Hello! I have a couple of questions, mostly regarding licensing for PKGBUILDs. 1. What should be put as the license for projects that have a license similar to a SPDX license, but doesn't match any? * One example of this would be allwpilib[1], which has a license very similar to the BSD 3-clause license, but since it has the word "NONINFRINGEMENT" after "MERCHANTABILITY", it doesn't match as the BSD 3-clause license (if I am reading the SPDX matching guidelines correctly) 2. I have a PKGBUILD that I made for allwpilib, and I needed to create a patch to allow it to build with -O2 instead of -O3. Should this patch be licensed under 0BSD, or the aforementioned modified BSD 3-clause license? I was thinking of submitting the PKGBUILD for allwpilib to the AUR, and any feedback would be greatly appreciated! I put a tarball with everything on google drive[2]. [1]: https://github.com/wpilibsuite/allwpilib [2]: https://drive.google.com/file/d/1oY2cfxBIaBDzEerZ1AJHniI4dT_UpOBZ/view
Hi manganeese,
1. What should be put as the license for projects that have a license similar to a SPDX license, but doesn't match any? * One example of this would be allwpilib[1], which has a license very similar to the BSD 3-clause license, but since it has the word "NONINFRINGEMENT" after "MERCHANTABILITY", it doesn't match as the BSD 3-clause license (if I am reading the SPDX matching guidelines correctly)
The allwpilib example is a custom license. According to the wiki [1], one would declare this as e.g. `LicenseRef-BSD-3.0-Clause-Noninfringement` and place the custom license into the `LICENSES/` subdirectory as described in RFC 0052. [2]
2. I have a PKGBUILD that I made for allwpilib, and I needed to create a patch to allow it to build with -O2 instead of -O3. Should this patch be licensed under 0BSD, or the aforementioned modified BSD 3-clause license?
I keep encountering this very dilemma in my own AUR PKGBUILDs. As far as I can tell, the RFC doesn’t cover this case [2]. (It does, however, cover the case of patches copied from upstream.) I noticed that the `reuse` CLI tool (around which the RFC was designed) and Arch’s `pkgctl` CLI wrapper have an opinionated default behavior around this. I.e., if you run `pkgctl license setup` on a PKGBUILD repository and it includes a patch, then the tool assigns it the upstream license automatically, even if you wrote the patch yourself. IANAL but I think that this default behavior is quite reasonable approach (even though a little conservative.) Reasonable because even if you wrote the patch yourself, the surrounding-lines context may still contain copyrighted code from upstream and I think we need to comply with that. Out of an abundance of caution, what I keep doing is leave it as the tool suggests (i.e. release the patch under the upstream license). Additionally, I put *both* `Arch Linux Contributors` (because I authored the patch) *and* the upstream author of the surrounding context into the `SPDX-FileCopyrightText` (example: [3]). This method is erring pretty much on the side of caution but I’d love to learn how others feel about this. Regards Claudia [1]: https://wiki.archlinux.org/title/PKGBUILD#license [2]: https://rfc.archlinux.page/0052-reuse/ [3]: https://aur.archlinux.org/cgit/aur.git/tree/REUSE.toml?h=en-croissant#n32
participants (2)
-
Claudia Pellegrino
-
manganeese