Misleading license file at GitHub


The LICENSE.txt file in the GitHub repo is merely a bit of text stating the license used. It is not actually the license of the software. It is a common, best practice to include an actual copy of the license in the LICENSE.txt file so that potential users can understand the terms and conditions used in license. Often another good practice is to include license and copyright information in the README.md as well, much as you have done in the current LICENSE.txt. It may be worth noting that in some cases you have to have the full license text shipped with the source code as it is a requirement for some licenses.

Hi @jeremiah

Just for fully understand your feedback, why are you saying current situation is misleading? Even if we don’t include a copy of the entire GNU LGPL v3, have you read anything letting you think the license could be something else?

Do you know if it is the case for LGPLv3?

Just for fully understand your feedback, why are you saying current situation is misleading?

The reason I think it is misleading is that I assume any “LICENSE.txt” file on GitHub holds the actual license, not a pointer to the license. In fact what it looks like has happened is that you’ve used the text from the GPLv3+ that is meant to be used in the source code file headers themselves. (See the section “How to apply these terms to your new programs”: https://www.gnu.org/licenses/gpl-3.0.en.html) That section provides some more info on how to use the GPLv3.

In addition, the text you’ve provided appears to be cut and pasted from the GPLv3 but you’re specifying that you’re using the LGPLv3+, which is a very different license. I say this because I cannot find the text you use in LICENSE.txt in the LGPLv3 text: https://www.gnu.org/licenses/lgpl-3.0.en.html

Do you know if it is the case for LGPLv3?

The GPLv3 (and, consequently the LGPLv3) says; " . . . give all recipients a copy of this License along with the Program" in section 4. There are other references as well and while I don’t know that this has definitively been determined in a court of law I would say that most lawyers would recommend that you do provide a copy of the license with the source code to eliminate ambiguity.

If you want to use the LGPLv3, that’s cool. If you want to use the GPLv3 that is very cool too. I think they are both great licenses that will protect your rights. I do think that using the best practice of using the actual license text in the LICENSE.txt file will help people who use your code to understand the terms and conditions.

Thanks for the detailed feedback.

This way of declaring the license is not limited to the sonarlint-eclipse repo. All SonarSource public repositories are following the same pattern AFAIK, so I have forwarded your feedback to our legal team. If they confirm your analysis, I guess we will update all our repositories.

In fact I was wrong, I checked a few other repositories, and LICENSE.txt is correctly containing the full license. It seems to be a mistake only in SonarLint Eclipse repo. I will fix it.

1 Like

Thank you!