Closed josefsabl closed 2 years ago
This in concept is nice, in practice though who's going to decide what "any open source" means? Does that refer to licenses considered open source by the FSF, or licenses approved by OSI, or would it refer to what is generally accepted in the PHP community?
For example in your list I'm surprised to see the full GPL. If you depend on a GPL package it turns your entire project into a derivative work. You then have to distribute the whole thing under the terms of the GPL. That's why it's a very uncommon license to use for PHP packages, and also the reason why I deliberately do not allow GPL packages in my projects (the LGPL is fine though).
Also the newest license in the list is the (L)GPL 3.0 and that's already 14 years old. These things very rarely change, to be honest I can't remember the last time I had to make a change to my accept-license:
list. This ticket is now over a year old, so I'm kind of curious. How much has this list changed for you since you created this ticket? 😀
Well, it historically changed only when new package was installed and it was licensed in a way that we didn't see before. And that was actually a motivation to write this issue.
But as I see it now I completely agree with what you say.
And thank you for the tip with the full GPL 👍 .
It would be very useful if you could add something like
accept-licence: any-open-source
which would be same as accepting all the versions of open source licences. I have this is my list and it is a bit bothering to maintain it.