On 3/15/16 10:56 PM, Christopher Collins wrote:
On Wed, Mar 16, 2016 at 03:41:27PM +1100, Justin Mclean wrote:
Hi,
Sorry -1 binding as:
[...]
Yikes! Thanks for the thorough review, Justin.
- Contains source code (hashicorp) that is MPL licensed [2] this is not allowed
in a source release.
Darn, I failed to notice that the MPL is only valid in binary (not
source) releases. I am actually a bit confused by this; I was
under the impression that a binary releas must not contain anything
that is not included in the corresponding source release. If that is
true, then when is a "binary only" license applicable?
I think we can resolve the rest of the issues fairly easily. The MPL
issue might pose a bit of a challenge. In the meantime, I will cancel
the vote.
My understanding was - MPL binaries can be linked in to form the final
binary (and presumably included alongside the source in the
distribution), but their source must not be included, is how I read it.
I think in certain cases MPL source is allowed, and this code might
even fall under those conditions (we're not modifying it, relatively few
exposed APIs). However, reviewing what we've included, it looks
relatively small and easy to engineer out. It is some log filtering
code, and an unused configuration format that was supported by viper.
Sterling