chore: Map a declared license for PyPI::pytest-cov #159
Conversation
That's an interesting case. What's your take on this @willebra? Does this really make past releases MIT- instead of BSD-licensed? PS: I've asked the maintainers to be explicit on that. |
brunopacheco1
force-pushed
the
support-pytest-cov
branch
from
c4b68bc
to
c756a17
Compare
brunopacheco1
changed the title
brunopacheco1
force-pushed
the
support-pytest-cov
branch
from
c756a17
to
4996c2d
Compare
|
@sschuberth I think this looks quite a genuine error at the project side, and I don't have doubts based on the history and the linked commits. The license-file has remained MIT all the time. And setup.py had internally conflicting statements in history, i.e. MIT and BSD License statements, both at the same time, prior to the correction. After correction, it is MIT in every place. Also any risk is quite low, considering the very similar obligations of these licenses, of course the BSD-ststement has been quite vague. I could treat all the historical versions also as MIT. |
brunopacheco1
force-pushed
the
support-pytest-cov
branch
2 times, most recently
from
c733d9c
to
0eb35a6
Compare
curations/PyPI/_/pytest-cov.yml
Outdated
| comment: | | ||
| The LICENSE file always contained only the 'MIT' license text, while the project metadata accidentally | ||
| declared it to be licensed under 'BSD License' for all version prior to 2.12.0, see also | ||
| pytest-dev/pytest-cov@2cd0094 |
There was a problem hiding this comment.
Please make this a full, clickable link. And better link the PR, which has some additional background information, i.e https://github.com/pytest-dev/pytest-cov/pull/467.
There was a problem hiding this comment.
I was meaning to actually replace the link with only the link to the PR, which already contains the diff for the commit, so there is not need to link the commit as well.
There was a problem hiding this comment.
Ah, yes, no problem, just fixed the commit.
brunopacheco1
force-pushed
the
support-pytest-cov
branch
from
0eb35a6
to
2d00031
Compare
Signed-off-by: Bruno Pacheco <brunopacheco1@yahoo.com>
brunopacheco1
force-pushed
the
support-pytest-cov
branch
from
2d00031
to
db4b33c
Compare
The library is licensed under MIT, but according to
this Pull Request,
the project metadata was mistakenly stating
BSD License.All versions below 2.12.0 are impacted by this issue.
Current (4.1.0) license: https://github.com/pytest-dev/pytest-cov/blob/2c9f2170d8575b21bafb6402eb30ca7de31e20b9/LICENSE
Current project metadata: https://github.com/pytest-dev/pytest-cov/blob/2c9f2170d8575b21bafb6402eb30ca7de31e20b9/setup.py
License at 2.12.0: https://github.com/pytest-dev/pytest-cov/blob/9692bad8c3501b77cf950d0732ae9cb5c8bb0bd4/LICENSE
Project metadata at 2.12.0: https://github.com/pytest-dev/pytest-cov/blob/9692bad8c3501b77cf950d0732ae9cb5c8bb0bd4/setup.py
License before 2.12.0: https://github.com/pytest-dev/pytest-cov/blob/5e1913e013eb06d5bd1357695349d0a75fbf0503/LICENSE
Project metadata before 2.12.0: https://github.com/pytest-dev/pytest-cov/blob/5e1913e013eb06d5bd1357695349d0a75fbf0503/setup.py