I just wanted to mention that this issue is now resolved. I merged Dave's changes and verified the licenses with Apache Rat.
Nice work, Dave. On Mon, Nov 23, 2015 at 1:43 PM, Dave Brondsema <[email protected]> wrote: > I've made a ticket for removing the possibly-GPL file, and all the related > code > that isn't used: https://forge-allura.apache.org/p/allura/tickets/8026/ > And > another ticket for the rest of the fixes: > https://forge-allura.apache.org/p/allura/tickets/8027/ > > The hilite.css file I did find out comes straight out of a pygments tool, > so we > know the source for that now. > > I've asked on the Apache legal discuss list what we need to do, first > response > came in right away - just make a release relatively soon and that's it. > > http://mail-archives.apache.org/mod_mbox/www-legal-discuss/201511.mbox/%3C5653532E.9060907%40apache.org%3E > > > -Dave > > On 11/20/15 3:50 PM, Roberto Galoppini wrote: > > 2015-11-20 21:44 GMT+01:00 Dave Brondsema <[email protected]>: > > > >> Back during incubation, we added the standard license header to a LOT of > >> our > >> source files. That was done in this commit: > >> > >> > https://forge-allura.apache.org/p/allura/git/ci/ddf08c46381352d02accc7a9f6d9878cfad8695b/ > >> > >> I noticed today a few .js files had that header even though they weren't > >> produced by us on the Allura team. They are 3rd-party js libraries > that we > >> copied into our repo. So I scanned & reviewed the other files from that > >> big > >> commit and found several more. Here's what I found: > >> > >> Allura/allura/lib/widgets/resources/js/jquery.file_chooser.js > >> appears to be from > >> > >> > https://code.google.com/p/video-sidebar/source/browse/trunk/[email protected]/chrome/content/file_chooser.js?r=109 > >> ?? > >> and that is GPL > >> but the FileChooser widget isn't actually used, so we could remove > it > >> > > > > We should do at least this right away. > > > > > > > >> Allura/allura/public/nf/js/pb.transformie.min.js > >> MIT license > >> Allura/allura/lib/widgets/resources/css/jquery.tagsinput.css > >> corresponding JS is MIT > >> Allura/allura/lib/widgets/resources/css/colorPicker.css > >> corresponding JS is MIT > >> Allura/allura/lib/widgets/resources/css/jqfontselector.css > >> corresponding JS is MIT > >> Allura/allura/public/nf/css/forge/hilite.css > >> from commit 86903da02f87a2aba44c33ab5a12bbe19f638c7f > >> similar looking stuff here, not sure of actual source: > >> > >> > >> > https://github.com/modocache/modocachejp/blob/master/modocachejp/static/less/codehilite.less > >> https://gist.github.com/theodox/4fefeb539f1d8ec341b0 > >> several Makefile, make.bat for sphinx > >> BSD > >> > >> > >> We'll need to double check these, update the license header within the > >> files, > >> and the corresponding LICENSE mentions. > >> > >> I am not sure if this has any impact on our previous releases, I'm > >> guessing not > >> since what's done is done, and none of these are super bad problems. > But > >> I am > >> not 100% sure. > >> > > > > How about asking Legal? I believe Sam Ruby would be the best person to > ask. > > > > Roberto > > > > > >> > >> > >> > >> -- > >> Dave Brondsema : [email protected] > >> http://www.brondsema.net : personal > >> http://www.splike.com : programming > >> <>< > >> > > > > > > -- > Dave Brondsema : [email protected] > http://www.brondsema.net : personal > http://www.splike.com : programming > <>< >
