License check / reporting

[kaihowl]

Goal

Track licenses of used tools in dotfiles.

Proposal

Incorporate a LICENSE file into each subfolder. For 1:1 mapping of folder to tools, the tool will simply state the license of the tool with a SPDX identifier. For folders incorporating multiple tools (e.g., nvim with plugins), collect all licenses.

The format of the license file will be

<TOOLNAME>\t<SPDX identifier>

The total license file for dotfiles will be stored in the root folder by concatenating all (lexicographically sorted) subfolders' licenses and by prepending a header.

This root license file will be validated by CI to be up to date.

To validate that individual license files are up to date, a best effort approach is taken:
For brew-installed libraries we use brew info and scrape the license info out. Due to this, we will constrain the license checking for macOS only in CI. Yet, the license file will equally extend to all supported platforms. There is no library that has different licenses for different platforms.
For vim plugins we scan the installed folder of the plugins for LICENSE/LICENCE files.

• How to convert the text of a license to a SPDX identifier? Use a tool for that?
• Or do we want to scrape the github API for the license?

Considered alternatives

Use a full blown license validation tool: Discarded as it is too involved. I don't expect many changes / additions of tools or changes of licenses in tools. A bare-bones validation is sufficient.

[kaihowl]

$ find . -mindepth 1 -maxdepth 1 -type d | wc -l
43
$ find . -maxdepth 2 \( -iname 'LICENSE*' -or -iname 'LICENCE*' \) | wc -l
33

10 nvim plugins without a license. Those are:

$ diff <(find . -mindepth 1 -maxdepth 1 -type d | cut -f2 -d/ ) <(find . -maxdepth 2 \( -iname 'LICENSE*' -or -iname 'LICENCE*' \) | cut -f 2 -d/)
< vim-fubitive
< vim-trailing-whitespace
6,7d3
< vim-surround
< linediff.vim
10d5
< vim-textobj-argument
16d10
< vim-repeat
26d19
< vim-unimpaired
30,31d22
< vim-fugitive
< vim-abolish
35d25
< gruvbox

[kaihowl]

scripts mirrored from https://www.vim.org/scripts/ have no clear license.
This applies to vim-textobj-argument and linediff.vim

gruvbox has MIT in the readme file.

Tim Pope's plugins are all distributed under the vim license, which is convertible to GPL.

[kaihowl]

All the ones using common/download.sh:

• ripgrep (unlicense)
• shellcheck (gpl3)
• efm (MIT)
• rust (MIT / Apache 2.0)
• clangd (Apache 2.0)
• nvim (vim license/Apache 2.0)

[kaihowl]

Check brew installs next.