onefetch
onefetch copied to clipboard
o2sh
GPL-3.0-or-later licenses wrongly reported as GPL-3.0-only
Duplicates
- [X] I have searched the existing issues
Current behavior 😯
License: GPL-3.0-only
Expected behavior 🤔
License: GPL-3.0-or-later
Steps to reproduce 🕹
- Clone a GPL-3.0-or-later repository (for example: https://git.savannah.gnu.org/git/ironclad.git)
onefetchinside- Wrong result is shown
Additional context/Screenshots 🔦
Effectively reopening https://github.com/o2sh/onefetch/issues/769, which said to fix the issue, but as of onefetch 2.19.0 it still is reproducible
Possible Solution 💡
To my knowledge, the or-later is determined by the license headers in the files. If scanning the licensed files is impractical to determine the or-later, maybe removing the only in the license printed helps remove a degree of confusion.
It's an upstream issue https://github.com/jpeddicord/askalono/issues/45#issuecomment-523969293
As a quick workaround, I see two options:
- As suggested in #769, get the license value from the package manifest first (only works for
Cargo.tomlorpakage.json) -> already implemented - In doubt (presence of aliases) show both licenses to the user, smth like
License: GPL-3.0-or-later | GPL-3.0-only
So the "or later" is really only known by comments in the source code, and the docs referencing "1.3 or any later version", right?
Have there been any projects that mix "only" and "later"?
For reference, it seems like the library used by github for license detection has the same issue https://github.com/licensee/licensee/issues/406 and their solution matches @streaksu's suggestion
Perhaps Askolono can also report simplified names (e.g. gpl-3.0-* -> GPL 3.0) as an additional field if it doesn't already? And then we could use those.