www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Inclusion of .class files within a Apache Source Release
Date Tue, 03 Jan 2017 12:10:29 GMT
On 03/01/2017 11:51, Mark Struberg wrote:
> The class file in question was added by ASF member rmannibucau under ALv2 as a >>resource<<
and not as a source file. 
> The original file of course has the ASF license header, but the 'class' resource is still
checked in to our SVN as .class file. 
> This is for testing some bytecode stuff in OpenBebBeans. We could probably later change
this to have another project module, compile it, unpack it, copy it over, blablabla. 
> But that doesn't change anything about the fact that this file is ALv2 licensed. But
since it's a binary it obviously does not have any ALv2 >>SOURCE<< header. 
> In other words: this .class file is a test resource and handled exactly the same like
a png or jpeg file.
> I don't see any legal problem.

Seems reasonable to me. I'd expect our source bundles to contain various
binary resources where we can't add a license header.

Tomcat does something similar to OpenWebBeans. In Tomcat, the .java file
used to generate the .class file is in svn along side the .class file.

I'd start to get concerned (but not from a legal PoV) if a project
included .class files (e.g. for tests) without the means to regnerate
them. My concern would be how would the project handle the case of the
class file needing modification. But that would be the project's problem
to deal with. It isn't something I'd expect to escalate outside of the

Kind regards,


> LieGrue,
> strub
>> Am 03.01.2017 um 12:45 schrieb John D. Ament <johndament@apache.org>:
>> Hi,
>> While looking at [1] and looking at a proposed Apache OpenWebBeans [2] it was discovered
that .class files were contained in the source release.  It seems in the past that image files
were generally considered OK in source releases, since they typically had to do with building
websites, the traceability of the image was easy to discover.
>> .class files are the compiled output from .java source files (as well as .groovy
and other JVM languages, depending on how you compile).  Since they are compiled output, it
seems they shouldn't be in a source release.  However, the only true policy I could find that
it violated was that we require appropriate licensing [3] and there is no way to verify the
licensing of these files.
>> So I'm wondering 1. is that accurate? and 2. is there an acceptable way to verify
that the license is correct?
>> [1]: http://www.apache.org/dev/release.html#what-must-every-release-contain
>> [2]: https://lists.apache.org/thread.html/869c739764d5d55d81199576d730d485d66df8be17ae16398dd7ca1f@%3Cdev.openwebbeans.apache.org%3E
>> [3]: http://www.apache.org/dev/release-publishing.html#valid
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org

To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message