Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[TP/CON]: Licensing Review for TP and CON #849

Open
astkhikatredi opened this issue Jan 12, 2024 · 4 comments
Open

[TP/CON]: Licensing Review for TP and CON #849

astkhikatredi opened this issue Jan 12, 2024 · 4 comments
Assignees
@helloanil
Labels
Priority: High This ticket has a high priority Task

Comments

@astkhikatredi
Copy link
Contributor

Context/background

I am initiating this ticket to address the open-source licensing concerns, following a discussion with Eric. Here's a proposed action plan to navigate this:

What needs to be done?

1. Review Existing Code:
As we use code from various sources, we should identify the licenses associated with each piece.
This will help us determine the minimum level of strictness that should apply to our code.
@helloanil agreed to help with this. since he has some experience.

2. To check the similar organizations:
Investigate the types of licenses that organizations similar to ours use. Own research or maybe we can contact some partner organizations and ask them.

3. Propose License Recommendations:
Based on the findings from steps 1 and 2, suggest a suitable license for our codebase to Mireia and Birgit taking into account the strategy of ReDI School in terms of sharing our platform with other organizations.

4. Add it to the Github repo as LICENSE.md file
5. Mention it in the README.md file

We will take this once we have some time...
@helloanil
Copy link
Contributor

Hi @astkhikatredi, here is the ChatGPT'ed version of the license check. I also attach the exported file from the licenses-checker npm library. We can go deeper with our analysis, find the libraries we use that would cause us issues, and replace them with alternatives.

  • MIT (1857 occurrences): A permissive license that is short and to the point. It lets people do anything they want with your code as long as they provide attribution back to you and don’t hold you liable.
  • ISC (119 occurrences): Similar to the MIT License, it's a permissive license that allows for almost unrestricted freedom to use, modify, and distribute the software, provided the original copyright notice and permission notice are included.
  • Apache-2.0 (59 occurrences): A permissive license that also provides an express grant of patent rights from contributors to users. It requires preservation of the copyright notice and disclaimer.
  • BSD-3-Clause (53 occurrences): Also known as the "New BSD License" or "Modified BSD License", it's less permissive than MIT or Apache-2.0, requiring the preservation of the copyright notice and disclaimers. It prohibits the use of the name of the project or its contributors in advertising without specific prior written permission.
    -BSD-2-Clause (31 occurrences): A more simplified version of the BSD-3-Clause license that drops the non-endorsement clause.

licenses-direct.csv

@astkhikatredi astkhikatredi added the Priority: Medium This ticket has a medium priority label Mar 11, 2024
@astkhikatredi
Copy link
Contributor Author

Hey @helloanil , thanks a lot!!
Copying here what we have talked in Slack:
I think I might need a call where you can explain in simpler terms, if possible...
It would also be helpful to prepare a very simple slide with the following info to propose a license for our platforms to discuss with Mireia and Birgit. What could be the implications for other organizations, how to display it on GitHub, and how to handle requests from other organizations to use our code

@astkhikatredi astkhikatredi added Priority: High This ticket has a high priority and removed Priority: Medium This ticket has a medium priority labels Mar 28, 2024
@astkhikatredi
Copy link
Contributor Author

Dear @helloanil here is the slide deck about License review.

Let's finish this once the reminders are done.
Thanks!

@ligiamxm ligiamxm moved this to In Progress in TP: ReDI Talent Pool Jun 13, 2024
@ligiamxm ligiamxm moved this to In Progress in CON: ReDI Connect Jun 13, 2024
@astkhikatredi astkhikatredi moved this from In Progress to Ready for Execution in CON: ReDI Connect Jul 26, 2024
@astkhikatredi astkhikatredi moved this from In Progress to Ready for Execution in TP: ReDI Talent Pool Jul 26, 2024
@katamatata katamatata moved this to Ready for Execution in CON: ReDI Connect Nov 19, 2024
@katamatata katamatata moved this to Ready for Execution in ReDI Design System Nov 19, 2024
@katamatata katamatata moved this from Ready for Execution to In Progress in CON: ReDI Connect Nov 19, 2024
@katamatata katamatata moved this from Ready for Execution to In Progress in ReDI Design System Nov 19, 2024
@astkhikatredi
Copy link
Contributor Author

Final file is available here:

Connect _ TP Dependency License Analysis.pdf

@katamatata katamatata reopened this Nov 19, 2024
@github-project-automation github-project-automation bot moved this from In Progress to In Design in CON: ReDI Connect Nov 19, 2024
@github-project-automation github-project-automation bot moved this from In Progress to In Design in CON: ReDI Connect Nov 19, 2024
@katamatata katamatata moved this from In Design to In Progress in CON: ReDI Connect Nov 19, 2024
@katamatata katamatata moved this from Backlog to In Progress in TP: ReDI Talent Pool Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@helloanil helloanil

Labels
Priority: High This ticket has a high priority Task
Projects
CON: ReDI Connect
Status: In Progress
TP: ReDI Talent Pool
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
4 participants
@helloanil @ericbolikowski @katamatata @astkhikatredi