Thanks Justin and Matt, then we'll clean up the unbundled dependencies' licenses for our source release.
Thanks, Lionel On Fri, Apr 13, 2018 at 1:09 PM, Matt Sicker <boa...@gmail.com> wrote: > On 12 April 2018 at 22:43, Lionel Liu <lionel...@apache.org> wrote: > > > > 2. Only things that are actually bundled in the release should be > mentioned > > in LICENSE. [3][4] > > > > To my understanding, as a source release, all the dependencies are > bundled > > when it is built. > > The dependencies are not bundled in the source code, so we don't need to > > announce any dependencies' licenses in source release? > > > > The idea here is that the LICENSE file only needs to include licenses for > anything that is included in that archive file. So for instance, if you > have source files that are all developed at Apache and have dependencies > that aren't included in the source zip, then you have the most simple > distribution possible here. If you have source files that are licensed > differently (e.g., copied code from an MIT licensed library), then things > start to get complicated. As it is, your source license and notice should > be relatively minimal right now since you're not bundling external > dependencies in said source distribution. > > As for the JSON licensing issue, just take a look at the license. It says > it can't be used for evil. While amusing, that's a terrible restriction to > place on end users because it's extremely vague and violates the tenants of > free software. > > -- > Matt Sicker <boa...@gmail.com> >
