just an idea: what about extending the maven-release-plugin to ask for a license if the pom doesn't contain a <license> section?
LieGrue, strub --- On Sun, 6/12/11, Robert Burrell Donkin <[email protected]> wrote: > From: Robert Burrell Donkin <[email protected]> > Subject: [REDUX] Java Service Wrappers (JSW) unfortunate license change > To: "Maven Developers List" <[email protected]> > Date: Sunday, June 12, 2011, 3:26 PM > (This is continuation of a thread > from 2008[1]. It's now impacting the > release of Apache James 3. If the topic is too far OT > please shout ;-) > > > The JSW artifacts in Maven Central [2] now seem to lack a > public > license (in other words, a unilateral license allowing the > public to > distribute and download the artifact) > > AFACT (please jump in if there's anything I've missed or > misunderstood) to fix this particular problem the community > needs to > * Remove JSW runtime dependency from appassembler > * Remove the artifact from maven central > * Fork the source and release replacement artifacts with > clean IP > * Cut a new appassembler release > > My computer time is limited ATM so if any help would be > really appreciated... > > > > In this brave new world of retroactive license changes, > this is a good > example of an important problem. The licenses issued by the > original > authority for an artifact may change over time, and the > license which > a downstream consumer of that artifact may rely upon may no > longer be > issued by the upstream authority for that artifact. This > allows > bait-and-switch tactics by upstream producers. To avoid > potential > issues in the future for downstream users and those > operating Maven > central, I think the Maven community needs to start > thinking about > this problem now. > > > More specifically, reliable write-license meta-data in the > repository > could be used to verify at release time that the > dependencies have > licenses that satisfy some sort of policy. This is the sort > of fits > with Rat but Rat has stalled in the Incubator since > there's no > obvious way home after graduation. My recovery continues > but my > computer time is still limited. Suggestions, opinions, > ideas and > offers for help welcomed. > > (Out of time) > > Robert > > [1] http://www.mail-archive.com/[email protected]/msg74005.html > [2] > http://search.maven.org/#search|gav|1|g%3A%22tanukisoft%22%20AND%20a%3A%22wrapper-delta-pack%22 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
