Open Aleksanaa opened 5 months ago
eclairevoyant
commented
5 months ago The same goes for
gpl2andagpl3.
Well technically agpl3 is in a slightly different category, as it's been removed entirely.
There's also the lgpl* licenses to care about.
jtojnar
commented
5 months ago 
Aleksanaa
commented
5 months ago and jtojnar/nixpkgs-hammering@
main/explanations/unclear-gpl.md
I found this tool was exactly something I've been wanting to do for a few weeks and you've made it. It's wonderful.
But I still hope that some suggestions with universal reference value will be included in the official documentation to facilitate the reference of newcomers and also be quoted when we review.
lolbinarycat
commented
4 months ago i don't think changing every instance of gpl3 to gpl3Plus or gpl3Only is practical, however, it should be possible to make a CI check that fails if a PR adds new packages with a deprecated license, at least if the package is added under by-name, which most new packages should be.
basically just use some git diff-tree magic to list the files that were changed/created, then do callPackage on any of those under by-name, and check the license.
Aleksanaa
commented
4 months ago There is an ongoing attempt to remove existing licenses.gpl2 https://github.com/NixOS/nixpkgs/pull/305036
Aleksanaa
commented
4 months ago basically just use some git diff-tree magic to list the files that were changed/created, then do callPackage on any of those under by-name, and check the license.
ofBorg runs check-meta.nix, and we can probably add the logic there.
eclairevoyant
commented
4 months ago We should definitely warn about deprecated licenses. But I don't think borgo will notice warnings, will it?
On the borgo side, could this be addressed by setting config.blocklistedLicenses to include all the deprecated ones?
Aleksanaa
commented
4 months ago On the borgo side, could this be addressed by setting
config.blocklistedLicensesto include all the deprecated ones?
My idea would be adding an extra check-meta-strict.nix or adding some flags to check-meta.nix. We can block more non-standard styles altogether, for example https://nixos.org/manual/nixpkgs/unstable/#var-meta-description
Problem
Packagers often encounter issues determining whether the upstream is using
gpl3Onlyorgpl3Plus. They are often surprised to find that there is an option calledgpl3which avoids the difficulty for them, however,gpl3is deprecated, but the deprecation is only mentioned here: https://github.com/NixOS/nixpkgs/blob/f32598c9fb112c47d43050a9475327a9c9bc19aa/lib/licenses.nix#L1273-L1311The same goes for
gpl2andagpl3.There are also some packagers who know this problem, so they directly write
gpl3, hoping that reviewers will help them correct it (of course, if no one corrects it, these errors will happily go into Nixpkgs). I need to continually tell contributors thatgpl3is deprecated, don't use it, and then I need to help them find the correct license, because they can't.And then because this involves legal issues, everyone will say, "I don't actually know" and then let these discussions end in vain, and the result is that this situation is allowed to continue.
The most problematic part is
14. Revised Versions of this Licenseof GPL3 (didn't check other versions). This looks related to this question, but I can't figure it what does it actually mean.Proposal
check-meta-strictor directly editcheck-meta?)LICENSEfile included. a. the packager should always ask the author. b. if no version mentioned then-Plus, otherwise-Only. c. if no "or any later versions" mentioned then-Only, otherwise-Plus. c. let some legal team (do we ever have one?) decide for each case.Checklist
Add a :+1: reaction to issues you find important.