please consider relicensing the hexf / hexf-parse crates

[decathorpe]

The CC0-1.0 license is no longer considered to be a suitable license for code by some lawyers in the open-source licensing space (it is still considered a "good" license for content). For example, code licensed under the CC0-1.0 license is no longer allowed to be packaged for Fedora Linux since July 2022: https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/message/RRYM3CLYJYW64VSQIXY6IF3TCDZGS6LM/

For context - I am currently working on packaging ruff (a very fast Python linter) for Fedora Linux, and one of its dependencies is the hexf-parse crate. Currently, providing a package for ruff would be blocked because hexf-parse cannot be packaged and / or distributed by us.

Alternatives to CC0-1.0 that are still "good" licenses for code might be Unlicense, MIT-0, or 0BSD. Note that of these three, only the Unlicense appears to be considered a FOSS license by both the FSF and the OSI, whereas MIT-0 and 0BSD are only OSI-approved (c.f. https://spdx.org/licenses/).

[lifthrasiir]

Sorry for late reply (I thank @youknowone for ping). And yeah, that sounds problematic. I'm very much okay to relicense---or additionally license---my contribution in other PD-equivalent licenses.

Which one to adopt

My use of a PD-equivalent license was inspired of the SQLite public domain dedication, but I wanted to be more concrete when it comes to a legal matter. Therefore if it's just my own code, theoretically I can just state that CC0-1.0 section 4(a) is to be ignored. But that would be legally questionable to say the least.

I personally didn't use the Unlicense (or WTFPL or other tongue-in-cheek licenses) because it is a polar opposite of a "concrete" license. Indeed, CC0 as a public domain dedication is so concrete that it prevents other interpretations including a patent grant. The Unlicense is the only PD-equivalent license besides from CC0-1.0 that has received an approval from FSF, but it's not like that FSF explicitly disapproved other PD-equivalent licenses, so I don't care about that much.

I have also briefly considered two more options.

• The Blue Oak Model License 1.0.0, which is a relatively new PD-equivalent license but with an explicit patent grant. It is not yet OSI-approved, but it was recently submitted to the review, so I believe it will be eventually approved (OSI approved the Unlicense after all). The major downside is a lack of popularity and legal precedent.
• Yet another option is to combine two licenses for a public domain dedication and a patent grant respectively. CC0-1.0 is a perfect license for the former, so it may give the best of both worlds if properly done. But I don't know how to do that. For example, CC0-1.0 OR 0BSD will allow either a PD dedication or patent grant but not both, which is practically okay but legally dubious. An unconditional waiver (when legally allowed) will require a conjunctive dual-licensing which is much more complicated. (There is an analysis of CC0-1.0 AND MIT, but not done by a laywer.)

Therefore my option is to switch to the Zero-Clause BSD (SPDX identifier 0BSD), as per the Chris Morgan's recommendations.

Agreements

The crate has accumulated more code since my last major contribution though, so it's time to call everyone around. Judging from the diff, I think non-trivial changes can be classified as folllows:

1. An entire fuzzing infrastructure by @hcsch
2. Additional tests by @sanxiyn, @ajtribick, @sunfishcode and @youknowone (in the order of first relevant contribution)
3. Non-code or minor changes by @pchickey, @littledivy and some others listed above (ditto)

It is arguable whether changes in 2 or 3 require relicensing, but for now I've pinged everyone. If you agree to relicense your work please copy and paste the following comment:

* [ ] I agree to relicense my contributions to `hexf` in the terms of the [Zero-Clause BSD](https://opensource.org/license/0bsd/) license as published by the Open Source Initiative.

...and explicitly mark the check box. My own is as follows:

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[hcsch]

Good idea moving off of CC0. I've read about that being problematic for code before.

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[littledivy]

👍

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[youknowone]

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[pchickey]

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[ajtribick]

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[sunfishcode]

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[sanxiyn]

• I agree to relicense my contributions to hexf in the terms of the Zero-Clause BSD license as published by the Open Source Initiative.

[lifthrasiir]

Thank you for confirmations, and sorry again for my procrastination!

[decathorpe]

Awesome - thank you all for the quick turnaround here! 💯