reuse is a tool for compliance with the REUSE recommendations.
reuse is a tool for compliance with the REUSE recommendations.
- Documentation: https://reuse.readthedocs.io and https://reuse.software
- Source code: https://github.com/fsfe/reuse-tool
- PyPI: https://pypi.python.org/pypi/reuse
- REUSE: 3.0
- Python: 3.6+
Copyright and licensing is difficult, especially when reusing software from different projects that are released under various different licenses. REUSE was started by the Free Software Foundation Europe (FSFE) to provide a set of recommendations to make licensing your Free Software projects easier. Not only do these recommendations make it easier for you to declare the licenses under which your works are released, but they also make it easier for a computer to understand how your project is licensed.
As a short summary, the recommendations are threefold:
- Choose and provide licenses
- Add copyright and licensing information to each file
- Confirm REUSE compliance
You are recommended to read our tutorial for a step-by-step guide through these three steps. The FAQ covers basic questions about licensing, copyright, and more complex use cases. Advanced users and integrators will find the full specification helpful.
This tool exists to facilitate the developer in complying with the above recommendations.
There are other tools that have a lot more features and functionality surrounding the analysis and inspection of copyright and licenses in software projects. The REUSE helper tool, on the other hand, is solely designed to be a simple tool to assist in compliance with the REUSE recommendations.
Installation via pip
To install reuse, you need to have the following pieces of software on your computer:
- Python 3.6+
You then only need to run the following command:
pip3 install --user reuse
After this, make sure that
~/.local/bin is in your
Installation via package managers
There are packages available for easy install on some operating systems. You are welcome to help us package this tool for more distributions!
Installation from source
You can also install this tool from the source code, but we recommend the methods above for easier and more stable updates. Please make sure the requirements for the installation via pip are present on your machine.
python3 setup.py install
First, read the REUSE tutorial. In a nutshell:
- Put your licenses in the
- Add a comment header to each file that says
SPDX-License-Identifier: GPL-3.0-or-later, and
SPDX-FileCopyrightText: $YEAR $NAME. You can be flexible with the format, just make sure that the line starts with
- Verify your work using this tool.
To check against the recommendations, use
~/Projects/reuse-tool $ reuse lint [...] Congratulations! Your project is compliant with version 3.0 of the REUSE Specification :-)
This tool can do various more things, detailed in the documentation. Here a short summary:
addheader--- Add copyright and/or licensing information to the header of a file.
download--- Download the specified license into the
init--- Set up the project for REUSE compliance.
lint--- Verify the project for REUSE compliance.
spdx--- Generate an SPDX Document of all files in the project.
Run in Docker
REUSE is simple to include in CI/CD processes. This way, you can check for REUSE compliance for each build. In our resources for developers you can learn how to integrate the REUSE tool in Drone, Travis, or GitLab CI.
fsfe/reuse Docker image available on Docker
Hub, you can run the helper tool
simply by executing
reuse lint. To use the tool on your computer, you can
mount your project directory and run
reuse lint <path/to/directory>.
- Carmen Bianca Bakker - firstname.lastname@example.org
Starting local development is very simple, just execute the following commands:
git clone email@example.com:fsfe/reuse-tool.git cd reuse-tool/ python3 -mvenv venv source venv/bin/activate make develop
You need to run
make develop at least once to set up the virtualenv.
make help to see the available interactions.
Copyright (C) 2017-2019 Free Software Foundation Europe e.V.
This work is licensed under multiple licences. Because keeping this section up-to-date is challenging, here is a brief summary as of July 2019:
- All original source code is licensed under GPL-3.0-or-later.
- All documentation is licensed under CC-BY-SA-4.0.
- Some configuration and data files are licensed under CC0-1.0.
- Some code borrowed from spdx/tool-python is licensed under Apache-2.0.
For more accurate information, check the individual files.
This change log follows the Keep a Changelog spec. Every release contains the following sections:
Addedfor new features.
Changedfor changes in existing functionality.
Deprecatedfor soon-to-be removed features.
Removedfor now removed features.
Fixedfor any bug fixes.
Securityin case of vulnerabilities.
The versions follow semantic versioning.
0.7.0 - 2019-11-28
The program's package name on PyPI has been changed from
fsfe-reuse==1.0.0has been created as an alias that depends on
fsfe-reusewill not receive any more updates, but will still host the old versions.
For users of
fsfe-reuse, this means:
If you depend on
fsfe-reuse>=0.X.Yin your requirements.txt, you will get the latest version of
reusewhen you install
fsfe-reuse. You may like to change the name to
reuseexplicitly, but this is not strictly necessary.
If you depend on
fsfe-reuse==0.X.Y, then you will keep getting that version. When you bump the version you depend on, you will need to change the name to
If you depend on
fsfe-reuse>=0.X.Y<1.0.0, then 0.6.0 will be the latest version you receive. In order to get a later version, you will need to change the name to
0.6.0 - 2019-11-19
--include-submodulesis added to also include submodules when linting et cetera.
addheadernow also recognises the following extensions:
Made the workaround for
MachineReadableFormatErrorintroduced in 0.5.2 more generic.
Improved shebang detection in
addheader, the SPDX comment block now need not be the first thing in the file. It will find the SPDX comment block and deal with it in-place.
Git submodules are now ignored by default.
addheader --explicit-licensenow no longer breaks on unsupported filetypes.
0.5.2 - 2019-10-27
python3 -m reusenow works.
- Updated license list to 3.6-2-g2a14810.
reuse lintimproved by at least a factor of 2. It no longer does any checksums on files behind the scenes.
MachineReadableFormatErrorwhen parsing DEP5 files. Tries to import that error. If the import is unsuccessful, it is handled.
0.5.1 - 2019-10-24 [YANKED]
This release was replaced by 0.5.2 due to importing
MachineReadableFormatError, which is not a backwards-compatible change.
0.5.0 - 2019-08-29
TeX and ML comment styles added.
binaryornotadded as new dependency.
Greatly improved the usage documentation.
reuse addheadernow automatically adds the current year to the copyright notice.
reuse addheaderpreserves the original header below the new header if it did not contain any SPDX information.
reuse addheadernow correctly handles
Bad licenses are no longer resolved to LicenseRef-Unknown<n>. They are instead resolved to the stem of the path. This reduces the magic in the code base.
.gitkeepfiles are now ignored by the tool.
Changed Lisp's comment character from ';;' to ';'.
0.4.1 - 2019-08-07
--allargument help to
reuse download, which downloads all detected missing licenses.
reuse addheaderon a file that contains a shebang, the shebang is preserved.
Copyright lines in
reuse spdxare now sorted.
Some publicly visible TODOs were patched away.
0.4.0 - 2019-08-07
This release is a major overhaul and refactoring of the tool. Its primary focus is improved usability and speed, as well as adhering to version 3.0 of the REUSE Specification.
reuse addheaderhas been added as a way to automatically add copyright statements and license identifiers to the headers of files. It is currently not complete.
reuse inithas been added as a way to initialise a REUSE project. Its functionality is currently scarce, but should improve in the future.
reuse lintnow provides a helpful summary instead of merely spitting out non-compliant files.
reuse compileis now
In addition to
©, copyright lines can be marked with the tag
SPDX-FileCopyrightText:. This is the new recommended default.
Project no longer depends on pygit2.
The list of SPDX licenses has been updated.
Valid-License-Identifieris no longer used, and licenses and exceptions can now only live inside of the LICENSES/ directory.
GPL-3.0 and GPL-3.0+ (and all other similar GPL licenses) are no longer detected as SPDX identifiers. Use GPL-3.0-only and GPL-3.0-or-later instead.
Scanning a Git directory is a lot faster now.
Scanning binary files is a lot faster now.
0.3.4 - 2019-04-15
This release should be a short-lived one. A new (slightly backwards-incompatible) version is in the works.
- Copyrights can now start with
©in addition to
Copyright. The former is now recommended, but they are functionally similar.
- The source code of reuse is now formatted with black.
- The repository has been moved from https://git.fsfe.org/reuse/reuse to https://gitlab.com/reuse/reuse.
0.3.3 - 2018-07-15
- Any files with the suffix
.spdxare no longer considered licenses.
0.3.2 - 2018-07-15
- The documentation now builds under Python 3.7.
0.3.1 - 2018-07-14
- When using reuse from a child directory using pygit2, correctly find the root.
0.3.0 - 2018-05-16
- The output of
reuse compileis now deterministic. The files, copyright lines and SPDX expressions are sorted alphabetically.
- When a GPL license could not be found, the correct
-or-laterextension is now used in the warning message, rather than a bare
- If you have a license listed as
SPDX-Valid-License: GPL-3.0-or-later, this now correctly matches corresponding SPDX identifiers. Still it is recommended to use
0.2.0 - 2018-04-17
- Internationalisation support added. Initial support for:
- The license list of SPDX 3.0 has deprecated
GPL-3.0+et al in favour of
GPL-3.0-or-later. The program has been amended to accommodate sufficiently for those licenses.
Project.reuse_info_ofnow extracts, combines and returns information both from the file itself and from debian/copyright.
ReuseInfonow holds sets instead of lists.
- As a result of this,
ReuseInfowill not hold duplicates of copyright lines or SPDX expressions.
- As a result of this,
- click removed as dependency. Good old argparse from the library is used instead.
0.1.1 - 2017-12-14
reuse --helptext has been tidied up a little bit.
- Release date in change log fixed.
- The PyPI homepage now gets reStructuredText instead of Markdown.
0.1.0 - 2017-12-14
- Successfully parse old-style C and HTML comments now.
reuse compile, which creates an SPDX bill of materials.
- Allow to specify multiple paths to
chardetadded as dependency.
pygit2added as soft dependency. reuse remains usable without it, but the performance with
pygit2is significantly better. Because
pygit2has a non-Python dependency (
libgit2), it must be installed independently by the user. In the future, when reuse is packaged natively, this will not be an issue.
- Updated to version 2.0 of the REUSE recommendations. The
most important change is that
License-Filenameis no longer used. Instead, the filename is deducted from
SPDX-License-Identifier. This change is NOT backwards compatible.
- The conditions for linting have changed. A file is now non-compliant
- The license associated with the file could not be found.
- There is no SPDX expression associated with the file.
- There is no copyright notice associated with the file.
- Only read the first 4 KiB (by default) from code files rather than the entire file when searching for SPDX tags. This speeds up the tool a bit.
Project.reuse_info_ofno longer raises an exception. Instead, it returns an empty
ReuseInfoobject when no reuse information is found.
- Logging is a lot prettier now. Only output entries from the
reuse --ignore-debian compilenow works as expected.
- The tool no longer breaks when reading a file that has a non-UTF-8
chardetis used to detect the encoding before reading the file. If a file still has errors during decoding, those errors are silently ignored and replaced.
0.0.4 - 2017-11-06
- Removed dependency on
os.PathLikeso that Python 3.5 is actually supported
0.0.3 - 2017-11-06
- Fixed the link to PyPI in the README.
0.0.2 - 2017-11-03
This is a very early development release aimed at distributing the program as soon as possible. Because this is the first release, the changelog is a little empty beyond "created the program".
The program can do roughly the following:
- Detect the license of a given file through one of three methods (in
order of precedence):
- Information embedded in the .license file.
- Information embedded in its header.
- Information from the global debian/copyright file.
- Find and report all files in a project tree of which the license could not be found.
- Ignore files ignored by Git.
- Do some logging into STDERR.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size reuse-0.7.0-py3-none-any.whl (71.4 kB)||File type Wheel||Python version py3||Upload date||Hashes View hashes|
|Filename, size reuse-0.7.0.tar.gz (119.0 kB)||File type Source||Python version None||Upload date||Hashes View hashes|