That's a good question. I've discovered that images CAN contain metadata that includes ownership information. Rat could check for these. In practice though, these comment fields don't seem to be often used.
If I could add a simple "Copyright Apache" message to the metadata, I would, but the tooling is suprisingly lacking. On Sun, Jun 4, 2017 at 8:49 AM, Martin Gainty <mgai...@hotmail.com> wrote: > is there anyway to run maven-rat-plugin to make sure ASF licensed assets > are *not* being subverted by salesforce > > > http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html > > > Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur. > apache.org/rat/apache-rat-plugin/rat-mojo.html> > creadur.apache.org > apache-rat:rat. Note:This goal should be used as a Maven report. Full > name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description: > > ? > > Martin > ______________________________________________ > > > > ________________________________ > From: John D. Ament <johndam...@apache.org> > Sent: Saturday, June 3, 2017 9:46 AM > To: general@incubator.apache.org > Subject: Re: Images in source code. > > On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <apache....@gmail.com> wrote: > > > Hi James, > > > > Everything that is not explicitly called out in the top level NOTICE and > > LICENSE files are licensed under the Apache 2.0 license. > > > > Adding a file to this directory might mislead people into thinking that > > they need to perform more due diligence with other files in other > > directories. > > > > My advice is to *not* add anything. Let the images be licensed per the > > terms the top level LICENSE file. > > > > Agreed. What we do like to make sure is called out is if there is > provenance that these images came from somewhere else. If these images > were not created by you and were not already under apache license, then we > would have a concern. > > > > > > Craig > > > > > On Jun 2, 2017, at 2:20 PM, James Bognar <james.bog...@salesforce.com> > > wrote: > > > > > > Thanks! > > > > > > I haven't found a metadata editor that works yet, so I'll just add a > > > LICENSE.txt file to the directory. Hopefully that's enough. > > > > > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <els...@apache.org> wrote: > > > > > >> On 6/2/17 1:15 PM, James Bognar wrote: > > >> > > >>> I just added several png files to the source tree of our podling. I > > >>> created them myself. Are there any best-practices on how to mark > > these as > > >>> Apache licensed? > > >>> > > >>> > > >> I'm not sure of a good way to track this. I'm not sure if png supports > > >> arbitrary metadata which could be edited. Some ways I've seen used > > >> elsewhere to try to better propagate license/ownership: > > >> > > >> * Comments on the issue-tracker issue that introduced them citing > > >> origin/source (typically for images that are copied, not created) > > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course) > > >> * A README in the same directory with relevant info > > >> > > >> If the images are of the podling's creation, I wouldn't be > particularly > > >> worried. The copyright notice on your source-release and LICENSE are > > >> sufficient to inform downstream consumers. > > >> > > >> Probably not the answer you're looking for, but hope it helps :) > > >> > > >> - Josh > > >> > > >> --------------------------------------------------------------------- > > >> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > > >> For additional commands, e-mail: general-h...@incubator.apache.org > > >> > > >> > > > > > > > > > -- > > > James Bognar > > > > Craig L Russell > > c...@apache.org > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > > For additional commands, e-mail: general-h...@incubator.apache.org > > > > > -- James Bognar
