-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: add EPL-2.0 to allowed licenses #148
Conversation
@@ -42,7 +42,8 @@ ALLOWED_LICENSES=( | |||
'WTFPL OR ISC' | |||
'(WTFPL OR MIT)' | |||
'(MIT OR WTFPL)' | |||
'LGPL-3.0-or-later' # Requires only that modifications to LGPL-protected libraries are published under a GPL-compatible license which is not the case at Ory | |||
'LGPL-3.0-or-later' # Requires only that modifications to LGPL-protected libraries are published under a GPL-compatible license which is not the case at Ory, | |||
'EPL-2.0' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is EPL 2.0?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Eclipse public license https://en.wikipedia.org/wiki/Eclipse_Public_License
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From wikipedia:
The Eclipse Public License is designed to be a business-friendly free software license, and features weaker copyleft provisions than licenses such as the GNU General Public License (GPL).[7] The receiver of EPL-licensed programs can use, modify, copy and distribute the work and modified versions, in some cases being obligated to release their own changes.[8]
I am not an expert in licenses, but to me, it seems similar to the LGPL licenses.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, it does have copyleft though. Is there an alternative library? I couldn't find EPL-2.0, only EPL-1.0 on tldr legal :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://github.com/ory/docs/actions/runs/8830787071/job/24244662059?pr=1686#step:5:52
It's not a library we're referencing, but mermaid is: https://github.com/ory/docs/blob/jonas-jonas/updateDocusaurus/package-lock.json#L17967-L17993
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
mermaid-js/mermaid#5043 okay seems like this is an issue, and we're gonna be stuck on specific mermaid versions.
I do think for docs, it would be fine to allow EPL, but for the Ory Network not. I'll try to find a mermaid version that passes license checks first.
https://en.wikipedia.org/wiki/Eclipse_Public_License