activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Legal goo problems (4.1.2 release now imminent)
Date Sun, 06 Apr 2008 19:27:05 GMT
I've reviewed the legal files in the 4.1 branch and fixed them up to  
the best of my ability.  For non-jar artifacts I've generally relied  
on hardcoded LICENSE and NOTICE files since the maven-remote- 
resources-plugin tends to put them in odd places.

Since the status of jmdns looks exceedingly fuzzy to me I also added  
an activemq-jmdns_1.0 module that contains the files that are  
definitely under the apache license, and moved them to a sun-friendly  
package.

If anyone can stand to review this stuff that would be great.  I  
expect to be proposing a release vote for 4.1.2 later today or tomorrow.

Many thanks
david jencks


On Mar 31, 2008, at 1:12 PM, Hiram Chirino wrote:

> On Fri, Mar 28, 2008 at 7:04 PM, David Jencks  
> <david_jencks@yahoo.com> wrote:
>> In my hopefully finite-length effort to get a 4.1.2 release out I've
>>  been looking a little bit at the LICENSE and NOTICE files in the 4.1
>>  branch and trunk and think many of them have big problems.
>>
>>  Current thinking expressed on the legal-discuss is that:
>>
>>  A source code unit expected to be checked out from svn needs LICENSE
>>  and NOTICE files in svn at the root of the checkout.  These files
>>  should apply exactly to the source code checked out, and not include
>>  any language only appropriate for dependencies that may be needed to
>>  build or run the software.  These are the only LICENSE and NOTICE
>>  files that need to be actually present in svn.
>>
>>  Each artifact distributed needs a LICENSE and NOTICE file.  These  
>> may
>>  be hardcoded in svn or generated.  These files should accurately
>>  describe the license(s) and required notices of what is actually in
>>  the distribution unit (e.g. jar, war, tar.bz2) and not describe
>>  anything not included that might be necessary to use the software.
>>
>>  Artifacts can also have descriptions of dependencies needed to use
>>  the software but these descriptions should not be in the LICENSE or
>>  NOTICE files.
>>
>>  so....
>>
>>  Looking around there are 2 problems:
>>  - some of the LICENSE and possibly NOTICE files look like they have
>>  generally large amounts of text appropriate for dependencies, not
>>  what they actually apply to
>
> What do you mean by "not what they actually apply to"?
>
>>  - some LICENSE files are decidedly incomplete.  For instance the
>>  activemq-web-console includes all the sun jaxb jars but no CDDL
>
> Ah lets add that asap.
>
>>  license.  The trunk root LICENSE.txt file doesn't include the
>>  licenses for the javascript in the activemq-web-console.
>>
>
> All those bits are in the distro NOTICE I think.
>
>>  Possible solutions....
>>
>>  The root LICENSE and NOTICE files have to be fixed by hand AFAIK.
>>  All the others can be generated using the maven-remote-resources
>>  plugin.  Thanks to Dan Kulp the latest apache resource bundle
>>  actually generates stuff compliant with the apparent policy.  What
>>  needs to happen is that modules that have extra LICENSE or NOTICE
>>  requirements need the extra stuff to be put into
>>
>>  src/main/appended-resources/META-INF/LICENSE and src/main/appended-
>>  resources/META-INF/NOTICE
>>
>>  I can help with setting this up but I don't know what code might  
>> need
>>  such extra legal goo.  If I'm going to be able to help I'd need
>>  accurate information on this.
>>
>
> This sounds like a good plan.  Perhaps we should dissect the current
> LICENSE and NOTICE distro files since that what got all the attention
> last time we reviewed the release legal bits.
>
>>  There's also a geronimo maven plugin that can verify that legal  
>> files
>>  are present in all the artifacts you build (jar, war, javadoc,
>>  source, etc).  I think it's a big help in release auditing to  
>> include
>>  this plugin in the regular build to  catch problems early.
>
> Sounds good.
>
>>
>>  thanks
>>  david jencks
>>
>>
>
>
>
> -- 
> Regards,
> Hiram
>
> Blog: http://hiramchirino.com
>
> Open Source SOA
> http://open.iona.com


Mime
View raw message