README: clarify the linking exception #6494
Conversation
We say that you can link libgit2 "unmodified"... "without having to release its source code". Clarify that you can modify libgit2 - but you must release _its_ source code back - and you can link libgit2 without having to release _your software's_ source code.
|
Fixes #6467 |
|
/cc @carlosmn to make sure that I am synthesizing this reasonable accurately |
README.md
Outdated
| Additionally, the example code has been released to the public domain (see the | ||
| [separate license](examples/COPYING) for more information). | ||
| Linking Exception). The GPLv2 requires you to make changes you make _to libgit2 | ||
| itself_ available publicly, but the linking exception means that you can link |
There was a problem hiding this comment.
The GPL does not require publishing modifications publicly. it requires you to provide source code to those to whom you have provided the compiled version.
|
I gather the issue here is the question of whether doing a modification to libgit2 and then linking against that would still allow for the application using said library to remain proprietary (or under some other license). The modification in the linked issue seems to be conversion into webassembly, which to me seems too mechanical to become derivative work (and instead would... just be the same thing, I guess). But I am not a lawyer. But as a senior software developer, I also get to say "it depends" a lot. The GPL works by placing restrictions on the distribution of "derived works" which is a thing in Copyright law. Ultimately a judge would be one to decide what happens. But the linking exception indicates that the authors do not consider using the library (and thus linking to it) to make a program so intrinsically bound to its functionality that it would cause the calling program to become a derived work. But whether something is a derived work doesn't necessarily hinge on how it's linked, but whether the work is, you know derived. I'm going to stop myself before I go too deep into analysing what modification and distribution means over the last 30 years, and get back into what seemingly has caused the confusion that prompted this change. The But modifying libgit2 and then linking against that... that's probably fine, but it would depend on what the modifications are. What would it meant to make changes to expose internal mechanisms or utilities and then link against that? Unfortunately you'd have to say "it depends" because we don't know what those hypothetical modifications are. But in general I do agree that the word is more confusing than it should be. I might reword it to something like
|
Update based on carlosmn suggestions.
✅ done |
v1.6 ---- This is release v1.6.0, "Hubbeliges Krokodil". This release adds experimental SHA256 support and includes many new features and bugfixes. ## What's Changed ### New features * **Support for bare repositories with SHA256 support (experimental)** by @ethomson in libgit2/libgit2#6191 You can configure experimental SHA256 support in libgit2 with `cmake -DEXPERIMENTAL_SHA256=ON` during project setup. This is useful for considering future integrations, work on clients, and work on language bindings. At present, working with bare repositories should largely work, including remote operations. But many pieces of functionality - including working with the index - are not yet supported. As a result, **libgit2 with SHA256 support should not be used in production or released with package distribution.** * **Support the notion of a home directory separately from global configuration directory** by @ethomson in libgit2/libgit2#6455 and libgit2/libgit2#6456 Callers and language bindings can now configure the home directory that libgit2 uses for file lookups (eg, the `.ssh` directory). This configuration is separate from the git global configuration path. * **stash: partial stash specific files** by @gitkraken-jacobw in libgit2/libgit2#6330 A stash can be created with only specific files, using a pathspec. This is similar to the `git stash push` command. * **push: revparse refspec source, so you can push things that are not refs** by @sven-of-cord in libgit2/libgit2#6362 Pushes can be performed using refspecs instead of only references. * **Support OpenSSL3** by @ethomson in libgit2/libgit2#6464 and libgit2/libgit2#6471 OpenSSL 3 is now supported, both when compiled directly and dynamically loaded. ### Bug fixes * winhttp: support long custom headers by @kcsaul in libgit2/libgit2#6363 * Fix memory leak by @csware in libgit2/libgit2#6382 * Don't fail the whole clone if you can't find a default branch by @torvalds in libgit2/libgit2#6369 * #6366: When a worktree is missing, return `GIT_ENOTFOUND`. by @arroz in libgit2/libgit2#6395 * commit-graph: only verify csum on `git_commit_graph_open()`. by @derrickstolee in libgit2/libgit2#6420 * Ignore missing 'safe.directory' config during ownership checks by @kcsaul in libgit2/libgit2#6408 * Fix leak in `git_tag_create_from_buffer` by @julianmesa-gitkraken in libgit2/libgit2#6421 * http: Update httpclient options when reusing an existing connection. by @slackner in libgit2/libgit2#6416 * Add support for `safe.directory *` by @csware in libgit2/libgit2#6429 * URL parsing for google-compatible URLs by @ethomson in libgit2/libgit2#6326 * Fixes #6433: `git_submodule_update` fails to update configured but missing submodule by @tagesuhu in libgit2/libgit2#6434 * transport: fix capabilities calculation by @russell in libgit2/libgit2#6435 * push: use resolved oid as the source by @ethomson in libgit2/libgit2#6452 * Use `git_clone__submodule` to avoid file checks in workdir by @abizjak in libgit2/libgit2#6444 * #6422: handle dangling symbolic refs gracefully by @arroz in libgit2/libgit2#6423 * `diff_file`: Fix crash when freeing a patch representing an empty untracked file by @jorio in libgit2/libgit2#6475 * clone: clean up options on failure by @ethomson in libgit2/libgit2#6479 * stash: update strarray usage by @ethomson in libgit2/libgit2#6487 * #6491: Sets `oid_type` on repos open with `git_repository_open_bare` by @arroz in libgit2/libgit2#6492 * Handle Win32 shares by @ethomson in libgit2/libgit2#6493 * Make failure to connect to ssh-agent non-fatal by @fxcoudert in libgit2/libgit2#6497 * odb: don't unconditionally add `oid_type` to stream by @ethomson in libgit2/libgit2#6499 * Pass hostkey & port to host verify callback by @fxcoudert in libgit2/libgit2#6503 ### Security fixes ### Code cleanups * meta: update version number to v1.6.0-alpha by @ethomson in libgit2/libgit2#6352 * sha256: indirection for experimental functions by @ethomson in libgit2/libgit2#6354 * Delete `create.c.bak` by @lrm29 in libgit2/libgit2#6398 * Support non-cmake builds with an in-tree `experimental.h` by @ethomson in libgit2/libgit2#6405 ### Build and CI improvements * tests: skip flaky-ass googlesource tests by @ethomson in libgit2/libgit2#6353 * clar: remove ftrunacte from libgit2 tests by @boretrk in libgit2/libgit2#6357 * CI Improvements by @ethomson in libgit2/libgit2#6403 * fix compile on Windows with `-DWIN32_LEAN_AND_MEAN` by @christoph-cullmann in libgit2/libgit2#6373 * Fixes #6365 : Uppercase windows.h include fails build in case-sensitive OS by @Vinz2008 in libgit2/libgit2#6377 * ci: update version numbers of actions by @ethomson in libgit2/libgit2#6448 * thread: avoid warnings when building without threads by @ethomson in libgit2/libgit2#6432 * src: hide unused hmac() prototype by @0-wiz-0 in libgit2/libgit2#6458 * tests: update clar test runner by @ethomson in libgit2/libgit2#6459 * ci: always create test summaries, even on failure by @ethomson in libgit2/libgit2#6460 * Fix build failure with `-DEMBED_SSH_PATH` by @vicr123 in libgit2/libgit2#6374 * Define correct `off64_t` for AIX by @bzEq in libgit2/libgit2#6376 * Fix some warnings in main by @ethomson in libgit2/libgit2#6480 * strarray: remove deprecated declaration by @ethomson in libgit2/libgit2#6486 * tests: always unset `HTTP_PROXY` before starting tests by @ethomson in libgit2/libgit2#6498 ### Documentation improvements * add 2-clause BSD license to COPYING by @martinvonz in libgit2/libgit2#6413 * Add new PHP bindings project to language bindings section of README.md by @RogerGee in libgit2/libgit2#6473 * README: clarify the linking exception by @ethomson in libgit2/libgit2#6494 * Correct the definition of "empty" in the docs for `git_repository_is_empty` by @timrogers in libgit2/libgit2#6500
|
Thank you for making these changes. This is very helpful and greatly appreciated! Am hopeful I will have no more comments to pass on... |
We say that you can link libgit2 "unmodified"... "without having to release its source code". Clarify that you can modify libgit2 - but you must release its source code back - and you can link libgit2 without having to release your software's source code.