Licensing LSST DM source code and content¶
This page provides background information to help you appropriately license source code, documentation, and other types of content that is produced on behalf of LSST Data Management.
Choosing a source code license¶
All source code created by LSST DM is publicly-available open source. As such, LSST DM code must carry an Open Source Initiative (OSI)-approved license.
A substantial amount of DM development is in the EUPS-managed “Stack,” including the LSST Science Pipelines, Qserv, and DAX. Stack packages are licensed under the GNU Public License version 3.0 (GPL-3.0) license. Because of the interconnected nature of the Stack and how the GPL-3.0 license works, you cannot create a new Stack package distributed with EUPS that is licensed under a different license.
If your project is not part of the Stack, you have flexibility to choose a different OSI-approved license.
To choose a license, you’ll want to consider the norms of the open source community your project resides in. The choosealicense site is useful for understanding the important qualities of different open source licenses.
Always consult with your manager before setting the license for a project to ensure it aligns with the project’s goals.
Choosing a documentation license¶
Documentation is often licensed differently from source code to make it easier to adapt and reuse in non-code contexts.
In general, all DM user documentation and technical notes are licensed under the Creative Commons Attribution 4.0 International (CC-BY-4.0). This license balances the need for LSST DM to get attribution for content, while allowing the community to freely reproduce and adapt the information.
Applying a license to a repository¶
When you create a new repository on GitHub you have the option of adding a
LICENSE in the initial set up.
You can also add a license later through the GitHub UI.
Not all OSI-approved licenses are available through the GitHub UI, though.
Alternatively, you can always apply a license by manually creating and committing a
LICENSE file in the root of the source code repository.
The content of the
LICENSE file should be the license text itself, without additions or alterations.
The easiest way to get the content of a license is by going to choosealicense, finding the license’s page, and clicking the Copy license text to clipboard button.
Some licenses include a copyright section. See Copyrights for LSST DM work and the COPYRIGHT file for details on how to properly record copyrights for DM software.
The package management ecosystems for many languages, including PyPI and NPM, provide metadata fields for recording license information.
These aren’t legally binding, but you should make sure the package metadata are consistent with the
GitHub also includes license metadata for repositories that is determined automatically from the content of the
See Details on GitHub’s license detection, below, for more information.
Details on GitHub’s license detection¶
GitHub can detect a repository’s license by matching the content of the
LICENSE file to known licenses in the choosealicense corpus.
When GitHub confidently detects a license, it displays the license on the repository’s page.
Not only is this license badge a nice feature for the community, it also helps us validate our
LICENSE files to be sure that the
LICENSE we publish is in fact the license we think it is.
LICENSE file is modified, aside from copyright lines, GitHub will not positively identify the license and will not show a license badge on the repository homepage.
If you have a repository where GitHub is not detecting a license, you can debug it by running GitHub’s detection software on your own computer. Install licensee and follow the documentation to run it against your repository.
licensee looks at multiple files, including COPYRIGHT, when it detects a license.
If these files have conficting information, GitHub will not positively detect a license.
Be aware of this issue when working with repositories that have both
GitHub may not properly detect the
LICENSE in repositories that have multi-institution
SQuaRE is aware of this issue and is working to resolve it.
See licensee issue #285 for background.