www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marvin Humphrey <mar...@rectangular.com>
Subject Re: Simplfying requirements for LICENSE and NOTICE
Date Wed, 10 Feb 2016 00:56:19 GMT
On Tue, Feb 9, 2016 at 10:57 AM, Roy T. Fielding <fielding@gbiv.com> wrote:
> On the contrary, it is essential that software developers incorporating anything
> other than their own work have a detailed and practical understanding of exactly
> what they are required to do to comply with licensing terms.

Assembling NOTICE freeform is hardly an optimal educational experience.
It won't disadvantage anyone to skip it.

> Simplifying our own policy in such a way that it encourages developers not to
> comply with common license terms is not a solution.

I am persuaded that we have to continue supplying LICENSE and NOTICE in
their current form, with licensing and notification information "bubbled up"
from bundled dependencies.  I suppose this means that I am withdrawing the
proposal from the top of this thread.

As an alternative, I hope to explore more opportunities for programmatically
assisted generation of licensing docs from metadata.  Since Apache Whisker
exists[1], presumably no one will object to such a course of action.

> I'd rather have a hundred
> different variations on compliant NOTICE files than a single one that does not
> comply with a bundled license term.

Auditing TLP NOTICE files will reveal that many *aren't* compliant.  At the
least, they contain extraneous information, which might be legal but violates
Apache policy[2] and is the sort of thing you have gotten quite quite animated
about in the past[3].

Certainly omitting required information is more serious than supplying
extraneous information (and the Incubator handles those cases differently).
But the state of TLP NOTICE files illustrates how challenging it is for our
volunteers to discern what constitutes a "required notice".

Marvin Humphrey

[1] https://creadur.apache.org/whisker/
[2] http://www.apache.org/legal/release-policy#licensing-documentation
    "LICENSE and NOTICE MUST NOT provide unnecessary information about
    materials which are not bundled in the package, such as separately
    downloaded dependencies."
[3] http://markmail.org/message/ik3o5vl24o57lfsx
    "I am struggling to understand what is going on here. LICENSE and NOTICE
    refer to the copyrightable material in *this* package. Surely we don't
    distribute Derby and Xerces in *this* package, do we? Jetty? WTF?"

To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message