APSL license file

[kpcyrd]

I noticed Cargo.toml states the license of security-framework as MIT/Apache-2.0, but the repo also contains an APSL file and it's unclear on which files it applies. Should the license be changed to APSL, does it apply to individual files or can it be removed?

This is related to debian packaging, which considers APSL non-free, but needs to be uploaded anyway due to rust-lang/cargo#5896.

Thanks

[kornelski]

The APSL notice has been added by @sfackler. I'm not sure how much it applies.

The parent crate that includes the security-framework crate should do it conditionally:

[target.'cfg(target_vendor = "apple")'.dependencies]
security-framework = "0.3"

so certainly there won't be any of its code included on non-Apple platforms.

If you're packaging this for Linux, then I think you could replace it with a dummy project (cargo new --lib security-framework and give it the expected version) and then use the [patch] feature or path = dependencies to use it instead.