[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[directory-discuss] Are license notices mandatory?

From: David Hedlund
Subject: [directory-discuss] Are license notices mandatory?
Date: Mon, 25 Jun 2018 08:37:45 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Icedove/52.8.0

Richard Stallman suggested me to send this text to affected software developers long ago.

### Beginning of text.

There are no (full) license notices in the non-trivial source files

The source files in FULL_SOFTWARE_NAME don't have notices saying you are the copyright
holder and/or that they are released under LICENSE LICENSE_VERSION.
I'm writing to ask you to please put a notice on each nontrivial source file.

Selecting a license on a website that hosts the add-on (like, will only show it there, the source files won't be modified.

First, here's why license notices are needed.

The purpose of a license notice is to state formally that a certain
file may be used under the terms of a particular license.

The LICENSE, like most free software licenses, applies to whatever
material is released under that license.  It does not say anything
about which programs are released that way.

Therefore, simply including a copy of the LICENSE with some code
does not release the code under the terms of the LICENSE.
To do that, you need a license notice, which says, more or less,
"We the copyright holders release this code under the LICENSE."

The source files should be accompanied by a copyright notice, which says who
"we" copyright holders are.  That takes the form "Copyright YEAR NAME".

For the LICENSE, there are two other reasons for a license notice: to say
which version of the LICENSE applies, and (for LICENSE LICENSE_VERSION), to say whether the
LICENSE's option of GPL compatibility applies.  It is enabled by default
in LICENSE LICENSE_VERSION, but users should have an explicit statement of where things
stand for any particular code.  The license notice is where you
specify this.

Why should the license notice be on _each_ source file?
Because doing it at the package level is error-prone.

In the free software community, it is not unusual to copy a file from
a free program into some other context.  If the source file doesn't
have its own license notice, then its licensing comes from the
original context.  In the other context, its licensing may not be
clear.  It may not be stated at all, or it could be stated wrong.  For
instance, what if the other program says, "This program is released
under Apache 2.0", or "This program is released under GNU GPL, version
3 or any later version published by the Free Software Foundation."

The result would be to misinform users about the file's licensing.

People sometimes copy part of a file, too.  If the file has a license
notice, people know to preserve that notice when copying part of the
file's code.  Otherwise, the licensing will probably get lost.

A different problem can happen if you copy code _into_ FULL_SOFTWARE_NAME from
some other package.  Your package-level license notice would say it is
under LICENSE LICENSE_VERSION, but what if it actually carries some other license,
such as Apache 2.0, or GPL Version 3 or later?

Keeping a license notice in each file is the way to reliably show
users what their rights are.  Please don't let uncertainty creep in.

You've made a decision about the license -- would you please announce
it in a way that won't get forgotten?

Other people can use your work with bad intentions, even if the mistake were honestly
unintentional. That is why, unfortunately, we have to take lots of time with verifying
the legality of everything.

### End of text.

John Sullivan said:
I think as long as a top-level license and a clear statement of
licensing intent are present (which it sounds like they are, between the
AGPL file and the, with no indications of proprietary
licensing for any files, we can accept that.

If a volunteer has the time, it'd be great to submit patches to PeerTube
to add the per-file license headers, but I don't think that's necessary
for them to be added to the Directory.


Bill Auger said:

"Doesn't the GNU FSDG require that it's mandatory to include license
headers?" -- David Hedlund

it is not mandatory - the GPL suggests that it is good practice to do so but no
other license that i know of even mentions that - if the FSDG made that
mandatory, then distros would only have GPL programs

ive been holding back from mentioning the elephant on the dining table here; but
i may as well note that this is a web site - yes? a webby-webby web site - as
such, it very likely includes massive entangled piles (aka "bundled") of
obfuscated (aka "minified") _javascript_s, originating from possibly hundreds of
upstream projects, possibly identified, possibly not, possibly with or without
*any* discernible license, and some possibly downloaded from the net at run-time 
to be executed immediately at the client

the license in the project root is probably only attributable to the server-side 
code at most - unfortunately web software is not nearly as clean cut as native
programs and requires significantly more scrutiny; with a high likelihood of
panning out as a lost cause rabbit hole - "maybe a volunteer will do it" is not
a reasonable expectation

reply via email to

[Prev in Thread] Current Thread [Next in Thread]