LICENSE files in package subdirs

[schwa423]

Background:

Hello, the Fuchsia project vendors crates from crates.io, and in order to do so we require explicit license files alongside the source code. Here is the policy: https://fuchsia.dev/fuchsia-src/contribute/governance/policy/open-source-licensing-policies?hl=en#licenses_and_tracking . In particular, reading the SPDX package/license field from the crate's Cargo.toml is not good enough.

Request:

Could you please add LICENSE-* files to the package subdirectories? We care particularly about core-graphics-types, but you might as well do the other subdirs while you're at it:

• cocoa
• cocoa-foundation
• core-foundation
• core-foundation-sys
• core-graphics
• core-graphics-types
• core-text
• io-surface

Also, we currently use core-graphics-types v0.1.1. Since crates.io doesn't allow re-uploading the same version with a modified crate, it seems the right thing to do is to make a new tag v0.1.2 with the LICENSE files added, and upload that to crates.io

I'd appreciate if you're able to do this, since I have to file similar issues for many other crate dependencies. But if you don't have the bandwidth to address this issue, please let me know and I'll find time to submit a pull request (although of course I won't be able to upload anything to crates.io)

[jrmuizel]

Why is the crate metadata insufficient?

[schwa423]

Thanks for the quick response! So far we only have lawyer approval to look at LICENSE-* files. It's not clear whether reading crate metadata will be allowed, even if it appears perfectly sensible to you and me.

[Manishearth]

It seems like many of the crates here have symlinks and that seems to work fine on crates.io, perhaps we should do that. But this also does seem to be more of a tooling problem on y'all's side.

[schwa423]

+1 symlinks sound good to me.

[schwa423]

I just edited the issue description to include a link to our license policy.