Make WordPress Core

Opened 20 months ago

Last modified 11 months ago

#45795 assigned defect (bug)

Twenty Nineteen: missing license information for assets

Reported by: poena Owned by: williampatton
Milestone: Future Release Priority: high
Severity: normal Version:
Component: Bundled Theme Keywords:
Focuses: Cc:


The themes readme.txt file is missing license and copyright information
for the bundled svg icons.

In twentynineteen\classes\class-twentynineteen-svg-icons.php we can find references like:

'link' => /* material-design – link */ '

But there is no other information about where the icons are from,

The theme needs to be 100% compatible with GPL, and it needs to include the license and copyright information for all assets.
If there are other assets included that are missing this information, that needs to be added as well.

Change History (30)

#1 @williampatton
20 months ago

I was about to post a ticket for this very same issue. Since this one already exists I am posting my questions here.

What icons are used in the theme and what is their licence? Are they all material.io icons from Google used under Apache Licence 2.0?

Could we have that documented in the readme file for the theme? I see that is used to be noted there but was removed very early in the dev cycle for the theme at github.

Also note that for other themes distributed on .org repository we require that theme authors include a note or licence statement about all the applicable resources they use so that any derivatives of the themes are aware in advance of the licences they are bound by when using any given bundled resource.

This ticket was mentioned in Slack in #core-themes by williampatton. View the logs.

19 months ago

This ticket was mentioned in Slack in #core-themes by poena. View the logs.

18 months ago

#4 @williampatton
18 months ago

  • Milestone changed from Awaiting Review to 5.2
  • Owner set to williampatton
  • Priority changed from normal to high
  • Status changed from new to assigned

This ticket was mentioned in Slack in #core-themes by williampatton. View the logs.

18 months ago

#6 @williampatton
18 months ago

CC: @kjellr, @allancole could you help me out with looking into this? I see in the git history you have both worked with the commits adding icons to the theme.

We need to have a clear licence declaration for the icons used. I was initially thinking they were all from the same package but after a closer check I see that some were added at later points and that when they were added it wasn't clear to me where they were coming from or what licence they were being used under.

I'd like to try and get this sorted out soonish because I've been asked about it several times now by theme authors and theme reviewers.

#7 @pento
18 months ago

Thanks for the check in, @williampatton!

Just to give you an update, Automattic folk have a few contacts over on the Google Material team, so for the sake of efficiency, they've been talking directly about license compatibility. As OSS licenses tend to be less frequently tested in court, different lawyers will have different opinions on what different clauses mean, so it's an ongoing discussion. Nevertheless, the lawyers are the experts here, so I'll leave it them to work out the details. 🙂

Let's keep this in the 5.2 milestone, I agree that we need to get it addressed properly. It'll just take a bit of time, as these discussions can be a little slower moving.

#8 @williampatton
18 months ago

Hey @pento,

Awesome to hear lawyers are talking behind the scenes. They can make make decisions I'm uncomfortable making and I can just guide this one through to being committed when it's able to be resolved. Perfect :)

Also the update, on a Sunday as well, is much appreciated :)

#9 @poena
18 months ago


All of the icons are not necesarilly Google Material icons though.

Some of them were added to the theme from pull requests from different developers who did not include any license information or source information.


#10 @kjellr
18 months ago

Thanks, @poena — aside from Material icons, there are two other types of icons bundled in the theme:

Custom Icons

I think there's only one of these, and it was made by me. It lives here:


I believe this icon was ultimately unused though. I'll double check and if that's the case, I'll get a patch going to eliminate it if so.

Social icons

These were included following the precedent of the social media logos included in Twenty Seventeen:


I'm not sure of the origins of the Twenty Seventeen ones, but my understanding is that the initial set in Twenty Nineteen was sourced from here:


This was before I was involved with the theme though, so perhaps @allancole can confirm.

From a quick look through the GitHub history, it looks like the last.fm icon you linked to is the only brand new social icon addition since the initial commit of those icons. (Other PRs simply updated the icon > URL mapping).


If/when we have clarity around the appropriate license language and/or changes that need to happen. I'm happy to create the patch for us.

#11 @williampatton
18 months ago

@kjellr I think the TwentySeventeen icons are FontAwesome. That's what's decared in the readme anyways. https://themes.svn.wordpress.org/twentyseventeen/2.1/README.txt

#12 @desrosj
17 months ago

  • Milestone changed from 5.2 to 5.3

With 5.2 beta 1 in a little over a day's time, I am going to punt this to 5.3 as there is no patch or defined action to take (if any is required).

#13 follow-up: @pento
17 months ago

  • Milestone changed from 5.3 to 5.2
  • Type changed from enhancement to defect (bug)

Moving back to 5.2 for now, as we need to address this sooner, rather than later.

(Status update for folks following along: getting Google lawyers to respond to things is... slow.) 🙂

#14 in reply to: ↑ 13 @williampatton
17 months ago

Oh I bet it is slow waiting on a reply there lol.

I agree that it would be preferable to resolve this ASAP.

The other themes hosted in the .org directory are subject to a checking process which makes sure they declare all resources used and for all of them to be 100% GPL compatible. In this theme however there is no declaration of the icons and indeed some seem to have been added to the collection without proper checking or notice of the licence they are used under.

I am happy to write a quick patch that can add in notes of the icons I can figure out the details for - but some of them I was not able to find out origins of at all :(

Replying to pento:

Moving back to 5.2 for now, as we need to address this sooner, rather than later.

(Status update for folks following along: getting Google lawyers to respond to things is... slow.) 🙂

Last edited 17 months ago by williampatton (previous) (diff)

This ticket was mentioned in Slack in #core by audrasjb. View the logs.

17 months ago

#16 @desrosj
17 months ago

@pento Do we have any update on this, or any actionable steps?

#17 @pento
17 months ago

Nothing to action at this point.

For an update, Google lawyers have responded, we're reviewing their position at the moment. @pesieminski (Automattic General Counsel, and my favourite lawyer in the world, sorry other lawyers) has kindly offered to spend some time digging into the nuances. 🙂

#18 @williampatton
17 months ago

I do not know why we need laywers here to make this one actionable. In my view there is a simple solution - we add a note about the licence the icons we know are used here and we remove the ones we dont know (@kjellr thinks there may only be a single image that is not material icons and is unused).

In my view the Apache licence 2.0, which material icons are distributed under, is quite clear about the requirements to include original licence statements. If this theme uses the icons under different licence terms than that they we should document that fact.

Also as a requirement to distribute the contents of this theme we MUST properly inform users of the licence terms they are bound by when they use/modify/distribute it. That includes telling them the limitations of the icons and informing them of their requirements should they choose to redistribute.

It's also just nice to credit the sources and I feel that being nice about it would be sufficient reason to add in. I don't understand why there is any pushback or delays against adding this.

If this were not a core theme I would not hesitate to suspend it from the directory untill it is resolved. It's my job to make sure all themes that are distributed in the directory here are correctly licenced and clearly inform people of those licences. TwentyNinteen is not doing that.

#19 @pento
17 months ago

We need to talk to lawyers because the default themes have traditionally had further restrictions than other themes. They can't just use any OSS licenses for their assets: everything needs to be licensed in a way that it can be released under GPLv2.

WordPress' current position is that packages, modules, assets, etc, licensed under Apache 2.0 can't be released under GPLv2. We're discussing alternative licensing options with Google, as well as exploring WordPress' position on Apache 2.0/GPLv2 compatibility.

It's a significantly bigger issue than providing licensing annotation for a handful of icons, hence why it's going to take some time to sort out.

This ticket was mentioned in Slack in #core by audrasjb. View the logs.

16 months ago

This ticket was mentioned in Slack in #core by jeffpaul. View the logs.

16 months ago

This ticket was mentioned in Slack in #core by jeffpaul. View the logs.

16 months ago

This ticket was mentioned in Slack in #core by chanthaboune. View the logs.

16 months ago

#24 @pento
16 months ago

  • Milestone changed from 5.2 to 5.3

Moving to 5.3, as I won't be able to get a definitive answer on this before 5.2 is released.

#25 @williampatton
12 months ago

@pento with 5.3 under way already is this one a candidate for pushing to the next milestone instead?

#26 follow-up: @pento
12 months ago

This is fine to leave in 5.3 for now, we can always move it later if there's still no progress.

#27 in reply to: ↑ 26 @williampatton
12 months ago

Replying to pento:

This is fine to leave in 5.3 for now, we can always move it later if there's still no progress.

Sounds good, I'll check in again closer to freeze time for 5.3 then. Thanks for tagging along in this ticket with me :)

This ticket was mentioned in Slack in #core by pento. View the logs.

11 months ago

#29 @pento
11 months ago

  • Milestone changed from 5.3 to Future Release

This is stalled at the moment. I'm moving it to Future Release, since there's currently no timeline for when these larger issues will resolved.

#30 @poena
11 months ago

Would it not be better to just replace the assets. WordPress is meant to be GPL compatible.

Note: See TracTickets for help on using tickets.