Metadata-Version: 2.1
Name: fsfe-reuse
Version: 0.5.0
Summary: reuse is a tool for compliance with the REUSE recommendations.
Home-page: https://reuse.software/
Author: Carmen Bianca Bakker
Author-email: carmenbianca@fsfe.org
License: GPL-3.0-or-later AND Apache-2.0 AND CC0-1.0 AND CC-BY-SA-4.0
Project-URL: Documentation, https://reuse.readthedocs.io/
Project-URL: Source, https://github.com/fsfe/reuse-tool
Platform: UNKNOWN
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
Classifier: License :: OSI Approved :: Apache Software License
Classifier: License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Description-Content-Type: text/markdown
Requires-Dist: python-debian
Requires-Dist: requests
Requires-Dist: license-expression
Requires-Dist: boolean.py
Requires-Dist: Jinja2
Requires-Dist: binaryornot

<!--
SPDX-FileCopyrightText: 2017-2019 Free Software Foundation Europe e.V.

SPDX-License-Identifier: CC-BY-SA-4.0
-->

# reuse

[![](https://img.shields.io/pypi/v/fsfe-reuse.svg)](https://pypi.python.org/pypi/fsfe-reuse)
[![](https://img.shields.io/pypi/pyversions/fsfe-reuse.svg)](https://pypi.python.org/pypi/fsfe-reuse)
[![](https://reuse.software/badge/reuse-compliant.svg)](https://reuse.software/)
[![](https://img.shields.io/badge/readme_style-standard-brightgreen.svg)](https://github.com/RichardLitt/standard-readme)

> reuse is a tool for compliance with the [REUSE](https://reuse.software/)
> recommendations.

-   Documentation: <https://reuse.readthedocs.io> and <https://reuse.software>
-   Source code: <https://github.com/fsfe/reuse-tool>
-   PyPI: <https://pypi.python.org/pypi/fsfe-reuse>
-   REUSE: 3.0
-   Python: 3.6+

## Background

Copyright and licensing is difficult, especially when reusing software from
different projects that are released under various different licenses.
[REUSE](https://reuse.software/) was started by the [Free Software Foundation
Europe](https://fsfe.org) (FSFE) to provide a set of recommendations to make
licensing your free software projects easier. Not only do these recommendations
make it easier for you to declare the licenses under which your works are
released, but they also make it easier for a computer to understand how your
project is licensed.

As a short summary, the recommendations are threefold:

1.  Choose and provide licenses
2.  Add copyright and licensing information to each file
3.  Confirm REUSE compliance

You are recommended to read the
[recommendations](https://reuse.software/practices/) in full for more
details.

This tool exists to facilitate the developer in complying with the above
recommendations.

There are other tools, such as [FOSSology](https://www.fossology.org/),
that have a lot more features and functionality surrounding the analysis
and inspection of copyright and licenses in software projects. reuse, on
the other hand, is solely designed to be a simple tool to assist in
compliance with the REUSE recommendations.

## Install

To install reuse, you need to have the following pieces of software on
your computer:

-   Python 3.6+
-   Pip

To install reuse, you only need to run the following command:

    pip3 install --user fsfe-reuse

After this, make sure that `~/.local/bin` is in your `$PATH`.

## Usage

First, read the [REUSE tutorial](https://reuse.software/tutorial/). In a
nutshell:

1. Put your licenses in the `LICENSES/` directory.
2. Add a comment header to each file that says `SPDX-License-Identifier:
   GPL-3.0-or-later`, and `SPDX-FileCopyrightText: $YEAR $NAME`. You can be
   flexible with the format, just make sure that the line starts with
   `SPDX-FileCopyrightText:`.
3. Verify your work using this tool.

To check against the recommendations, use `reuse lint`:

    ~/Projects/reuse-tool $ reuse lint
    [...]

    Congratulations! Your project is compliant with version 3.0 of the REUSE Specification :-)

This tool can do various more things, detailed in the documentation. Here a
short summary:

- `addheader` --- Add copyright and/or licensing information to the header of a
  file.

- `download` --- Download the specified license into the `LICENSES/` directory.

- `init` --- Set up the project for REUSE compliance.

- `lint` --- Verify the project for REUSE compliance.

- `spdx` --- Generate an SPDX Document of all files in the project.

### Run in Docker

REUSE is simple to include in CI/CD processes. This way, you can check
for REUSE compliance for each build. In our [resources for
developers](https://reuse.software/dev/) you can learn how to integrate
the REUSE tool in Drone, Travis, or GitLab CI.

Within the `fsfe/reuse` Docker image available on [Docker
Hub](https://hub.docker.com/r/fsfe/reuse), you can run the helper tool
simply by executing `reuse lint`. To use the tool on your computer, you can
mount your project directory and run `reuse lint <path/to/directory>`.

## Maintainers

-   Carmen Bianca Bakker - <carmenbianca@fsfe.org>

## Contribute

Any pull requests or suggestions are welcome at
<https://github.com/fsfe/reuse-tool> or via e-mail to one of the maintainers.
General inquiries can be sent to <contact@fsfe.org>.

Starting local development is very simple, just execute the following
commands:

    git clone git@github.com:fsfe/reuse-tool.git
    cd reuse-tool/
    python3 -mvenv venv
    source venv/bin/activate
    make develop

You need to run `make develop` at least once to set up the virtualenv.

Next, run `make help` to see the available interactions.

## License

Copyright (C) 2017-2019 Free Software Foundation Europe e.V.

This work is licensed under multiple licences. Because keeping this section
up-to-date is challenging, here is a brief summary as of July 2019:

- All original source code is licensed under GPL-3.0-or-later.
- All documentation is licensed under CC-BY-SA-4.0.
- Some configuration and data files are licensed under CC0-1.0.
- Some code borrowed from
  [spdx/tool-python](https://github.com/spdx/tools-python) is licensed under
  Apache-2.0.

For more accurate information, check the individual files.


<!--
SPDX-FileCopyrightText: 2017-2019 Free Software Foundation Europe e.V.

SPDX-License-Identifier: CC-BY-SA-4.0
-->

# Change log

This change log follows the [Keep a
Changelog](http://keepachangelog.com/) spec. Every release contains the
following sections:

-   `Added` for new features.
-   `Changed` for changes in existing functionality.
-   `Deprecated` for soon-to-be removed features.
-   `Removed` for now removed features.
-   `Fixed` for any bug fixes.
-   `Security` in case of vulnerabilities.

The versions follow [semantic versioning](https://semver.org).

## 0.5.0 - 2019-08-29

### Added

- TeX and ML comment styles added.

- Added `--year` and `--exclude-year` to `reuse addheader`.

- Added `--template` to `reuse addheader`.

- Added `--explicit-license` to `reuse addheader`.

- `binaryornot` added as new dependency.

- Greatly improved the usage documentation.

### Changed

- `reuse addheader` now automatically adds the current year to the copyright
  notice.

- `reuse addheader` preserves the original header below the new header if it did
  not contain any SPDX information.

- `reuse addheader` now correctly handles `.license` files.

- Bad licenses are no longer resolved to LicenseRef-Unknown<n>. They are instead
  resolved to the stem of the path. This reduces the magic in the code base.

- `.gitkeep` files are now ignored by the tool.

- Changed Lisp's comment character from ';;' to ';'.

## 0.4.1 - 2019-08-07

### Added

- `--all` argument help to `reuse download`, which downloads all detected
  missing licenses.

### Fixed

- When using `reuse addheader` on a file that contains a shebang, the shebang is
  preserved.

- Copyright lines in `reuse spdx` are now sorted.

- Some publicly visible TODOs were patched away.

## 0.4.0 - 2019-08-07

This release is a major overhaul and refactoring of the tool. Its
primary focus is improved usability and speed, as well as adhering to version
3.0 of the REUSE Specification.

### Added

- `reuse addheader` has been added as a way to automatically add copyright
  statements and license identifiers to the headers of files. It is currently
  not complete.

- `reuse init` has been added as a way to initialise a REUSE project. Its
  functionality is currently scarce, but should improve in the future.

### Changed

- `reuse lint` now provides a helpful summary instead of merely spitting out
  non-compliant files.

- `reuse compile` is now `reuse spdx`.

- In addition to `Copyright` and `©`, copyright lines can be marked with the tag
  `SPDX-FileCopyrightText:`. This is the new recommended default.

- Project no longer depends on pygit2.

- The list of SPDX licenses has been updated.

- `Valid-License-Identifier` is no longer used, and licenses and exceptions can
  now only live inside of the LICENSES/ directory.

### Removed

- Removed `--ignore-debian`.

- Removed `--spdx-mandatory`, `--copyright-mandatory`, `--ignore-missing`
  arguments from `reuse lint`.

- Remove `reuse license`.

- GPL-3.0 and GPL-3.0+ (and all other similar GPL licenses) are no longer
  detected as SPDX identifiers. Use GPL-3.0-only and GPL-3.0-or-later instead.

### Fixed

- Scanning a Git directory is a lot faster now.

- Scanning binary files is a lot faster now.

## 0.3.4 - 2019-04-15

This release should be a short-lived one. A new (slightly
backwards-incompatible) version is in the works.

### Added

-   Copyrights can now start with `©` in addition to `Copyright`. The
    former is now recommended, but they are functionally similar.

### Changed

-   The source code of reuse is now formatted with black.
-   The repository has been moved from
    <https://git.fsfe.org/reuse/reuse> to
    <https://gitlab.com/reuse/reuse>.

## 0.3.3 - 2018-07-15

### Fixed

-   Any files with the suffix `.spdx` are no longer considered licenses.

## 0.3.2 - 2018-07-15

### Fixed

-   The documentation now builds under Python 3.7.

## 0.3.1 - 2018-07-14

### Fixed

-   When using reuse from a child directory using pygit2, correctly find
    the root.

## 0.3.0 - 2018-05-16

### Changed

-   The output of `reuse compile` is now deterministic. The files,
    copyright lines and SPDX expressions are sorted alphabetically.

### Fixed

-   When a GPL license could not be found, the correct `-only` or
    `-or-later` extension is now used in the warning message, rather
    than a bare `GPL-3.0`.
-   If you have a license listed as
    `SPDX-Valid-License: GPL-3.0-or-later`, this now correctly matches
    corresponding SPDX identifiers. Still it is recommended to use
    `SPDX-Valid-License: GPL-3.0` instead.

## 0.2.0 - 2018-04-17

### Added

-   Internationalisation support added. Initial support for:
    -   English.
    -   Dutch.
    -   Esperanto.
    -   Spanish.

### Fixed

-   The license list of SPDX 3.0 has deprecated `GPL-3.0` and `GPL-3.0+`
    et al in favour of `GPL-3.0-only` and `GPL-3.0-or-later`. The
    program has been amended to accommodate sufficiently for those
    licenses.

### Changed

-   `Project.reuse_info_of` now extracts, combines and returns
    information both from the file itself and from debian/copyright.
-   `ReuseInfo` now holds sets instead of lists.
    -   As a result of this, `ReuseInfo` will not hold duplicates of
        copyright lines or SPDX expressions.
-   click removed as dependency. Good old argparse from the library is
    used instead.

## 0.1.1 - 2017-12-14

### Changed

-   The `reuse --help` text has been tidied up a little bit.

### Fixed

-   Release date in change log fixed.
-   The PyPI homepage now gets reStructuredText instead of Markdown.

## 0.1.0 - 2017-12-14

### Added

-   Successfully parse old-style C and HTML comments now.
-   Added `reuse compile`, which creates an SPDX bill of materials.
-   Added `--ignore-missing` to `reuse lint`.
-   Allow to specify multiple paths to `reuse lint`.
-   `chardet` added as dependency.
-   `pygit2` added as soft dependency. reuse remains usable without it,
    but the performance with `pygit2` is significantly better. Because
    `pygit2` has a non-Python dependency (`libgit2`), it must be
    installed independently by the user. In the future, when reuse is
    packaged natively, this will not be an issue.

### Changed

-   Updated to version 2.0 of the REUSE recommendations. The
    most important change is that `License-Filename` is no longer used.
    Instead, the filename is deducted from `SPDX-License-Identifier`.
    This change is **NOT** backwards compatible.
-   The conditions for linting have changed. A file is now non-compliant
    when:
    -   The license associated with the file could not be found.
    -   There is no SPDX expression associated with the file.
    -   There is no copyright notice associated with the file.
-   Only read the first 4 KiB (by default) from code files rather than
    the entire file when searching for SPDX tags. This speeds up the
    tool a bit.
-   `Project.reuse_info_of` no longer raises an exception. Instead, it
    returns an empty `ReuseInfo` object when no reuse information is
    found.
-   Logging is a lot prettier now. Only output entries from the `reuse`
    module.

### Fixed

-   `reuse --ignore-debian compile` now works as expected.
-   The tool no longer breaks when reading a file that has a non-UTF-8
    encoding. Instead, `chardet` is used to detect the encoding before
    reading the file. If a file still has errors during decoding, those
    errors are silently ignored and replaced.

## 0.0.4 - 2017-11-06

### Fixed

-   Removed dependency on `os.PathLike` so that Python 3.5 is actually
    supported

0.0.3 - 2017-11-06
------------------

### Fixed

-   Fixed the link to PyPI in the README.

## 0.0.2 - 2017-11-03

This is a very early development release aimed at distributing the
program as soon as possible. Because this is the first release, the
changelog is a little empty beyond "created the program".

The program can do roughly the following:

-   Detect the license of a given file through one of three methods (in
    order of precedence):
    -   Information embedded in the .license file.
    -   Information embedded in its header.
    -   Information from the global debian/copyright file.
-   Find and report all files in a project tree of which the license
    could not be found.
-   Ignore files ignored by Git.
-   Do some logging into STDERR.


