Hi, I’m still -1 (binding) there are also some LICENSE issues that need to be looked into.
I checked: - incubating in name - signature and hashes good - DISCLAIMER exists - LICENSE and NOTICE need some work (see below) - No unexpected binary files - A number of files are missing headers and it’s unclear how some of these are licensed - I didn’t try to compile These LICENSE files mentioned in LICENSE do not exist: - 3rdparty/tvm/dmlc-core/LICENSE - 3rdparty/tvm/nnvm/LICENSE - R-package/LICENSE - nnvm/tvm/HalideIR/LICENSE LICENSE is missing mention of: - ./docs/_static/js/clipboard.min.js (MIT licensed © Zeno Rocha) You may also want to include the non-minified code as that could be considered to being “compiled" code and could be thought of as category X. - ./julia - ./perl-package ? (unclear if this was developed at the ASF or not) - 3rdparty/openmp/LICENSE.txt - /apache-mxnet-src-1.4.0.rc0-incubating/3rdparty/mkldnn/src/cpu/xbyak/xbyak.h and other .h files in that directory - note the double headers - apache-mxnet-src-1.4.0.rc0-incubating/3rdparty/cub/test/mersenne.h And probably other files. It’s very hard to review when the copyright owners are not clearly indicated in LICENSE. It would help if all license file were placed in one directory, that way it would be easy to search if all required licenses have been included. I think a lot more work is needed on the LICENSE here for instance taking a look at one directory: 3rdparty/onnx-tensorrt With the LICENSE file containing: MIT License Copyright (c) 2018, NVIDIA CORPORATION. All rights reserved. Copyright (c) 2018 Open Neural Network Exchange However searching for license and copyright under that you can see it contains a mix of different licensed files, including MIT, BSD, Apache and at least 30 different copyright statements. I can see some of the sub-directory are also referenced but it doesn’t seem complete to me. There are lots of other files missing headers, in some cases it could be assumed that they are 3rd party files, but in some cases it is unclear. For instance: File in ./docs/_static/js/*.,js are missing headers. How are theses licensed? This files are missing headers - how are they licensed? ./src/operator/special_functions-inl.h ./src/operator/contrib/nn/deformable_im2col.cuh ./src/operator/contrib/nn/deformable_im2col.h ./src/operator/nn/im2col.cuh ./src/operator/nn/im2col.h ./src/operator/nn/pool.h It might help you if you used a tool like https://www.fossology.org to track everything a you have a large number of 3rd party licensed software from a large number of authors. Thanks, Justin --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
