While parsing the plugin API I just noticed that there is no consistent way for plugin authors to specify the license of their plugin:
BSD & GPL v3+ GPL GPL-3.0+ GPL 3.0 / fair use GPLv3 GPL v3 GPL v3+ GPLv3 or later InnoCraft EULA MIT
It may be useful to require SPDX specifiers so it is consistent in the future:
This should be quite easy to do as there is a JSON schema that validates the plugin.json anyway. We basically only need a comma separated list more or less. The only annoying thing be that people might have problems to release a plugin update when they are not using one of those values yet but they would receive an email in this case.
Not sure which ones we would need to whitelist.
If there is already a validation I guess there are 2 solutions:
👍 awesome there is such a json file. The only challenge be to find out all GPL compatible licenses.
The license must be compatible with the GPLv3 or later (for free plugins)
We could also start with a small list based on what licenses are used now, then on request add more licenses (we can mention this in the email when validation fails)
I guess that's the simplest solution. The list above should contain all currently used licenses.
So this converts to
["GPL-3.0+","GPL-3.0", "BSD AND GPL-3.0+", "InnoCraft EULA", "GPL-2.0-only", "GPL-2.0+", "MIT"]
fair use isn't a license but we could add
WTFPL for people who consider the MIT license as to strict. (they are both GPL3 compatible according to https://www.gnu.org/licenses/license-list.de.html)
"BSD & GPL v3+","1"
"GPL 3.0 / fair use","1"
"GPLv3 or later","1"
quickly extracted some stats. I'll allow GPL v3+ for now as well as Matomo uses it by default. Ideally we would change this in core to no longer use it as default.
while "GPL v3+" is supported, I do not mention it there so ideally users directly use a different one.