T03:55:07.389Z

According to the upstream python packaging guidelines, there should be a separate license file:

Every package should include a license file detailing the terms of distribution. In many jurisdictions, packages without an explicit license can not be legally used or distributed by anyone other than the copyright holder. If you’re unsure which license to choose, you can use resources such as GitHub’s Choose a License or consult a lawyer.

openSUSE also requires a separate license text file:

Finally, license texts should always be copied into the package. This is usually done by adding the filename to the %files section using the %license macro in the spec file. Licenses are often found in files with names such as COPYING, COPYING.LIB, LICENSE.txt etc.

Although for this license we could do it ourselves, it is considered better to use one provided by upstream.

Fedora also encourages packagers to request upstream add a separate license file even if it isn't legally required:

It is important to reiterate that in situations where the indicated license does not imply a requirement that the license be distributed along with the source/binaries, Fedora packagers are NOT required to manually include the full license text when it is absent from the source code. but are still encouraged to point out this issue to upstream and encourage them to remedy it.

By josch on 2018-06-03T06:14:35.583Z

Thanks for gathering all these resources. I still think that you should be more careful with your language or your reading of these texts. openSuse doesn't require a separate license text according to the paragraph you quote. It says "should" and not "must". These words have very distinct meanings.

So yes, I can easily add a LICENSE file. But not because of the reasons you mentioned. Not because I'm required to do it or because of what distributions require or because of what is legally required to distribute my code under the terms of the LGPL3+, but because I'm encouraged to do so.

I may add such a file with the next release of img2pdf.

By Georg Sauthoff on 2018-07-09T19:29:01.415Z

FWIW, I've packaged img2pdf for Fedora and the reviewer also suggested to ping upstream regarding the missing license file.

When someone packaged a software project of mine I received a similar issue report because I hadn't bothered to include the license file in addition to a short license boilerplate in the source/README.

I agree, you aren't required to add such a license file - I can't imagine that it would make difference in court when your source file already contain information about the author and the selected license.

It's just that this is a bullet point in several packaging policies and thus likely comes up every time someone new packages your software for yet another distribution.

I can only speculate on why those policies include such advice, perhaps because some license tutorials contain similar advice (e.g. https://www.gnu.org/licenses/gpl-howto.html - it also just recommends to include the license text without giving further motivation).

Thus, including a license file kind of simplifies the life of packagers of your software and you get less noise regarding this boring topic when another packager packages your software.

By josch on 2018-07-17T22:09:40.999Z

Status changed to closed by commit ce68cb21d7

*By Todd on 2018-06-02T22:30:54.065Z* I am trying to package img2pdf for openSUSE. However, there is no license file I can find, either in the github or tarball. In order for people to know how they can use your code it is really important to have a license file. Would it be possible to add one? Thank you. --- *By josch on 2018-06-02T23:24:01.924Z* --- Yes, there is no license file. But it is incorrect that a license file puts some code under certain copyright conditions. As the copyright holder of some software you do not indicate that others can use your code according to some conditions by putting the license text in a file somewhere in your project directory. The legally correct way to indicate, that others can use your software according to certain conditions is, to write something like this: Copyright 2018 Firstname Lastname This software is distributed under the terms of blablabla This is called a copyright notice. A copyright notice is different from a license file. A license file itself does not grant any copyright to others than the copyright owner. A license file by itself is just another file in the project source directory. You could ship a project having license files for BSD, GPL and Expat but that would *not* mean that your code is licensed under all these three. If you now have a look at `img2pdf/src/img2pdf.py`, then you will see that at the top of the file it contains such a copyright notice which informs third parties like you about the conditions under which you are allowed to use my software. It also informs you that if you do not already have a copy of the LGPL3+, then you can obtain a copy of that license from http://www.gnu.org/licenses There is no legal obligation for me to include the terms of the LGPL3+ with copies of my software. The software was also accepted in Debian, so it underwent review of Debian ftp-masters. It is thus unlikely, that img2pdf in its current form is causing problems for openSUSE in terms of its copyright status. In case I'm wrong, please show me how. Thank you for packaging img2pdf for openSUSE! --- *By Todd on 2018-06-03T03:55:07.389Z* --- According to the upstream [python packaging guidelines](https://packaging.python.org/guides/distributing-packages-using-setuptools/#license-txt), there should be a separate license file: > Every package should include a license file detailing the terms of distribution. In many jurisdictions, packages without an explicit license can not be legally used or distributed by anyone other than the copyright holder. If you’re unsure which license to choose, you can use resources such as GitHub’s Choose a License or consult a lawyer. openSUSE also requires a [separate license text file](https://en.opensuse.org/openSUSE:Packaging_guidelines): > Finally, license texts should always be copied into the package. This is usually done by adding the filename to the %files section using the %license macro in the spec file. Licenses are often found in files with names such as COPYING, COPYING.LIB, LICENSE.txt etc. Although for this license we could do it ourselves, it is considered better to use one provided by upstream. Fedora also [encourages packagers](https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging/LicensingGuidelines#License_Text) to request upstream add a separate license file even if it isn't legally required: > It is important to reiterate that in situations where the indicated license does not imply a requirement that the license be distributed along with the source/binaries, Fedora packagers are NOT required to manually include the full license text when it is absent from the source code. but are still encouraged to point out this issue to upstream and encourage them to remedy it. --- *By josch on 2018-06-03T06:14:35.583Z* --- Thanks for gathering all these resources. I still think that you should be more careful with your language or your reading of these texts. openSuse doesn't require a separate license text according to the paragraph you quote. It says "should" and not "must". These words have very distinct meanings. So yes, I can easily add a LICENSE file. But not because of the reasons you mentioned. Not because I'm *required* to do it or because of what distributions require or because of what is legally required to distribute my code under the terms of the LGPL3+, but because I'm encouraged to do so. I may add such a file with the next release of img2pdf. --- *By Georg Sauthoff on 2018-07-09T19:29:01.415Z* --- FWIW, I've packaged img2pdf for Fedora and the reviewer also suggested to ping upstream regarding the missing license file. When someone packaged a software project of mine I received a similar issue report because I hadn't bothered to include the license file in addition to a short license boilerplate in the source/README. I agree, you aren't required to add such a license file - I can't imagine that it would make difference in court when your source file already contain information about the author and the selected license. It's just that this is a bullet point in several packaging policies and thus likely comes up every time someone new packages your software for yet another distribution. I can only speculate on why those policies include such advice, perhaps because some license tutorials contain similar advice (e.g. https://www.gnu.org/licenses/gpl-howto.html - it also just recommends to include the license text without giving further motivation). Thus, including a license file kind of simplifies the life of packagers of your software and you get less noise regarding this boring topic when another packager packages your software. --- *By josch on 2018-07-17T22:09:40.999Z* --- Status changed to closed by commit ce68cb21d75bce964db630dca2a2c26df297012c