Does the MPL-2.0 require headers in every file?

Hello,

I want to use the Mozilla Public License for my project. Now, the FAQ tells me that I should add the corresponding header to every relevant file in the repository.

However, looking at some github repository, some of them include the header in all relevant files (like https://github.com/garro95/priority-queue), while other do not (like https://github.com/mozilla/sops).

Is this mandatory, or just good practice ? If I don't do it, will the files be covered by the license or not ?

It's not mandatory.

That's what you can find out only after long court process.

Note that when one of the Linux kernel developers went to sue VMWare court declined to even hear him because he couldn't prove he holds copyright on that code.

That means that if you ever plan to go to court for real then not only copyright notice is mandatory, but all files have to include names of people (or companies) who own the copyright.

If you don't plan to go to court… then answer to your question would forever be unknown.

I don't think adding the header to the top of your file is particularly helpful in this day and age. For one, it's a bunch of redundant[1] text at the top of a file you'll need to skip every time you want to read the source code, and it feels unnecessary unless you plan to distribute individual files separately from the rest of your crate or allow different parts of the same project to be covered by different licenses.

Normally, just having a LICENSE file containing the terms of you license (typically copied from the MPL website) at the root of your repository is enough. When publishing a crate to crates.io, you'll also be forced to to update your Cargo.toml with the license people can use your crate under.

That's generally enough for most companies and developers I've interacted with, but of course different people will have different tolerances for risk.


  1. as in, the information is already available elsewhere so why copy/paste it? ↩︎

3 Likes

Thank you both !

There does not seem to be a "standard" way to say 'every source code file in this repository is affected by the license'... So I think to be safe I will put the header in each file.
I don't think this is strictly necessary, but better safe than sorry I guess :person_shrugging:

When I do add the header to every file, I tend to prefer SPDX-License-Identifier so it's short and simple.

Given that the MPL itself explicitly discusses files as opposed to works, that's probably a good idea. You can add your own file to an otherwise MPL-covered work without the MPL applying to that new file, as I understand it.

Here's Rosen's take on the license from Open Source Licensing, FWIW: https://rosenlaw.com/pdf-files/Rosen_Ch07.pdf.

2 Likes

For Rust, Cargo is standard, and it has its package.license field, although there may be some debate over its exact meaning.

More generally, Free Software Foundation Europe has a standard named REUSE, though I don't think it's used widely.

They would have you add this machine-readable declaration at the top of each file:

// SPDX-FileCopyrightText: 2022 Arnaud Golfouse
//
// SPDX-License-Identifier: MPL-2.0

They prefer that each file have such a header, but they recognize that this can be infeasible, and they also allow specifying licensing information for a whole repository in a slightly modified form of a format originally developed by Debian to record this information for the software they package: https://reuse.software/faq/#bulk-license.

Rust decided to use the latter option for rustc:

1 Like