Specify license
frewsxcv opened this issue · 7 comments
No license is currently specified. MIT / Apache 2.0 fine with everyone?
@Manishearth @ner0x652 @nagisa
Fine by me. Make sure it's compatible with libFuzzer itself.
Fine by me, too. As @Manishearth said, we should make sure it's compatible with the libfuzzer's license.
libfuzzer uses https://en.m.wikipedia.org/wiki/University_of_Illinois/NCSA_Open_Source_License . Is there an easy way of determining licensing compatibilities with that license?
There are some guides/tools on this stuff, like this http://oss-watch.ac.uk/apps/licdiff/
I'm not sure if they are fully compatible, from the text found here http://llvm.org/docs/DeveloperPolicy.html#copyright-license-and-patents (with portions dual licensed under the MIT License) it should be ok
I personally wrote my parts of lib.rs
with MIT/Apache 2.0
in mind (I usually default to ISC instead of MIT, but I don’t care much about that part).
The libFuzzer itself is a redistributed "dependency" and shouldn’t inf(l)ect the license decision on rust parts of libfuzzer-sys; especially since libFuzzer’s license allows to redistribute libFuzzer (under some conditions; namely: retained NCSA license for libFuzzer itself & we cannot use names of LLVM or libFuzzer contributors to endorse this project).
So technically, into Cargo.toml we ought to put MIT/Apache 2.0/NCSA
and in LICENSE write down exactly that libFuzzer is NCSA
and the rest is MIT/Apache 2.0
.
It may also make sense to move libFuzzer
into a directory so it is easier to refer to different parts (i.e. those developed by us and those redistributed) within LICENSE (or even put NCSA LICENSE within the directory with libFuzzer),
Opened a PR: https://github.com/rust-fuzz/libfuzzer-sys/pull/24