Page MenuHomeDevCentral
Paste P399

license-originality-report.md
ActivePublic
Actions

Authored by dereckson on Fri, Apr 3, 21:47.
Tags
None
Referenced Files
F25185125: license-originality-report.md
Fri, Apr 3, 21:47
Subscribers
None
Tokens
"Y So Serious" token, awarded by dereckson.
# License originality assessment report
## Context
762 files in the operations repository carry the license header
`Trivial work, not eligible to copyright`. This assessment reviews each file
against the **threshold of originality** applicable under Belgian, French, and
German copyright law to determine whether any should be relicensed.
## Legal standard applied
Under Belgian, French, and German civil law, copyright protection requires
the work to bear the **"stamp of the author's personality"** (*empreinte de la
personnalité de l'auteur*). German law refers to this as *Schöpfungshöhe*
(creative height). The threshold in these jurisdictions is notably higher than
in common-law countries.
A work crosses the threshold when the author made **creative, non-obvious
intellectual choices** not merely mechanical, generic, or inevitable
implementations. For source code specifically, this means non-trivial
algorithms, creative problem-solving approaches, or complex design decisions
where another developer would reasonably arrive at a different solution.
Conversely, the following do **not** meet the threshold: standard configuration
parameters, declarative state descriptions, simple command wrappers, obvious
implementations dictated by the problem domain, and data declarations.
## Methodology
All 762 files were read and categorized. Files were grouped by type (Salt
states, Python/PHP/Shell scripts, configuration files, data files) and assessed
individually or by representative sampling for homogeneous groups.
## Files relicensed to BSD-2-Clause
The following 10 files were updated from "Trivial work" to BSD-2-Clause.
4 additional files already carried BSD-2-Clause and were confirmed as correct.
### Updated files
| File | Lines | Rationale |
|------|------:|-----------|
| `roles/paas-docker/containers/files/mastodon/clear-video-queue.py` | 85 | Multi-stage pipeline with process filtering, time-based heuristics, and suspect-command detection for selective process termination. Non-obvious algorithmic choices. |
| `roles/salt-primary/software/files/staging-commit-message.py` | 100 | GitPython integration with submodule tracking, commit history analysis, and custom formatting logic for automated commit messages. |
| `roles/paas-docker/containers/files/sentry/etc/sentry.conf.py` | 311 | Network interface detection using ctypes/fcntl/socket structs, custom CIDR calculation, network masking logic, and Vault secrets integration. |
| `roles/paas-docker/devel/files/arc.sh` | 115 | Sophisticated Docker image management with UID/GID-based image selection, dynamic Dockerfile generation, and multi-mode operation (build/update/exec). |
| `roles/vault/bootstrap/files/vault-initialize.sh` | 125 | Complex PKI infrastructure setup: intermediate CA generation, certificate signing workflow with jq filtering, format conversion, and multi-step cryptographic operations. |
| `roles/phabricator/containers/files/run-devcentral.sh` | 99 | Container orchestration with environment variable propagation, git repository management with branch-specific deployment, and SSH key setup. |
| `roles/webserver-alkane/alkane/files/recipes/_lib/git-clone.sh` | 61 | JSON parsing for optional branch specification with jq, fallback logic for default branch selection, and creative handling of flexible input formats. |
| `roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh` | 41 | Branch verification with production-only enforcement, specialized composer update workflow with creative deployment constraints. |
| `roles/webserver-content/org/nasqueron/files/deploy-docker-registry-api-doc.sh` | 64 | Artifact download and deployment orchestration with build number validation via regex, multiple archive extraction, and selective error handling. |
| `roles/mailserver/dkim/files/bin/get-dkim-dns-entry.php` | 72 | Specialized DNS record parsing with BIND format handling, multiple regex patterns for subdomain/value extraction, and custom string manipulation. |
### Already correctly licensed as BSD-2-Clause
| File | Lines | Rationale |
|------|------:|-----------|
| `roles/devserver/userland-software/files/url.py` | 200 | Custom URL resolution system with multi-strategy path mapping (static, userdir, wwwroot) and YAML configuration parsing. |
| `roles/devserver/userland-software/files/shell.py` | 244 | Sophisticated ServerConnection class with template substitution engine, deque-based argument manipulation, and custom handler/alias system. |
| `roles/webserver-core/tools/files/list-nginx-vhosts.tcl` | 60 | TCL implementation with OS detection (BSD/Linux), procedural abstraction, and cross-platform configuration management. |
| `roles/shellserver/user-session/files/whom-diff.sh` | 75 | Session tracking with MD5-based hashing, state management with previous/current comparison, and multiple operation modes. |
## Files confirmed as trivial work
The remaining 748 files were confirmed as correctly labeled. They fall into the
following categories.
### Salt state files (.sls) ~580 files
All reviewed Salt state files are **declarative YAML** describing desired system
state (install package X, ensure service Y runs, deploy file Z). Even files
with Jinja2 conditionals and loops use **standard Salt idioms** that any
administrator would write identically. The conditional logic (OS detection, ZFS
presence checks, pillar data iteration) is **mechanically determined by
infrastructure constraints**, not creative design choices.
This includes: top.sls, services.sls, all pillar data files, all init.sls
orchestration files, and all state files for roles such as paas-docker,
core/network, salt-primary, bastion, mailserver, opensearch, webserver-alkane,
devserver, and others.
### Configuration files ~100 files
Standard parameter configurations for nginx, systemd, PostgreSQL, MySQL,
OpenSSH, Vault, Grafana, Dovecot, Postfix, OpenSearch, tmux, zsh, and others.
Choices are **dictated by software requirements and security constraints**, not
creative expression.
This includes: all nginx vhost configurations, TLS/proxy/CORS include files,
sshd_config files, database configurations, service unit files, RC scripts,
and application configuration templates.
### Simple shell scripts ~40 files
Trivial wrappers around single commands or standard procedures: docker exec
invocations, service restarts, file copy operations, standard build procedures
(configure/make/install), and single-pipeline commands.
### Sudoers and access control files ~10 files
Mechanical access control lists where selections are dictated by role function
and security requirements.
### HCL/Terraform policy files ~12 files
Vault access policies and infrastructure configurations. Mechanical assertions
of data paths and capabilities.
### Data and template files ~6 files
DNS zone files, SQL templates, environment variable templates, and header
boilerplate. Pure functional data with no creative expression.
## Borderline cases not relicensed
The following files were considered but judged to remain below the threshold:
| File | Rationale for keeping as trivial |
|------|----------------------------------|
| `roles/paas-docker/wrappers/files/openfire.sh` | Certificate format conversion + docker exec. Standard operations despite 87 lines. |
| `roles/phabricator/arcanist/files/arc.sh` | Docker wrapper, simpler than the paas-docker version. Obvious implementation. |
| `roles/paas-docker/wrappers/files/mysql.sh` | Container status check + exec wrapper. Standard pattern. |
| `roles/shellserver/userland-software/files/install-eggdrop.sh` | Standard autotools build procedure (configure/make/install). |
| `roles/mailserver/dkim/files/bin/get-dkim-key-table.sh` | Two nested loops with standard path manipulation. |
| `roles/mailserver/dkim/files/bin/get-dkim-signing-table.sh` | Two nested loops with standard path manipulation. |
| `roles/netbox/netbox/files/configuration.py` | Configuration template with placeholder values. Despite 281 lines, no logic. |

Event Timeline

dereckson created this paste.Fri, Apr 3, 21:47
dereckson added a comment.Fri, Apr 3, 21:48

Generated with Claude Opus 4.6 to evaluate Cowork suitability for non-technical maintenance tasks in repositories.

dereckson awarded a token.Fri, Apr 3, 21:48
dereckson mentioned this in D4045: License copyright eligible files under BSD-2-Clause.Fri, Apr 3, 22:06
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator