server icon indicating copy to clipboard operation
server copied to clipboard
verified publisher icon nextcloud

Reuse compliance

Open CarlSchwan opened this issue 4 years ago • 4 comments

There is now a specification about how to declare license in for our source code: reuse.software

This would allow to replace:

<?php
/**
 * @copyright Copyright (c) 2016, ownCloud, Inc.
 *
 * @author Christoph Wurst <[email protected]>
 * @author Joas Schilling <[email protected]>
 *
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program. If not, see <http://www.gnu.org/licenses/>
 *
 */

with

<?php
/**
 * SPDX-FileCopyrightText: 2016, ownCloud, Inc.
 * SPDX-FileCopyrightText: Christoph Wurst <[email protected]>
 * SPDX-FileCopyrightText: Joas Schilling <[email protected]>
 * SPDX-License-Identifier: AGPL-3.0-only
 */

This has the following advantages:

  • It's shorter :)
  • It's machine-readable, so we can have a CI job verify that no file is missing licensing statements
  • It's standardized using SPDX identifiers and is starting to get adopted in many other large open-source projects: e.g. Linux kernel, KDE

For porting to SPDX, I had a good experience using licensedigger. It supports a wide range of licenses and is easy to add more in our case AGPL-3.0-or-later and AGPL-3.0-only. If people are okay I could do that in some small apps first so that we can look at the result before doing the server repo.

CarlSchwan avatar Nov 15 '21 22:11 CarlSchwan

I ported the profiler repo to use it https://github.com/nextcloud/profiler/pull/14

CarlSchwan avatar Apr 14 '22 11:04 CarlSchwan

It would be really great if we would become reuse compliant, thanks for bringing this up @CarlSchwan

Sometimes we also need to provide a overview over all Free Software licenses withing Nextcloud, this would also make it easier to compile such a list.

schiessle avatar Aug 03 '22 12:08 schiessle

Switching to reuse compliant license/copyright notices would also allow to automatically check for compliance in our CI pipelines on pull requests see https://reuse.software/dev/#ci

mgallien avatar Aug 03 '22 14:08 mgallien

I started porting groupfolders to reuse here: https://github.com/nextcloud/groupfolders/pull/2046

This requires the following patch to teach licensedigger to correctly identify Nextcloud headers https://invent.kde.org/sdk/licensedigger/-/merge_requests/99

CarlSchwan avatar Aug 03 '22 15:08 CarlSchwan