incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <mgai...@hotmail.com>
Subject Re: Images in source code.
Date Sun, 04 Jun 2017 12:49:15 GMT
is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted
by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat.
Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <johndament@apache.org>
Sent: Saturday, June 3, 2017 9:46 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <apache.clr@gmail.com> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <james.bognar@salesforce.com>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <elserj@apache.org> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: general-help@incubator.apache.org
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> clr@apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message