sort out licensing, attribution, contributing #17
Comments
|
A basic licensing and attribution header is needed in source files ... |
|
Put the SPDX identifier (https://spdx.org/licenses/) in the files, for legal etc people to easily detect the license. |
|
List of used backend libraries is at wiki where SPDX identifier was used. Only in LGPL-2.1 and GPL-2.0 cannot identify if it is licence only or or-later. |
Thanks for the analysis! GPL is used (1) for infrastructure libraries (servlet API, JSTL), and for those dual-licensed with permissive CDDL, and (2) for the mysql connectors, which is covered by the FOSS exception ("if your software is open source, you can use Oracle sw and license your software non-GPL"). So, we should be clear for a permissive license use. |
|
Recommendation from an expert: MIT, then Apache, then (not ideal) GPL. Reason: GPL is good only if either you want to prevent businesses to sell the product or force them to contribute their modifications; Apache and MIT is good if you want to eventually sell the product, and MIT is simpler for lawyers. |
|
Could @fidransky please add the list of licenses used by the front end libraries? |
|
We need to clean up the project from the formal point of view. Licensing is most important, but other things which are interesting for potential users/contributors need to be sorted out as well.
See the checklist at https://github.com/ReliSA/IMiGEr/community and also https://opensource.guide/legal/ .
The text was updated successfully, but these errors were encountered: