Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possibly add 0BSD license #464

Closed
rqou opened this issue Nov 12, 2016 · 21 comments
Closed

Possibly add 0BSD license #464

rqou opened this issue Nov 12, 2016 · 21 comments

Comments

@rqou
Copy link

@rqou rqou commented Nov 12, 2016

I would like to see the 0BSD license cataloged in the appendix. Without it, the downstream Licensee project mis-detects 0BSD as the ISC license. The 0BSD license is basically the ISC license without requiring a copyright notice.

The 0BSD license meets criteria 1 and 2 for adding a license according to the CONTRIBUTING.md, but I'm not sure if it meets criteria 3 (at least 1000 repositories). It is difficult to verify if criteria 3 is met because 0BSD contains more or less a strict subset of the words present in the ISC license, so I was unable to construct a search query that matches only 0BSD but not ISC.

@mlinksva

This comment has been minimized.

Copy link
Contributor

@mlinksva mlinksva commented Nov 13, 2016

@rqou thanks for reporting this. Could you also file an issue at https://github.com/benbalter/licensee/issues and point out the exact license text you're getting a false indication of ISC for? I tried and didn't get a match against either text in https://spdx.org/licenses/0BSD.html or https://opensource.org/licenses/FPL-1.0.0

It may be that adding 0BSD here is the right solution for licensee, but it may not be as well.

On the 1000 repositories criteria...unfortunately we have no way get an exact result, but there's been no need to for licenses cataloged since making the criteria explicit (and maybe before) -- they easily exceed it. https://github.com/search?utf8=%E2%9C%93&q=0bsd+filename%3Alicense&type=Code&ref=searchresults would not find all uses, but only obtains 144 results. Feel free to (anyone) point out better evidence.

0BSD has been mentioned here at least once, by @waldyrious #413 (comment)

0-clause BSD (0BSD) is now a thing.

Actually, that license seems to be primarily promoted by a single person/project, so I'm not sure I would call it "a thing" :)

As shown in this commit, the project's license was changed from ISC to a (then unnamed) simpler "license" following this proposal.

The license was added to SPDX as "0BSD", following this discussion (this message is particularly informative). However, OSI lists it but redirects to what they call FPL (Free Public License). This state of affairs is unfortunate, so I hope for now choosealicense.com doesn't add to it :) I'm just putting the info I had collected out there.

@waldyrious

This comment has been minimized.

Copy link
Contributor

@waldyrious waldyrious commented Nov 13, 2016

I would love if we could somehow agree (ISC, @landley, SPDX and OSI, and choosealicense.com by extension) in a standard progression for the BSD-style licenses, along the lines described in The Amazing Disappearing BSD License. This would simplify the nomenclature, reinforce the BSD-style license "brand", and clarify the meaning of ISC/0BSD/FPL.

I'm not sure what would need to be done to get there, though, or even if that's practical or desirable from a legal standpoint. But even if we only managed to agree on FPL vs. 0BSD for the name of the simplest grant in that progression, it would already be a good outcome. Thoughts?

@rqou

This comment has been minimized.

Copy link
Author

@rqou rqou commented Nov 15, 2016

According to the licensee developers, there is no mis-detection occurring there with the latest version of the code. In order to correctly detect 0BSD, it just has to be added here.

@mlinksva

This comment has been minimized.

Copy link
Contributor

@mlinksva mlinksva commented Nov 15, 2016

@waldyrious I highly doubt that coordination is going to happen. It also doesn't matter that much. Lots of unconditional licenses might be very slightly confusing, but they present no other problems, in contrast with the far more numerous licenses with various conditions. If the differently named FPL or a BSD-0 ever get added to SPDX and enough adoption, we could add them too.

In the meantime, closing this for now. If/when anyone can document that 0BSD is in use for at least 1000 repos here, please re-open or make a pull request adding 0BSD. Thanks!

@christianbundy

This comment has been minimized.

Copy link
Contributor

@christianbundy christianbundy commented Mar 23, 2017

I hate to bump this after a few months of peace and quiet, but I just wanted to resolve this point:

I'm not sure what would need to be done to get there, though, or even if that's practical or desirable from a legal standpoint. But even if we only managed to agree on FPL vs. 0BSD for the name of the simplest grant in that progression, it would already be a good outcome. Thoughts?

Nobody on my team (or the OSI's board) had ever heard of the 0BSD when the FPL was being reviewed, so we were all surprised to hear that the 0BSD had skipped OSI approval and jumped straight to SPDX for an identifier. I don't want to rehash all of the issues with the 0BSD, but we're comfortable using the 0BSD identifier on our license, regardless of whether the 0BSD is actually approved by the OSI/FSF.

@landley's position is also clear:

I'd really rather ignore OSI entirely than explain that after zero
clause bsd had been in use for years, after it had been merged into
android and tizen, and after SPDX had published a decision to approve
it, OSI randomly accepted the same license under a different and
misleading name because this guy https://github.com/christianbundy said
so and OSI didn't do its homework. (Ok, that photo with the caption
"this guy" would make an entertaining slide, but entertaining damage
control is still damage control.)

I'm obviously heavily biased, and would prefer not to trample the original 0BSD with a modified ISC license, but when the time comes that we hit 1,000+ repos we'll be happy to stand behind any decision that's made (the same way that we support SPDX in giving us the "0BSD" identifier). Thanks for all of your time and effort (and head vs. wall pain) on getting this done The Right Way™, please reach out if there's anything I can help with.

@landley

This comment has been minimized.

Copy link

@landley landley commented Mar 25, 2017

@christianbundy

This comment has been minimized.

Copy link
Contributor

@christianbundy christianbundy commented Mar 27, 2017

Thanks Rob, I appreciate your post. There's a lot to unpack there, and I'd like to first point out that I absolutely agree with you on the need for an ultimately permissive license. I'd like to think that we're both on the same side of this issue.

I think there are only two points that need to be covered on this specific issue (although you're always welcome to email me for anything tangential): plagiarism and the multiple discovery.

I understand that from your perspective and social circles, the 0BSD is widely known. Unfortunately, I didn't know about the 0BSD, and ended up taking two steps:

  • Start with the ISC license, which was/is very popular
  • Remove a half-sentence
  • Submitted it for review

I wasn't subscribed to SPDX, and didn't see your emails until they were forwarded to me from the OSI, who explained the situation. I'm sorry that I wasn't aware of your license sooner, my intention wasn't to plagiarize or try to take credit for your work. I have to admit that I was surprised by how personally hostile your emails were, and thought that it would be best to stay out of the discussion between you, the OSI, and SPDX.

The issue of naming authority, admittedly, sucks. I was originally under the impression that the OSI was the de facto naming authority for "open source" licenses, but I wasn't aware that you (and probably others) were unconcerned about OSI approval. I'd heard of SPDX, but I wasn't aware that they tracked licenses that weren't approved by the OSI or FSF. It was very clearly a misunderstanding on my part, and I take full responsibility here.

The problems, from my understanding, seemed to stem from the fact that the OSI wouldn't have approved an ISC-derived license referring to itself as "BSD" (even the OpenBSD project now uses the ISC license), and the fact that you felt that the word "free" was similarly deceiving. For the record, the name was meant to highlight the difference between the FPL and the GPL -- the GPL optimizes for free software whereas the FPL optimizes for a free public. This was meant as a critique of the GPL, as it restricts the freedom of the public in exchange for "free software", not a me-tooism.

It seems that both of us thought to use strategies to promote the license to different demographics: you used "BSD" for an easy explanation, I used "free" to show that it had a leg-up on the FPL. If we strip the branding though, I think that we can agree that it's really a zero-clause ISC license.

I think there are four options:

  • 0BSD: Follows primacy and SPDX short identifier, easier to explain to others as "more BSD than BSD", but isn't really derived from the BSD license family.
  • FPL: OSI approved "open source" and (in my experience), easy to pivot the discussion with GPL advocates from optimizing for free humans rather than free software, but the word "free" may confuse some.
  • Something else: I really don't know whether orchestrating a compromise between the OSI and SPDX is even worth it (or whether this is insulting to even suggest), but at this point the politics surrounding these names seems to be suffocating this license. I'd be comfortable settling on something more neutral and unopinionated like "0ISC", but I think this is really in your hands.
  • Nothing. This seems to be current course of action, as this drama is a total pain for anyone even tangentially involved. If dealing with this license continues to be this painful, I don't think it well ever get any sort of mainstream support. As we're on the same team, I'd really rather not have that happen.

I'll keep my eyes on this issue, thanks for getting back to me so quickly.

Cheers,
Christian

@landley

This comment has been minimized.

Copy link

@landley landley commented Mar 27, 2017

@mlinksva

This comment has been minimized.

Copy link
Contributor

@mlinksva mlinksva commented Jul 18, 2018

I just happened to notice there's also an MIT-0/MIT No Attribution also independently published at least twice, in 2010 and more recently, various background links in spdx/license-list-XML#632.

@landley

This comment has been minimized.

Copy link

@landley landley commented Jul 18, 2018

@landley

This comment has been minimized.

Copy link

@landley landley commented Nov 14, 2018

The naming confusion has been cleared up, it's now consistently "Zero Clause BSD" (SPDX short identifier 0BSD).

http://lists.opensource.org/pipermail/license-review_lists.opensource.org/2018-November/003830.html

@ghost

This comment has been minimized.

Copy link

@ghost ghost commented Feb 11, 2019

@landley Could you please help me drive this home by updating this page with the official title per the referenced link? I think the WTFPL does a good job making the title clear by italicizing it on the about page.

I sent up a pull to have the name changed on the SPDX license list, which is where this repo pulls its titles from according to @mlinksva.

I have also submitted an issue against this repo as the 0BSD does not appear in the appendix which—if as @mlinksva says is true—this license needs to be added to the Appendix as shown here:

screen shot 2019-02-11 at 6 16 24 pm

I've also opened a bug against NPM after having checked it throws a WARN when 0BSD is used in the license field of the package manifest.

@landley

This comment has been minimized.

Copy link

@landley landley commented Feb 11, 2019

Please don't ask SPDX to change, they approved the license first. OSI made a mistake and I lobbied OSI to undo that mistake, largely by arguing that SPDX approval came first. (After I'd been using it for years, of course.) If OSI didn't manage to quite undo their mistake completely... who cares?

I've been using the zero clause bsd name for years. "Zero Clause BSD", "BSD Zero Clause", and "0BSD" are trivial differences. Please don't reopen that can of worms.

@landley

This comment has been minimized.

Copy link

@landley landley commented Feb 12, 2019

Sorry, there's been so much arguing about the name in the past, I may be a bit gun shy now it's resolved. :)

@frink

This comment has been minimized.

Copy link

@frink frink commented Oct 11, 2019

I don't understand why Github would want to participate in politics here... I see 0BSD and WTFPL quite regularly. They just aren't recognized which requires me to dig into the LICENSE file. Why would they want to get into politics?

Oh right!!! - Microsoft owns Github - They only like MIT and Apache 2.0

I think I'm going to switch some of my projects to 0BSD - I urge anyone and everyone interested in licensing to listen to Rob's talk on the failure of Copyleft. Very good history lesson!!!

Those who don't learn from history will be bound to repeat it...

@mlinksva

This comment has been minimized.

Copy link
Contributor

@mlinksva mlinksva commented Oct 11, 2019

@frink there isn't any politics here. WTFPL is recognized, see https://github.com/search?utf8=✓&q=license%3Awtfpl&ref=simplesearch

0BSD will be eventually when a new version of licensee is released and deployed.

@landley

This comment has been minimized.

Copy link

@landley landley commented Oct 11, 2019

It's been up on https://choosealicense.com/licenses/0bsd/ with toybox as an example for months now, but I'm not sure what github recognizing the license means exactly. I had to do landley/toybox@b31192f because I was told the title line saying it's 0bsd confused github's license recognizer, but there's nothing on the https://github.com/landley/toybox page that says "0bsd", and no "recognized as" annotation on the license itself. (But then there isn't for https://github.com/torvalds/linux either, so...)

shrug Maybe it's done now? It's hard to tell, I thought there would be a visible difference between "recognized" and "not recognized" in the github UI but now I'm not sure...

@landley

This comment has been minimized.

Copy link

@landley landley commented Oct 11, 2019

Ah, I see. A recognized repo will name the license in that link. https://github.com/torvalds/linux and https://github.com/tytso/e2fsprogs aren't recognized, and neither were the first 13 repos that came up in github.com/explore, but the 14th (https://github.com/go-debos/debos) is recognized.

So that's what it looks like.

@frink

This comment has been minimized.

Copy link

@frink frink commented Oct 13, 2019

@landley - Yes. That's my beef. Doesn't show up properly...

It doesn't seem like choosealicense.com and github.com are not in sync with one another. Don't know what the cause is... Could be politics. Could be oversight. Could be a lot of things... Just dunno...

If I start a new project here and click to add a licence, Github bolds Apache 2.0, GPL 3.0, and MIT... Then followed by the BSD 2-Clause and BSD 3-Clause then several GPL variants MPL 2.0 and finally the Unlicense - which is the only listed PDE (public domain equivalent) license.

@mlinksva - FWIW - Neither WTFPL or 0BSD are available in the choose a license template dropdown on Github. I also find it interesting that only GPL3 and the two Microsoft-approved licenses are the only ones bold. Don't know what that is about. It's probably impossible to provide such a list without some politics since even the order itself is suggestive. I'm fine with all that. But 0BSD and WTFPL should be listed...

PDE licenses need more respect from Github than they have received - that's all I'm saying...

@mlinksva

This comment has been minimized.

Copy link
Contributor

@mlinksva mlinksva commented Oct 13, 2019

Don't know what the cause is...

I can tell you exactly what the causes are.

Why 0BSD is currently not yet detected on github.com: (1) Licenses get added here, (2) then vendored in licensee, (3) then a new release of licensee is cut, (4) then licensee version is upgraded for github.com. We're presently at (3). You can watch for new releases at https://github.com/licensee/licensee if you want to be alerted when (3) is done. When (4) is done https://api.github.com/licenses/0bsd will return info about the license rather than not found.

Why WTFPL is not in the license chooser template at github.com: Note WTFPL is known and can be detected, see https://api.github.com/licenses/wtfpl and https://github.com/search?utf8=%E2%9C%93&q=license%3Awtfpl&ref=simplesearch but the chooser only displays a handful of licenses, I believe those with hidden: false metadata in this repo, for similar reasons as to what is highlighted on https://choosealicense.com/licenses/ vs https://choosealicense.com/appendix.

If you wish to use 0BSD or WTFPL (I really don't know why you'd want to use the latter, but whatever) or any other license, including non-open source ones, you can do that, put their text in a LICENSE file.

Since this isn't about what can be done in this repo and I don't think there is any more info to be added I'm going to lock this conversation. Thanks for raising your concerns!

@github github locked as resolved and limited conversation to collaborators Oct 13, 2019
@mlinksva

This comment has been minimized.

Copy link
Contributor

@mlinksva mlinksva commented Oct 28, 2019

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
6 participants
You can’t perform that action at this time.