You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am looking through dependencies and their licenses in one of our projects and noticed a potential inconsistency (we directly depend on phpdotenv):
This package is licensed under the BSD-3-Clause license. The dependency phpoption is licensed under Apache 2.0. Similarly, ResultType is licensed under MIT and depends on phpoption as well. (mentioning this here because the package author is also an author of this package)
Based on my understanding regarding license compatibility (I am not a lawyer; so see this graph: https://en.wikipedia.org/wiki/License_compatibility#Compatibility_of_FOSS_licenses) both of these cases are incompatible. Using an Apache 2.0 licensed package would require to at least use Apache 2.0 as well. The other way around would however be possible, e.g., including an MIT-licensed package in an Apache 2.0.
The text was updated successfully, but these errors were encountered:
I am looking through dependencies and their licenses in one of our projects and noticed a potential inconsistency (we directly depend on
phpdotenv):This package is licensed under the
BSD-3-Clauselicense. The dependencyphpoptionis licensed underApache 2.0. Similarly,ResultTypeis licensed underMITand depends onphpoptionas well. (mentioning this here because the package author is also an author of this package)Based on my understanding regarding license compatibility (I am not a lawyer; so see this graph: https://en.wikipedia.org/wiki/License_compatibility#Compatibility_of_FOSS_licenses) both of these cases are incompatible. Using an
Apache 2.0licensed package would require to at least useApache 2.0as well. The other way around would however be possible, e.g., including anMIT-licensed package in anApache 2.0.The text was updated successfully, but these errors were encountered: