search

skorokithakis / shortuuid

A generator library for concise, unambiguous and URL-safe UUIDs.
http://www.stavros.io/
BSD 3-Clause "New" or "Revised" License
2.07k stars 112 forks source link

Request to update format of license in pyproject.toml #78

Closed markpaynter closed 2 years ago

markpaynter commented 2 years ago

Hello!

I want to start by saying thank you for such a great python module and for making it available for everyone to use.

Looking at the license of this module on pypi.org it does not seem to match the actual license included in here: https://github.com/skorokithakis/shortuuid/blob/master/COPYING

Could you please update this file: https://github.com/skorokithakis/shortuuid/blob/master/pyproject.toml#L5

to accurately reflect the license?

I believe the line needs to be the following: license = License :: OSI Approved :: BSD License

It would be greatly appreciated as it seems the current state of things reflects your desired license incorrectly and this can prevent it from being scanned successfully by some auditing tools out there.

If you would prefer me to create a PR for this, I would be happy to oblige.

Thanks!

skorokithakis commented 2 years ago

Hello! Thanks for the notice, if you could make a PR I'd be happy to merge, as I'm currently out.

Thanks again!

On Tue, Jul 19, 2022, at 19:20, markpaynter wrote:

Hello!

I want to start by saying thank you for such a great python module and for making it available for everyone to use.

Looking at the license of this module on pypi.org it does not seem to match the actual license included in here: https://github.com/skorokithakis/shortuuid/blob/master/COPYING

Could you please update this file: https://github.com/skorokithakis/shortuuid/blob/master/pyproject.toml#L5

to accurately reflect the license?

I believe the line needs to be the following: license = License :: OSI Approved :: BSD License

It would be greatly appreciated as it seems the current state of things reflects your desired license incorrectly and this can prevent it from being scanned successfully by some auditing tools out there.

If you would prefer me to create a PR for this, I would be happy to oblige.

Thanks!

— Reply to this email directly, view it on GitHub https://github.com/skorokithakis/shortuuid/issues/78, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAFYYBFEKJSPO46SQIJLRTVU3IVDANCNFSM54ASJWIA. You are receiving this because you are subscribed to this thread.Message ID: @.***>

markpaynter commented 2 years ago

PR created. Thanks for the speedy response!

https://github.com/skorokithakis/shortuuid/pull/79

skorokithakis commented 2 years ago

Merged, thank you!

ecederstrand commented 1 year ago

Late to the game here, but this change is incorrect.

The license entry should not be in the delimited "classifiers" form. That format is only for the classifiers entry. There's no official specification of this field, AFAIK, but the generally accepted standard is to use the SPDX identifier of the license, assuming the license is OSI-approved. In this case, the license is https://opensource.org/licenses/BSD-3-Clause and the license entry would be BSD-3-Clause. This helps license checkers like e.g. piplicences to correctly identify the license of a package.

skorokithakis commented 1 year ago

Thanks for the correction, @ecederstrand. I've merged your PR, thank you!

ecederstrand commented 1 year ago

You're welcome! And thanks for the fast response :-)