Steve Downey wrote:
-----Original Message-----
From: news [mailto:[EMAIL PROTECTED]]On Behalf Of Dan Diephouse
Sent: Thursday, February 06, 2003 9:52 PM
To: [EMAIL PROTECTED]
Subject: Re: [Fwd: Maven as a top-level apache project]
It is your responsibility to enforce that policy. Not maven and not the
ASF's. When you integrate JAR or any resource into your project you are
doing so delibrately. You should know where that jar originally comes
from. If you don't, ask on the developers or user's list. Someone will
gladly help. Even better, search google, I'm sure something will turn up.
- Dan Diephouse
That's just it. Maven makes it easy to NOT do it deliberately. Jars are
slipstreamed in because they are transitive dependencies. I do have the
expectation that software from the ASF is under the ASF license, with no
other restrictions.
And searching google to find out where a jar came from is just silly. There
should be documentation with the project that downloaded it. If there isn't,
it's probably a license violation, since most licenses require that the
license accompany the software, or at least acknowledge the copyright.
Agree, centipede has the same problem. Easy to download a jar without
knowing it's liscense.
Sending a license file with a jar is something that the new Jakarta
Ruper project should handle.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
