On 2025-03-04 14:29:14 +0100 (+0100), Francesco Di Nucci wrote:
the PR 943232 to puppet-horizon led to an interesting IRC discussion with Takashi and Tobias about the (not) usage of the Apache license header in Puppet manifests.
Actually the OpenStack puppet-* modules have the LICENSE file and almost all the Puppet manifests do NOT have an header on top to state the license.
On one hand Apache license help <https://www.apache.org/legal/apply-license.html#new> states that "Each original source document (code and documentation, but not the LICENSE and NOTICE files) should include a short license header at the top"; on the other hand a lot of Puppet modules on the Forge seems to not use it (including Puppetlabs' and Puppet's).
Are we missing something in interpreting the license or should we add the license header on top of all files?
[I am not a lawyer, and while I am on the staff of the OpenInfra Foundation I'm not officially replying on their behalf either.] For the record, https://review.opendev.org/943232 is doing more than just removing the Apache License comment, it's *also* removing declarations of copyright from files in some cases. https://docs.openstack.org/project-team-guide/legal-issues-faq.html#copyrigh... is sort of vague on this point, but our community has generally held that existing copyright declarations should not be removed or changed except by (or with explicit permission from) the party named therein. As for the Apache License headers themselves, our projects typically follow the guidance you linked and add it to the top of any file of substance, but also include a LICENSE file in the top directory of every Git repository as a fallback in case any files are accidentally overlooked. Some projects in OpenStack even go so far as to check this with a CI job on every new change, using this routine in the hacking tool: https://opendev.org/openstack/hacking/src/branch/master/hacking/tests/checks... Hope that helps! -- Jeremy Stanley