From 19e4152dd024f6d6f19f801df1b130340b997bd9 Mon Sep 17 00:00:00 2001 From: Sergej Dechand Date: Thu, 12 Sep 2024 15:19:58 +0200 Subject: [PATCH 1/3] Adjust license to clarify the usage within OSS-Fuzz --- LICENSE | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/LICENSE b/LICENSE index 55cd6088c..4102835f0 100644 --- a/LICENSE +++ b/LICENSE @@ -46,9 +46,13 @@ below: * Perform analysis on the Open Source Codebase but without automated analysis / fuzzing, CI, or CD. - * Perform analysis on Open Source Codebases, including automated - analysis / fuzzing, CI, or CD only through the OSS-Fuzz Infrastructure - operated by Google (https://github.com/google/oss-fuzz). + + * Perform analysis on Open Source Codebases, including automated analysis / fuzzing, + CI, or CD only in the following cases: + (a) through the OSS-Fuzz Infrastructure operated by Google, and/or + (b) Your codebase is listed as an accepted project for OSS-Fuzz by Google, and/or + (c) test contributions to OSS-Fuzz by Google to confirm that your + modifications work as intended. License Restrictions -------------------- From 6236c6cf8f3068c88db776aed7d4be5ff32ce3c4 Mon Sep 17 00:00:00 2001 From: Sergej Dechand Date: Thu, 12 Sep 2024 15:24:36 +0200 Subject: [PATCH 2/3] Remove whitespace --- LICENSE | 1 - 1 file changed, 1 deletion(-) diff --git a/LICENSE b/LICENSE index 4102835f0..89adcd4d7 100644 --- a/LICENSE +++ b/LICENSE @@ -46,7 +46,6 @@ below: * Perform analysis on the Open Source Codebase but without automated analysis / fuzzing, CI, or CD. - * Perform analysis on Open Source Codebases, including automated analysis / fuzzing, CI, or CD only in the following cases: (a) through the OSS-Fuzz Infrastructure operated by Google, and/or From b41068445511ff6e882e5dbf1662941ad342e9ca Mon Sep 17 00:00:00 2001 From: Sergej Dechand Date: Tue, 15 Oct 2024 19:08:58 +0200 Subject: [PATCH 3/3] Added further clarifications --- LICENSE | 7 ++++--- README.md | 6 ++++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/LICENSE b/LICENSE index 89adcd4d7..5bbaa06d6 100644 --- a/LICENSE +++ b/LICENSE @@ -7,7 +7,8 @@ software and associated documentation (collectively, the **Please read all of these Terms;** in many cases, provisions set forth later in the Terms limit and qualify provisions set forth earlier in the Terms. If You do not accept these Terms, do not -download, install, use, or copy the Software. +download, install, use, or copy the Software except as a dependency of another +program if you do not use the functionality of the Software." Definitions ----------- @@ -50,8 +51,8 @@ below: CI, or CD only in the following cases: (a) through the OSS-Fuzz Infrastructure operated by Google, and/or (b) Your codebase is listed as an accepted project for OSS-Fuzz by Google, and/or - (c) test contributions to OSS-Fuzz by Google to confirm that your - modifications work as intended. + (c) test contributions to OSS-Fuzz, OSS-Fuzz-Gen & ClusterFuzzLite by Google + to confirm that your modifications work as intended. License Restrictions -------------------- diff --git a/README.md b/README.md index 51d32825c..6daab78ce 100644 --- a/README.md +++ b/README.md @@ -96,8 +96,10 @@ See [the README](https://github.com/bazelbuild/rules_fuzzing#java-fuzzing) for i [Code Intelligence](https://code-intelligence.com) and Google have teamed up to bring support for Java, Kotlin, and other JVM-based languages to [OSS-Fuzz](https://github.com/google/oss-fuzz), Google's project for large-scale fuzzing of open-source software. Read [the OSS-Fuzz guide](https://google.github.io/oss-fuzz/getting-started/new-project-guide/jvm-lang/) to learn how to set up a Java project. -**Note**: projects accepted in OSS-Fuzz can use Jazzer for free and benefit from the OSS-Fuzz infrastructure and -licensing for automated analysis and continuous integration. +**Note**: Open source projects can use Jazzer for free and benefit from the +OSS-Fuzz infrastructure, including ClusterFuzzLite and OSS-Fuzz-Gen for +automated analysis and continuous integration. There is no risk of accidental +license violation as long as Jazzer is used for testing open-source code. ## Building from source