incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pedro Giffuni <>
Subject Re: A systematic approach to IP review?
Date Mon, 19 Sep 2011 01:34:49 GMT

 Is there an updated SGA already?

 I think there will likely be a set of files of uncertain license
 that we should move to apache-extras. I am refering specifically
 to the dictionaries: Oracle might have property over some but not
 all. I propose we rescue myspell in apache-extras and put the
 dictionaries there to keep it as an alternative. I have no idea
 where to get MySpell though.

 While here, if there's still interest in maintaining the Hg
 history, seems to be a nice alternative: it's
 rather specialized in Mercurial.



 On Sun, 18 Sep 2011 20:27:05 -0400, Rob Weir <> 
> If you haven't looked it closely, it is probably worth a few minutes
> of your time to review our incubation status page, especially the
> items under "Copyright" and "Verify Distribution Rights".  It lists
> the things we need to do, including:
>  -- Check and make sure that the papers that transfer rights to the
> ASF been received. It is only necessary to transfer rights for the
> package, the core code, and any new code produced by the project.
> -- Check and make sure that the files that have been donated have 
> been
> updated to reflect the new ASF copyright.
> -- Check and make sure that for all code included with the
> distribution that is not under the Apache license, we have the right
> to combine with Apache-licensed code and redistribute.
> -- Check and make sure that all source code distributed by the 
> project
> is covered by one or more of the following approved licenses: Apache,
> BSD, Artistic, MIT/X, MIT/W3C, MPL 1.1, or something with essentially
> the same terms.
> Some of this is already going on, but it is hard to get a sense of 
> who
> is doing what and how much progress we have made.  I wonder if we can
> agree to a more systematic approach?  This will make it easier to see
> the progress we're making and it will also make it easier for others
> to help.
> Suggestions:
> 1) We need to get all files needed for the build into SVN.  Right now
> there are some that are copied down from the website
> during the build's bootstrap process.   Until we get the files all in
> one place it is hard to get a comprehensive view of our dependencies.
> 2) Continue the CWS integrations.  Along with 1) this ensures that 
> all
> the code we need for the release is in SVN.
> 3)  Files that Oracle include in their SGA need to have the Apache
> license header inserted and the Sun/Oracle copyright migrated to the
> NOTICE file.  Apache RAT (Release Audit Tool) [2] can be used to
> automate parts of this.
> 4) Once the SGA files have the Apache headers, then we can make
> regular use of RAT to report on files that are lacking an Apache
> header.  Such files might be in one of the following categories:
> a) Files that Oracle owns the copyright on and which should be
> included in an amended SGA
> b) Files that have a compatible OSS license which we are permitted to
> use.  This might require that we add a mention of it to the NOTICE
> file.
> c) Files that have an incompatible OSS license.  These need to be
> removed/replaced.
> d) Files that have an OSS license that has not yet been
> reviewed/categorized by Apache legal affairs.  In that case we need 
> to
> bring it to their attention.
> e) (Hypothetically) files that are not under an OSS license at all.
> E.g., a Microsoft header file.  These must be removed.
> 5) We should to track the resolution of each file, and do this
> publicly.  The audit trail is important.  Some ways we could do this
> might be:
> a) Track this in SVN properties.  So set ip:sga for the SGA files,
> ip:mit for files that are MIT licensed, etc.  This should be 
> reflected
> in headers as well, but this is not always possible.  For example, we
> might have binary files where we cannot add headers, or cases where
> the OSS files do not have headers, but where we can prove their
> provenance via other means.
> b) Track this is a spreadsheet, one row per file.
> c) Track this is an text log file checked in SVN
> d) Track this in an annotated script that runs RAT, where the
> annotations document the reason for cases where we tell it to ignore 
> a
> file or directory.
> 6) Iterate until we have a clean RAT report.
> 7) Goal should be for anyone today to be able to see what work 
> remains
> for IP clearance, as well as for someone 5 years from now to be able
> to tell what we did.  Tracking this on the community wiki is probably
> not good enough, since we've previously talked about dropping that
> wiki and going to MWiki.
> -Rob
> [1]
> [2]

View raw message