brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chip Childers <chipchild...@apache.org>
Subject Re: [VOTE] Release Apache Brooklyn 0.7.0-M2-incubating [rc3]
Date Thu, 11 Dec 2014 16:59:10 GMT
On Tue, Dec 09, 2014 at 03:54:42PM +0000, Richard Downer wrote:
> This is to call for a vote for the source release of Apache Brooklyn
> 0.7.0-M2-incubating.

Things that look correct to me:

1) No binary files, beyond images, Java keystore and certificate files
2) License headers look good on the source files
3) RAT exclusion list looks OK
4) Bundled external code appears to have perfectly OK license types
(noted ASL, BSD and MIT are the only licenses applying)
5) Required incubator disclosure looks good
6) Release identifies itself as an incubating release

Question: Although this is a source code release, are you intending to
provide a binary distribution as a project? If so, does that
distribution include any "bits" from any software not handled by the
source release's legal documentation? I ask, only because that would
require a different set of LICENSE and NOTICE files that should probably
be reviewed as well.

I do have some comments related to the LICENSE and NOTICE files, specific to this
source code release candidate (and I'll say that this is actually the
hardest thing to get right in a first ASF release).

First, I'm not sure if you've seen this yet:
http://www.apache.org/dev/licensing-howto.html

The LICENSE and NOTICE files are a bit off from what's needed. When
bundling BSD and MIT licensed code, there isn't a requirement to add
anything to the NOTICE file. See "Bundling Permissively-Licensed
Dependencies" in the link above.

That link talks about an approach to dealing with MIT and BSD licensed
source files that assumes you are using a pointer to a different LICENSE
file within the source tree that's specific to the dependency. TBH,
that's not the most common approach I've seen. Another perfectly valid
approach is to actually include each dependency's LICENSE file within
your project's LICENSE file. See below my signature for an example of
how to structure things.

Last comment:

ZeroClipboard.{js,swf} is in NOTICE (which would be moved to LICENSE
anyway), but it still talks about the swf file. This is really minor,
but could be fixed with the other fixes from above.

Hope this helps!

-chip


Here's an example of how I've included legal documentation for a MIT
licensed artifact and an ASLv2 licensed artifact in the LICENSE file.
I've included [X] markers to help with commenting on what you see below.
This example is from CloudStack, and I'm sure there are other ways to
handle the specific content... It's based on a template created via
Apache Whisker (although I don't recommend using that project since it's
not really being as actively maintained as I would have liked to see).
Others might have specific objections / suggestions to improve this
approach. Also, consider the Licensing HowTo as official guidance, and
the approach here as a suggested model to create a single LICENSE
file.

---------------------------------------------------
[1]
This distribution contains third party resources.

[2]
Within the console-proxy/js directory

[3]
    licensed under the MIT License http://www.opensource.org/licenses/mit-license.php  (as
follows)

[4]
    Copyright (c) 2009, John Resig

    Permission is hereby granted, free  of charge, to any person obtaining
    a  copy  of this  software  and  associated  documentation files  (the
    "Software"), to  deal in  the Software without  restriction, including
    without limitation  the rights to  use, copy, modify,  merge, publish,
    distribute,  sublicense, and/or sell  copies of  the Software,  and to
    permit persons to whom the Software  is furnished to do so, subject to
    the following conditions:

    The  above  copyright  notice  and  this permission  notice  shall  be
    included in all copies or substantial portions of the Software.

    THE  SOFTWARE IS  PROVIDED  "AS  IS", WITHOUT  WARRANTY  OF ANY  KIND,
    EXPRESS OR  IMPLIED, INCLUDING  BUT NOT LIMITED  TO THE  WARRANTIES OF
    MERCHANTABILITY,    FITNESS    FOR    A   PARTICULAR    PURPOSE    AND
    NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
    LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
    OF CONTRACT, TORT OR OTHERWISE,  ARISING FROM, OUT OF OR IN CONNECTION
    WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

    from John Resig
        jquery.js

[5]
Within the patches/systemvm/debian/config/etc/apache2 directory
    licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt
 (as above)
    Copyright (c) 2012 The Apache Software Foundation
    from The Apache Software Foundation  http://www.apache.org/
        httpd.conf
        ports.conf
        sites-available/default
        sites-available/default-ssl
        vhostexample.conf

-----------------------------------------------------
[1] - This line appears right after the text of the ASLv2
[2] - This line sets the context for where the specific files being
discussed are located
[3] - This notes the specific license in question
[4] - This is a copy of the license from the source project
[5] - This is an example of where the content is licensed via the ASLv2,
making it a simple reference to the ASLv2 copy at the top of the file.



Mime
View raw message