deps.rs EXCEPTIONS needs to be re-triaged #63238
Labels
T-core
Relevant to the core team, which will review and decide on the PR/issue.
Comments
Centril
added
the
T-core
|
The ryu crate is licensed that way because I am not legally savvy enough to diverge from https://github.com/ulfjack/ryu where we get much of the code from. I would be open to someone with plausible legal credentials figuring out a way for it to be MIT as well. |
|
See also #62618 which is a request to have tidy verify these. |
Manishearth
added a commit
to Manishearth/rust
that referenced
this issue
Mar 17, 2020
…mulacrum tidy: Better license checks. This implements some improvements to the license checks in tidy: * Use `cargo_metadata` instead of parsing vendored crates. This allows license checks to run without vendoring enabled, and allows the checks to run on PR builds. * Check for stale entries. * Check that the licenses for exceptions are what we think they are. * Verify exceptions do not leak into the runtime. Closes rust-lang#62618 Closes rust-lang#62619 Closes rust-lang#63238 (I think) There are some substantive changes here. The follow licenses have changed from the original comments: * openssl BSD+advertising clause to Apache-2.0 * pest MPL2 to MIT/Apache-2.0 * smallvec MPL2 to MIT/Apache-2.0 * clippy lints MPL2 to MIT OR Apache-2.0
Centril
added a commit
to Centril/rust
that referenced
this issue
Mar 19, 2020
…mulacrum tidy: Better license checks. This implements some improvements to the license checks in tidy: * Use `cargo_metadata` instead of parsing vendored crates. This allows license checks to run without vendoring enabled, and allows the checks to run on PR builds. * Check for stale entries. * Check that the licenses for exceptions are what we think they are. * Verify exceptions do not leak into the runtime. Closes rust-lang#62618 Closes rust-lang#62619 Closes rust-lang#63238 (I think) There are some substantive changes here. The follow licenses have changed from the original comments: * openssl BSD+advertising clause to Apache-2.0 * pest MPL2 to MIT/Apache-2.0 * smallvec MPL2 to MIT/Apache-2.0 * clippy lints MPL2 to MIT OR Apache-2.0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The EXCEPTIONS list lists license exceptions.
After reviewing a few of them, they seem to be out of date, and some that were copyleft are now permissive, and some have the proper license.
The purpose of this list is primarily to prevent non-permissively-licensed code from entering the Rust codebase, particularly the runtime. Permissively licensed code here effectively means "MIT or weaker", though as structured currently it actually makes anything without an MIT license an exception (BSD licenses are considered exceptions). This is fine and simplifies std's license (it's all MIT and most can be Apache, with the unfortunate exception of libbacktrace, which is BSD-3-Clause, and not represented in the exception list, potentially because of rust-lang/backtrace-rs#234).
They should all be re-triaged, and re-commented or removed from the exception list as appropriate. Here are some examples from a quick look:
The text was updated successfully, but these errors were encountered: