From ec55d79703e22ee5ac07687d33998123e5c97fe2 Mon Sep 17 00:00:00 2001 From: sneakers-the-rat Date: Fri, 1 Mar 2024 16:53:23 -0800 Subject: [PATCH 1/8] Mention copyleft in license guide! add bibtex --- bibliography.bib | 47 +++++++++++++++++ conf.py | 6 +++ .../repository-files/license-files.md | 52 +++++++++++++++++-- pyproject.toml | 3 +- requirements.txt | 1 + 5 files changed, 105 insertions(+), 4 deletions(-) create mode 100644 bibliography.bib diff --git a/bibliography.bib b/bibliography.bib new file mode 100644 index 00000000..56fd6f81 --- /dev/null +++ b/bibliography.bib @@ -0,0 +1,47 @@ +@article{hunterReclaimingComputingCommons2016, + title = {Reclaiming the {{Computing Commons}}}, + author = {Hunter, Rob}, + year = {2016}, + month = may, + journal = {Jacobin}, + url = {https://jacobin.com/2016/02/free-software-movement-richard-stallman-linux-open-source-enclosure/}, + urldate = {2023-03-09}, + abstract = {Resisting the commodification of information is a political struggle, not a technical one.}, + archive = {https://web.archive.org/web/20230309005744/https://jacobin.com/2016/02/free-software-movement-richard-stallman-linux-open-source-enclosure/}, + langid = {american}, + keywords = {foss culture,copyleft} +} + +@misc{gnuprojectWhatFreeSoftware2019, + title = {What Is {{Free Software}}?}, + author = {{GNU Project}}, + year = {2019}, + month = jul, + journal = {Free Software Foundation}, + url = {https://www.gnu.org/philosophy/free-sw.html}, + urldate = {2024-03-01} +} + +@misc{gnuprojectWhatCopyleft2022, + title = {What Is {{Copyleft}}?}, + author = {{GNU Project}}, + year = {2022}, + month = jan, + journal = {Free Software Foundation}, + url = {https://www.gnu.org/copyleft/}, + urldate = {2024-03-01} +} + +@misc{creativecommonsShareAlikeCompatibilityGPLv32015, + title = {{{ShareAlike}} Compatibility: {{GPLv3}}}, + author = {{Creative Commons}}, + year = {2015}, + month = sep, + journal = {Creative Commons Wiki}, + url = {https://wiki.creativecommons.org/wiki/ShareAlike\_compatibility:\_GPLv3}, + urldate = {2024-03-02} +} + + + + diff --git a/conf.py b/conf.py index f8631606..74825125 100644 --- a/conf.py +++ b/conf.py @@ -51,6 +51,7 @@ "sphinx_sitemap", "sphinxext.opengraph", "sphinx_favicon", + "sphinxcontrib.bibtex" ] # colon fence for card support in md @@ -151,3 +152,8 @@ "line_color": "#6D597A", "image": "_static/pyopensci-logo-package-guide.png", } + +# Bibliographies +bibtex_bibfiles = ['bibliography.bib'] +# myst complains about bibtex footnotes because of render order +suppress_warnings = ["myst.footnote"] \ No newline at end of file diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index 37c797c5..297cfc2e 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -1,3 +1,8 @@ +--- +bibliography: + - ../../bibliography.bib +--- + # License files for scientific Python open source software :::{button-link} https://www.pyopensci.org/about-peer-review/ @@ -41,6 +46,17 @@ We generally suggest that you use a permissive, license that is [Open Software I [submitting your package to pyOpenSci for peer review](https://www.pyopensci.org/about-peer-review/index.html), then we require an OSI approved license. +:::{admonition} Copyleft licenses +The other major category of licenses are ["copyleft" licenses](https://en.wikipedia.org/wiki/Copyleft). +These are licenses that require that anyone that uses your work redistributes it with the same (or greater) rights to modify, copy, share, and redistribute it. +In other words, copyleft licenses prohibit someone taking your work, making a proprietary version of it, and redistributing it without providing the source code so others can do the same. +Copyleft licenses are "sticky," in that they are designed to ensure that more free software is created. + +The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (eg. see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), +that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software." +Free and open source software is intrinsically political, and it is important to be aware of power dynamics in computing as well as the practical problems of license compatibility (discussed below). +::: + ### How to choose a license To select your license, we suggest that you use GitHub's @@ -54,18 +70,17 @@ process. :::{admonition} License recommendations from the SciPy package [The SciPy documentation has an excellent overview of licenses.](https://docs.scipy.org/doc/scipy/dev/core-dev/index.html#licensing). Once of the key elements that these docs recommend is ensuring that the license that you select is -complementary to license used in the core scientific Python ecosystem. +compatible with licenses used in many parts of the scientific Python ecosystem. Below is a highlight of this text which outlines license that are compatible with the modified BSD license that SciPy uses. > Other licenses that are compatible with the modified BSD license that SciPy uses are 2-clause BSD, MIT and PSF. Incompatible licenses are GPL, Apache and custom licenses that require attribution/citation or prohibit use for commercial purposes. -To coordinate with other packages in our scientific ecosystem, we also recommend +If your primary goal is for your code to be used by other, major packages in the scientific ecosystem, we also recommend that you consider using either BSD or MIT as your license. If you are unsure, the MIT license tends to be a simpler easier-to-understand option. ::: - ## Important: make sure that you closely follow the guidelines outlines by the License that you chose Every license has different guidelines in terms of what code @@ -75,6 +90,31 @@ If you borrow code from other tools or online sources, make sure that the license for the code that you are using also complies with the license that you selected for your package. +A useful way to think about license compatibility is the distinction between **"inbound"** and **"outbound"** compatibility. +"Inbound" licenses are those that cover the software you plan to include in your package. +Your package is protected by an "outbound" license. + +**Permissive licenses** like BSD and MIT have few **outbound** restrictions - they can be used in any way by downstream consumers, including making them proprietary. +This is why they are favored by many businesses and large packages that want to be able to be used by businesses. +Permissive licenses have more **inbound** restrictions - they can't use software that requires more freedoms to be preserved than they do, like copyleft licenses. +A package licensed with MIT needs to take care when including or modifying a package licensed under the GPL-3. + +**Copyleft licenses** like GPL-3 have more **outbound** restrictions - they require more of packages that include, use, modify, and reproduce them. +This is the purpose of copyleft licenses, to ensure that derivative works remain free and open source. +They have fewer **inbound** restrictions - a GPL-3 licensed package can include any other permissively licensed and most copyleft licensed packages. + +| Compatible | Dependency
("Inbound") | Your Package | Downstream Package
("Outbound") | +|----------------------------------------------------------------:|-----------------------------|--------------|--------------------------------------| +| | Permissive | Permissive | | +| | Copyleft | Permissive | | +| | | Permissive | Permissive | +| | | Permissive | Copyleft | +| | Permissive | Copyleft | | +| | Copyleft | Copyleft | | +| | | Copyleft | Permissive | +| | | Copyleft | Copyleft | + + :::{admonition} An example of how a license determine how code can be reused :class: note @@ -83,6 +123,7 @@ Let's use stackOverflow as an example that highlights how a license determines h [Stack overflow uses a Creative Commons Share Alike license.](https://stackoverflow.com/help/licensing). The sharealike license requires you to use the same sharealike license when you reuse any code from stackoverflow. This means that technically, if you copy code from the Stack Overflow website, and use it in your package. And your packages uses a different license such as a MIT license, you are violating Stack Overflow's license requirements! +This would not be true with a GPL licensed package - `GPL-3` packages can include code licensed by `CC-BY-SA` {footcite}`creativecommonsShareAlikeCompatibilityGPLv32015`. 🚨 Proceed with caution! 🚨 ::: @@ -98,3 +139,8 @@ These files - we need to understand if that date releases auto populates or forc --> + +# References + +```{footbibliography} +``` diff --git a/pyproject.toml b/pyproject.toml index 1032afa6..9574d93d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,8 @@ dev = [ "sphinxext-opengraph", "sphinx-inline-tabs", # for project cards - "matplotlib" + "matplotlib", + "sphinxcontrib-bibtex" ] diff --git a/requirements.txt b/requirements.txt index 5d60e172..dc5cc8c3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -12,3 +12,4 @@ sphinxext-opengraph sphinx-inline-tabs # for project cards matplotlib +sphinxcontrib-bibtex From 5bfa011aec655fa3d8b60796bf79d65d338bb625 Mon Sep 17 00:00:00 2001 From: sneakers-the-rat Date: Fri, 1 Mar 2024 17:04:41 -0800 Subject: [PATCH 2/8] i guess pre-commit hooks didnt run --- documentation/repository-files/license-files.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index 297cfc2e..cd2a39cf 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -47,10 +47,10 @@ We generally suggest that you use a permissive, license that is [Open Software I license. :::{admonition} Copyleft licenses -The other major category of licenses are ["copyleft" licenses](https://en.wikipedia.org/wiki/Copyleft). +The other major category of licenses are ["copyleft" licenses](https://en.wikipedia.org/wiki/Copyleft). These are licenses that require that anyone that uses your work redistributes it with the same (or greater) rights to modify, copy, share, and redistribute it. In other words, copyleft licenses prohibit someone taking your work, making a proprietary version of it, and redistributing it without providing the source code so others can do the same. -Copyleft licenses are "sticky," in that they are designed to ensure that more free software is created. +Copyleft licenses are "sticky," in that they are designed to ensure that more free software is created. The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (eg. see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software." From 4eb67e29de836bebc1076dc5f4a7b47c3e5e30fd Mon Sep 17 00:00:00 2001 From: sneakers-the-rat Date: Fri, 1 Mar 2024 18:07:33 -0800 Subject: [PATCH 3/8] ok seriously this time --- bibliography.bib | 4 ---- conf.py | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/bibliography.bib b/bibliography.bib index 56fd6f81..dabeaefb 100644 --- a/bibliography.bib +++ b/bibliography.bib @@ -41,7 +41,3 @@ @misc{creativecommonsShareAlikeCompatibilityGPLv32015 url = {https://wiki.creativecommons.org/wiki/ShareAlike\_compatibility:\_GPLv3}, urldate = {2024-03-02} } - - - - diff --git a/conf.py b/conf.py index 74825125..1008ce57 100644 --- a/conf.py +++ b/conf.py @@ -156,4 +156,4 @@ # Bibliographies bibtex_bibfiles = ['bibliography.bib'] # myst complains about bibtex footnotes because of render order -suppress_warnings = ["myst.footnote"] \ No newline at end of file +suppress_warnings = ["myst.footnote"] From 380f93fd0a4bc5737d36d4e660e126eb31326ed9 Mon Sep 17 00:00:00 2001 From: Jonny Saunders Date: Fri, 1 Mar 2024 18:34:02 -0800 Subject: [PATCH 4/8] Update documentation/repository-files/license-files.md No comma Co-authored-by: Inessa Pawson --- documentation/repository-files/license-files.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index cd2a39cf..90537383 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -50,7 +50,7 @@ license. The other major category of licenses are ["copyleft" licenses](https://en.wikipedia.org/wiki/Copyleft). These are licenses that require that anyone that uses your work redistributes it with the same (or greater) rights to modify, copy, share, and redistribute it. In other words, copyleft licenses prohibit someone taking your work, making a proprietary version of it, and redistributing it without providing the source code so others can do the same. -Copyleft licenses are "sticky," in that they are designed to ensure that more free software is created. +Copyleft licenses are "sticky" in that they are designed to ensure that more free software is created. The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (eg. see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software." From 1f70aee70d63815d065643a063388638d54ba0a8 Mon Sep 17 00:00:00 2001 From: Jonny Saunders Date: Fri, 1 Mar 2024 18:35:45 -0800 Subject: [PATCH 5/8] Update documentation/repository-files/license-files.md Co-authored-by: Inessa Pawson --- documentation/repository-files/license-files.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index 90537383..67eea59c 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -52,7 +52,7 @@ These are licenses that require that anyone that uses your work redistributes it In other words, copyleft licenses prohibit someone taking your work, making a proprietary version of it, and redistributing it without providing the source code so others can do the same. Copyleft licenses are "sticky" in that they are designed to ensure that more free software is created. -The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (eg. see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), +The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (e.g., see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software." Free and open source software is intrinsically political, and it is important to be aware of power dynamics in computing as well as the practical problems of license compatibility (discussed below). ::: From ac866d7faa844bfe5e368c981648a47082ebd37e Mon Sep 17 00:00:00 2001 From: Jonny Saunders Date: Fri, 1 Mar 2024 22:37:14 -0800 Subject: [PATCH 6/8] Apply suggestions from code review thanks to @InessaPawson Co-authored-by: Inessa Pawson --- documentation/repository-files/license-files.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index 67eea59c..558d1613 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -53,7 +53,7 @@ In other words, copyleft licenses prohibit someone taking your work, making a pr Copyleft licenses are "sticky" in that they are designed to ensure that more free software is created. The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (e.g., see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), -that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software." +that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software". Free and open source software is intrinsically political, and it is important to be aware of power dynamics in computing as well as the practical problems of license compatibility (discussed below). ::: @@ -68,7 +68,7 @@ in some cases the license that you want is not available through that online process. :::{admonition} License recommendations from the SciPy package -[The SciPy documentation has an excellent overview of licenses.](https://docs.scipy.org/doc/scipy/dev/core-dev/index.html#licensing). Once of the key elements +[The SciPy documentation has an excellent overview of licenses.](https://docs.scipy.org/doc/scipy/dev/core-dev/index.html#licensing). One of the key elements that these docs recommend is ensuring that the license that you select is compatible with licenses used in many parts of the scientific Python ecosystem. Below is a highlight of this text which outlines license that are compatible @@ -95,9 +95,9 @@ A useful way to think about license compatibility is the distinction between **" Your package is protected by an "outbound" license. **Permissive licenses** like BSD and MIT have few **outbound** restrictions - they can be used in any way by downstream consumers, including making them proprietary. -This is why they are favored by many businesses and large packages that want to be able to be used by businesses. -Permissive licenses have more **inbound** restrictions - they can't use software that requires more freedoms to be preserved than they do, like copyleft licenses. -A package licensed with MIT needs to take care when including or modifying a package licensed under the GPL-3. +This is why they are favored by many businesses and large packages that want to be adopted by businesses. +Permissive licenses have more **inbound** restrictions - they can't use software that requires more freedoms to be preserved than they do, like copyleft licenses. +A package licensed under MIT needs to take special care when including or modifying a package licensed under the GPL-3. **Copyleft licenses** like GPL-3 have more **outbound** restrictions - they require more of packages that include, use, modify, and reproduce them. This is the purpose of copyleft licenses, to ensure that derivative works remain free and open source. @@ -120,9 +120,9 @@ They have fewer **inbound** restrictions - a GPL-3 licensed package can include Let's use stackOverflow as an example that highlights how a license determines how code can or can not be used. -[Stack overflow uses a Creative Commons Share Alike license.](https://stackoverflow.com/help/licensing). The sharealike license requires you to use the same sharealike license when you reuse any code from stackoverflow. +[Stack Overflow uses a Creative Commons Share Alike license.](https://stackoverflow.com/help/licensing). The sharealike license requires you to use the same sharealike license when you reuse any code from Stack Overflow. -This means that technically, if you copy code from the Stack Overflow website, and use it in your package. And your packages uses a different license such as a MIT license, you are violating Stack Overflow's license requirements! +This means that from a legal perspective, if you copy code from the Stack Overflow website and use it in your package that is licensed differently, say with a MIT license, you are violating Stack Overflow's license requirements! This would not be true with a GPL licensed package - `GPL-3` packages can include code licensed by `CC-BY-SA` {footcite}`creativecommonsShareAlikeCompatibilityGPLv32015`. 🚨 Proceed with caution! 🚨 From 3d5ec7251c8dc11c2f209b7764afb856d6973bfc Mon Sep 17 00:00:00 2001 From: Jonny Saunders Date: Thu, 21 Mar 2024 19:31:34 -0700 Subject: [PATCH 7/8] Apply suggestions from code review Co-authored-by: Leah Wasser --- documentation/repository-files/license-files.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index bb712cf7..ba1e9dab 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -52,8 +52,8 @@ These are licenses that require that anyone that uses your work redistributes it In other words, copyleft licenses prohibit someone taking your work, making a proprietary version of it, and redistributing it without providing the source code so others can do the same. Copyleft licenses are "sticky" in that they are designed to ensure that more free software is created. -The difference between copyleft vs. permissive licenses is an important cultural divide in free and open source software (e.g., see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`), -that you should be aware of when choosing your license - the lineage of copyleft represents the "free" part of "free and open source software". +The difference between copyleft and permissive licenses is an important cultural divide in free and open source software (e.g., see {footcite}`hunterReclaimingComputingCommons2016`, {footcite}`gnuprojectWhatFreeSoftware2019`, {footcite}`gnuprojectWhatCopyleft2022`). +It is important to understand this difference when choosing your license. Copyleft licenses represents the "free" part of "free and open source software". Free and open source software is intrinsically political, and it is important to be aware of power dynamics in computing as well as the practical problems of license compatibility (discussed below). ::: @@ -123,7 +123,7 @@ Let's use StackOverflow as an example that highlights how a license determines h [Stack Overflow uses a Creative Commons Share Alike license.](https://stackoverflow.com/help/licensing). The sharealike license requires you to use the same sharealike license when you reuse any code from Stack Overflow. This means that from a legal perspective, if you copy code from the Stack Overflow website and use it in your package that is licensed differently, say with a MIT license, you are violating Stack Overflow's license requirements! -This would not be true with a GPL licensed package - `GPL-3` packages can include code licensed by `CC-BY-SA` {footcite}`creativecommonsShareAlikeCompatibilityGPLv32015`. +This would not be true with a GPL licensed package. `GPL-3` packages can include code licensed by `CC-BY-SA` {footcite}`creativecommonsShareAlikeCompatibilityGPLv32015`. 🚨 Proceed with caution! 🚨 ::: From 197091ae64a7cfd348e8af7edc3f9ad6453431c3 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Mon, 8 Apr 2024 11:05:43 -0600 Subject: [PATCH 8/8] Update documentation/repository-files/license-files.md --- documentation/repository-files/license-files.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/repository-files/license-files.md b/documentation/repository-files/license-files.md index ba1e9dab..d9a1409a 100644 --- a/documentation/repository-files/license-files.md +++ b/documentation/repository-files/license-files.md @@ -48,7 +48,7 @@ license. :::{admonition} Copyleft licenses The other major category of licenses are ["copyleft" licenses](https://en.wikipedia.org/wiki/Copyleft). -These are licenses that require that anyone that uses your work redistributes it with the same (or greater) rights to modify, copy, share, and redistribute it. +Copyleft licenses require people that use your work to redistribute it with the same (or greater) rights to modify, copy, share, and redistribute it. In other words, copyleft licenses prohibit someone taking your work, making a proprietary version of it, and redistributing it without providing the source code so others can do the same. Copyleft licenses are "sticky" in that they are designed to ensure that more free software is created.