There's no such thing as a 'retroactive license change', though perhaps the Tanuki-person has managed a sufficient approximation. Is there?
Once upon a time, he/they released some version of JSW under a friendly licence, and it pushed to central. The grant of that license to that version is effectively irrevocable. Subsequent versions may have different licenses, and the author might have removed the old version -- though if it was really licensed with a permissive license some other person could put it back. On Sun, Jun 12, 2011 at 11:32 AM, Mark Struberg <strub...@yahoo.de> wrote: > just an idea: what about extending the maven-release-plugin to ask for a > license if the pom doesn't contain a <license> section? > > LieGrue, > strub > > --- On Sun, 6/12/11, Robert Burrell Donkin <robertburrelldon...@gmail.com> > wrote: > >> From: Robert Burrell Donkin <robertburrelldon...@gmail.com> >> Subject: [REDUX] Java Service Wrappers (JSW) unfortunate license change >> To: "Maven Developers List" <dev@maven.apache.org> >> Date: Sunday, June 12, 2011, 3:26 PM >> (This is continuation of a thread >> from 2008[1]. It's now impacting the >> release of Apache James 3. If the topic is too far OT >> please shout ;-) >> >> >> The JSW artifacts in Maven Central [2] now seem to lack a >> public >> license (in other words, a unilateral license allowing the >> public to >> distribute and download the artifact) >> >> AFACT (please jump in if there's anything I've missed or >> misunderstood) to fix this particular problem the community >> needs to >> * Remove JSW runtime dependency from appassembler >> * Remove the artifact from maven central >> * Fork the source and release replacement artifacts with >> clean IP >> * Cut a new appassembler release >> >> My computer time is limited ATM so if any help would be >> really appreciated... >> >> >> >> In this brave new world of retroactive license changes, >> this is a good >> example of an important problem. The licenses issued by the >> original >> authority for an artifact may change over time, and the >> license which >> a downstream consumer of that artifact may rely upon may no >> longer be >> issued by the upstream authority for that artifact. This >> allows >> bait-and-switch tactics by upstream producers. To avoid >> potential >> issues in the future for downstream users and those >> operating Maven >> central, I think the Maven community needs to start >> thinking about >> this problem now. >> >> >> More specifically, reliable write-license meta-data in the >> repository >> could be used to verify at release time that the >> dependencies have >> licenses that satisfy some sort of policy. This is the sort >> of fits >> with Rat but Rat has stalled in the Incubator since >> there's no >> obvious way home after graduation. My recovery continues >> but my >> computer time is still limited. Suggestions, opinions, >> ideas and >> offers for help welcomed. >> >> (Out of time) >> >> Robert >> >> [1] http://www.mail-archive.com/dev@maven.apache.org/msg74005.html >> [2] >> http://search.maven.org/#search|gav|1|g%3A%22tanukisoft%22%20AND%20a%3A%22wrapper-delta-pack%22 >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org >> For additional commands, e-mail: dev-h...@maven.apache.org >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org > For additional commands, e-mail: dev-h...@maven.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For additional commands, e-mail: dev-h...@maven.apache.org
