One thing that might be worth considering if we go this way is to leverage the maven plugin that has been written for the generation of those legal files. The maven-remote-resources-plugin is used in most Apache projects i've dealt with.
On Mon, Oct 12, 2009 at 14:46, Felix Meschberger <fmesc...@gmail.com> wrote: > Hi, > > Thanks for bringing this up (again). The problem I have had for some > time now, is that our NOTICE files are not really consistent with the > legal intent of the NOTICE files. > > Basically, the NOTICE files are part of the legal setup of Apache > products. As such they have have a fixed predefined header: > > Apache [PRODUCT_NAME] > Copyright [yyyy] The Apache Software Foundation > > This product includes software developed at > The Apache Software Foundation (http://www.apache.org/). > > This includes everything we might pack from other Apache projects. > > For third party stuff included we have two options: > > * attribution is required: add this to the NOTICE file > * attribution not required: do not add > > Point is that the NOTICE file is not the place for courtesy -- it is the > place for legal requirements (and it is referred to by the LICENSE text > when it comes to redistributing ASF works). > > Our full freedom to attribute to everything that we need, use, include > etc. is the README file: > > * some project description > * some documentation links > * issue tracking links > * .... more .... > > Using the README file we might even distinguish between souce and binary > and collective releases. > > Therefore I propose: > > * we turn your prooposed NOTICE structure into a proposed structure > for README files and be more verbose with respect to differences > of source and binary distributions. > > * limit the contents of the NOTICE file to the bare legal minimum. > > Regards > Felix > > [1] http://www.apache.org/legal/src-headers.html#notice > > Richard S. Hall schrieb: >> After reviewing the latest framework and HTTP Service releases, I >> realize that pretty much all of our projects both "include" and "use" >> Apache developed software (if nothing else, all projects depend on Maven >> to build). It seems silly to list Apache under both "include" and "use", >> especially since the main point of the NOTICE file is for third-party >> notices. >> >> I want to propose that we change our NOTICE file template to factor out >> the Apache notice at the top and only use the remaining sections for >> third-party notices; for example, here is a new NOTICE file for framework: >> >> Apache Felix Framework >> Copyright 2009 The Apache Software Foundation >> >> This project was developed at the Apache Software Foundation >> (http://www.apache.org) and may have dependencies on other >> Apache projects licensed under Apache License 2.0. >> >> I. Included Third-Party Software >> >> This product includes software developed at >> The OSGi Alliance (http://www.osgi.org/). >> Copyright (c) OSGi Alliance (2000, 2009). >> Licensed under the Apache License 2.0. >> >> II. Used Third-Party Software >> >> This product uses software developed at >> The OSGi Alliance (http://www.osgi.org/). >> Copyright (c) OSGi Alliance (2000, 2009). >> Licensed under the Apache License 2.0. >> >> This product uses software developed at >> The Codehaus (http://www.codehaus.org) >> Licensed under the Apache License 2.0. >> >> III. Overall License Summary >> - Apache License 2.0 >> >> To be clear, the new boilerplate would be: >> >> Apache Felix AAA >> Copyright 2009 The Apache Software Foundation >> >> This software was developed at the Apache Software Foundation >> (http://www.apache.org) and may have dependencies on other >> Apache software licensed under Apache License 2.0. >> >> I. Included Third-Party Software >> >> BBB >> >> II. Used Third-Party Software >> >> CCC >> >> III. Overall License Summary >> - Apache License 2.0 >> - DDD >> >> Where BBB and CCC would only reference third-party dependencies and DDD >> would list their licenses. >> >> What do you think? >> >> -> richard >> > -- Cheers, Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/ ------------------------ Open Source SOA http://fusesource.com
