Juju should know about Charm licenses

heitor · 13 August 2021 14:42

Currently, we can add a LICENSE file for our charms. But a charm user can’t see the information about the license anywhere: juju info charm-foo does not show it, CharmHub.io/charm-foo does not show it. The only way to get this information is to download the charm file and look for it.

I proposed to charmcraft analyze identify the license (charmcraft#464) but the issue is closed for further discussion.

I know that GitHub and GitLab can identify the license used by looking at the repository and finding a LICENSE file (on the right corner of the screenshot below):

I’d like to see something similar to that in Juju.

If Charmcraft could somehow identify the license and set it in the manifest file, then CharmHub (GitHub issue charmhub.io#1100) and juju info could then show that.

@sergiusens suggested SPDX, and that project has an interesting list of “short names” to uniquely identify each license, see SPDX License List. But adding yet another file to the charm code does not sound good to me, there’s already a lot of YAML files we need to keep track.

So, what would be other options to have the License shown to end users? Preferably in a way that charm authors don’t need to keep this information in many places (e.g. license file + metadata file, this could be error prone).

erik-lonroth · 14 August 2021 02:52

SPDX is awesome. Having that information available is in line with https://www.openchainproject.org/

bthomas · 19 August 2021 16:21

I think the use case of displaying Licenses in CharmHub and perhaps through juju info seems to be valid and useful one. LICENSE is included into charms when charmcraft builds them. I wonder how complex it is for charmhub to extract this file and display it verbatim.

sed-i · 19 August 2021 17:12

Perhaps add another line for LICENSE URL in the listing form:

https://charmhub.io/your_charm/listing

erik-lonroth · 20 August 2021 07:54

… attribution is a part of the open source ethos often forgotten. To show attribution to others work is also something that I would love to see apart from the license.

heitor · 20 August 2021 18:55

Totally, @erik-lonroth! License and attributions!

Do you have a suggestion on how to show attributions in the charms? Or an example of a nice way to show it?

I know some projects have an AUTHORS file for that (e.g. CERN OpenData AUTHORS), would that suffice for charms as well?

erik-lonroth · 21 August 2021 17:41

I think that AUTHORS is different than ATTRIBUTIONS on the issue that some people may very much have contributed to the “creation” other than building it into the charm/code itself. Like research, theory, inspiration etc. But, framing all this into AUTHORS is a legit limitation such that contributions should be manifested in a concrete fingerprint on the actual artifact itself.

AUTHORS would be good enough for me though - if we don’t have the capacity to implement something better.

heitor · 23 August 2021 13:14

That makes a lot of sense.

I found another AUTHORS that contain also documentation writers, translators, and media authors: KiCad - AUTHORS.txt.

I liked @bthomas’s sugestion for CharmHub to display the LICENSE file verbatim. What if it also display the AUTHORS verbatim?

erik-lonroth · 23 August 2021 15:27

I’m not sure, but SPDX is absolutely great if that could go there at least.