Project

General

Profile

Actions

Feature #19393

closed

Integrate license information and management

Added by Oliver Hader over 15 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Extension Manager
Start date:
2008-09-30
Due date:
% Done:

0%

Estimated time:
PHP Version:
5.5
Tags:
Complexity:
Sprint Focus:

Description

Currently TYPO3 Extensions don't have any information of the license used. This part gets very interesting when the extension acts as a wrapper for third party software (e.g. for phpMyAdmin). Other libraries have a non-commercial (free) and commercial (pay a fee once) license.

License conflicts and notes shall be displayed in a dialog popup and maybe confirmed by the administrator. The ext_emconf.php gets extended by "license" and "licenseNote" properties.

(issue imported from #M9451)


Related issues 2 (0 open2 closed)

Related to TYPO3 Core - Bug #82774: Check license compatibility upon extension installClosed2017-10-16

Actions
Related to TYPO3 Core - Task #78144: Evaluate inclusion of spdx info fileClosed2016-10-04

Actions
Actions #1

Updated by Steffen Kamper over 15 years ago

each file of TYPO3 start with this section
http://snippets.typo3.org/snippets/c/1/
so there is the license info, isn't that enough?

Actions #2

Updated by Oliver Hader over 15 years ago

It's not about the regular and only TYPO3 extensions - but more about third party libraries.

Imagine an extension that builds a wrapper for HighslideJS. HighslideJS comes with a non-commercial and commercial license. There shall be a notification dialoag to the administrator which is installing that extension about the license.

It's like installing OpenOffice with the requirement to accept the license - otherwise you cannot install the software package. Of course this applies only to special situations like e.g. for HighslideJS.

Actions #3

Updated by Marcus Krause over 15 years ago

+1

In general it seems that license stuff is not treated as important as it should be. Every ext author copies the usual phpDoc header without thinking about it. I like the idea of the additional license config; I then expect that authors make a conscious decision for the license and consider third party licenses.

I'm not sure what will happen if TER hosts an extension that breaches a license (of a possibly embedded third party tool). TYPO3/ Association would be the first place a lawer would contact!!

Actions #4

Updated by Mathias Schreiber over 9 years ago

  • Description updated (diff)
  • Status changed from New to Accepted
  • Target version changed from 0 to 7.0
  • PHP Version changed from 5.2 to 5.5

This will be handled by composer planned for 7.5

Actions #5

Updated by Mathias Schreiber about 9 years ago

  • Target version changed from 7.0 to 7.1 (Cleanup)
Actions #6

Updated by Mathias Schreiber about 9 years ago

  • Target version changed from 7.1 (Cleanup) to 7.3 (Packages)
Actions #7

Updated by Benni Mack almost 9 years ago

  • Target version changed from 7.3 (Packages) to 7.4 (Backend)
Actions #8

Updated by Susanne Moog over 8 years ago

  • Target version changed from 7.4 (Backend) to 7.5
Actions #9

Updated by Benni Mack over 8 years ago

  • Target version changed from 7.5 to 8 LTS
Actions #10

Updated by Riccardo De Contardi about 7 years ago

  • Target version changed from 8 LTS to 9.0
Actions #11

Updated by Susanne Moog about 6 years ago

  • Related to Bug #82774: Check license compatibility upon extension install added
Actions #12

Updated by Susanne Moog about 6 years ago

  • Related to Task #78144: Evaluate inclusion of spdx info file added
Actions #13

Updated by Susanne Moog about 6 years ago

  • Target version changed from 9.0 to 9 LTS
Actions #14

Updated by Susanne Moog over 5 years ago

  • Target version changed from 9 LTS to Candidate for Major Version
Actions #15

Updated by Benni Mack about 4 years ago

  • Status changed from Accepted to Needs Feedback

Building functionality to find out which license is used built into a web CMS seems not to be feasable. Especially with composer and "dependencies of dependencies" bundled with NPM/PHP variations that can be put into an extension sounds like a fully separate tool.

Although that I consider this topic important, I'd rather see this built as a "service" (e.g. on extensions.typo3.org) shipping over a list of things via API to be checked remotely. @Olly would that be sufficient for you?

I know that packagist.com offers services as such, and this is really hard to do. I don't see this to be doable by our team within the near to mid future.

Actions #16

Updated by Susanne Moog about 4 years ago

I'd recommend using composer based installations and the functionality composer nowadays provide for this purpose: "composer licenses".

The sophisticated solution for things like this is a combination of composer and something like https://docs.gitlab.com/ee/user/compliance/license_compliance/

I'd say let's close this issue.

Actions #17

Updated by Benni Mack about 4 years ago

  • Status changed from Needs Feedback to Closed
Actions

Also available in: Atom PDF