www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Dick" <michael.d.d...@gmail.com>
Subject Use of proprietary binaries
Date Fri, 21 Nov 2008 20:35:55 GMT
Hi all,

I work on the OpenJPA project and we have an issue with a compilation
dependency on an API owned by IBM.

IBM provided the API in binary format with a license that allows us to
distribute it with our application (ie OpenJPA). It's my understanding that
we are not allowed to publish the binary elsewhere though (for example we
would not be allowed to put it on my home directory on people.apache.org).

I wasn't sure how we could limit the exposure of the API, and the best
solution I  came up with was to include it in version control (SVN).

As a result anyone who extracts the source code from SVN gets a copy of the
API, and may use it to compile OpenJPA. However we do not distribute the jar
with the pre-compiled binary distributions of OpenJPA. If the API is needed
we expect it to be provided by IBM (WebSphere in this case).

I'm looking for guidance on how where we should include and document binary
dependencies like this one. Can we include a binary like this is SVN and
just add the approriate disclaimer to NOTICE.txt? Would it be better to make
the API available on openjpa.apache.org and download it from there as a part
of our build?

In case it helps the license that the jar was distributed with is available
on my people.apache.org page at

Thanks in advance,


View raw message