incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Nalley <>
Subject Re: Binary dependencies
Date Wed, 08 Aug 2012 18:21:07 GMT
On Wed, Aug 8, 2012 at 2:13 PM, Chip Childers <> wrote:
> David (All),
> I'm working through the list on the wiki [1], and have noticed some
> interesting differences between the listed license type and the
> license included in the JAR that the deps-ctrl branch pulls in.
> Examples:
> JavaMail is listed on the wiki page as being the dual GPL/CDDL license
> type.  The download [2] only lists CDDLv1 in it's embedded LICENSE
> file.
> JUnit is listed on the wiki page as being Common Public License.  The
> download [3] has BSD.  Yet the JUnit project site [4] lists it as CPL.
> This presents us with two interesting questions:
> 1 - Should we proceed with incorporating the build changes that David
> made in the deps-ctrl branch?  If not (which might be tied to the
> desire to use Maven instead of this custom Ant dependency download
> process), then how do we go about getting that done in the short term
> (for our 4.0 release)?

Well the deps-ctrl work is still a WIP - hopefully it will soon be
done. This is a stopgap quite honestly. I don't know anything about
maven or gradle, and while this inelegant and ugly, it works and is
relatively fast to iterate through.

> 2 - Assuming that *some* solution for dependency downloads is
> achieved, do we assume that the license contained within the download
> is authoritative?  I'm pretty sure the answer is yes, but that leads
> to a followup question: Do do we note the source download location in
> the NOTICE file and the more easily found project homepage?

So interesting problem
So my reading of this:

suggests to me that we don't need to add anything to the notice file
that we aren't shipping. (this likely means a separate notice file for
the convenience build) If we actually get rid of all of the jars in a
timely manner, that should make the source notice easy. But if we are
actually shipping code then the license contained by the code is


> Example:
> This product includes JavaMail(TM) API Reference Implementation
> (, obtained
> from
> The "obtained from" part is the non-standard portion.
> -chip
> [1]
> [2]
> [3]
> [4]

View raw message