Relicense under a Creative Commons license

[newpavlov]

During repository creation the Apache 2.0 was selected. But IIUC it's a poor fit for images. I suggest using CC-BY or CC-0 instead.

CC-BY is a bit less suitable for source code (e.g. for the image generation scripts), but it's used sometimes for this purpose. CC-BY also requires attribution and technically we must attribute ourselves when the images are used as part of rand_distr docs.

CC-0 will mean the least trouble for image users (including ourselves), but it means effectively publishing the images into the public domain. Personally, I am fine with it in this case, but some contributors may disagree.

[dhardy]

Personally I'm fine with any of these. I just picked Apache 2.0 because last time I looked at licences this is what I picked, and because it is also the default pick on a new GitHub repo when selecting a licence.

The other point is that using the same licence as rand would make integration easier if we wanted to do that in the future (though then it should be Apache2+MIT or something very permissive like CC0). Not that important though.

Since @MichaelOwenDyer is doing the initial work here, he deserves a say.

[MichaelOwenDyer]

I am perfectly fine with releasing into the public domain, so CC-0 would have my vote if its the easiest to work with all around :)

[josephlr]

I asked some laywers at work, and the consensus seems to be that CC BY 4.0 fills the role of "Apache 2.0 but for non-code" (it's what Google uses for releasing images, papers, etc...). So if we want the license here to be like the Apache 2.0 license for the rand crates (where attribution is required) we should use CC BY 4.0. However, I agree that attribution seems unnecessary here.

CC0 can apparently be annoying when distributing source code (say as part of a Rust package) as many countries don't allow you to place works into the public domain, potentially triggering CC0's fallback license. Those concerns don't apply here. The rand/rand_distr docs and code would still be Apache 2.0 / MIT dual licensed, and would just have links to the CC0 images living in this repo.

I think the easiest approach would be to use CC0 for everything (including the small amount of code). We aren't putting the image generation code inside any of our packages, so one license for everything seems fine. If we wanted to be really strict, we could have the code Apache 2.0 licensed and the images CC0 licensed, but that seems like overkill.

[newpavlov]

CC0 can apparently be annoying when distributing source code (say as part of a Rust package) due to public domain working differently in different countries.

IIRC CC0 was specifically developed to work around those differences and get as close as possible to Public Domain in various jurisdictions and this is why they have a separate public domain mark. BTW it's not that "public domain works differently", in many (if not most) countries you simply can not publish your work into "public domain" and it can be only done automatically after copyright expires.

[josephlr]

CC0 can apparently be annoying when distributing source code (say as part of a Rust package) due to public domain working differently in different countries.

BTW it's not that "public domain works differently", in many (if not most) countries you simply can not publish your work into "public domain" and it can be only done automatically after copyright expires.

Whoops, you're totally correct. I updated my comment to be more accurate. The non-uniformity is one of the things that makes using it for source code tricky, and is why (for example) https://github.com/P-H-C/phc-winner-argon2 is dual licensed CC0 and Apache 2.0