SebbASF created MNG-5496:
----------------------------
Summary: Fixing NOTICE and LICENSE files
Key: MNG-5496
URL: https://jira.codehaus.org/browse/MNG-5496
Project: Maven 2 & 3
Issue Type: Bug
Affects Versions: 3.1.0
Reporter: SebbASF
Priority: Blocker
The NOTICE and LICENSE files are an essential part of any release.
They need to relate to the contents of the bundle in which they are located and
it is important that they don't contain anything superfluous [1]
Each distribution artifact potentially needs its own specific N&L files.
In particular, the source and binary artifacts will generally need different
versions, as the binary often bundles additional items, for example 3rd party
jars.
However the jar files which are created from the SCM source probably can use
the same license as the source archive.
However, the existing N&L files in 3.1.0 fall short on several counts:
The source and binary NOTICE files both start as follows:
>>>>>
=========================================================================
== NOTICE file corresponding to the section 4 d of ==
== the Apache License, Version 2.0, ==
== in this case for the Apache Maven distribution. ==
=========================================================================
Apache Maven
Copyright 2001-2013 The Apache Software Foundation
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
<<<<<<<<<<<
However, the file must start as follows:
>>>>
Apache Maven
Copyright 2001-2013 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
<<<<
Note particularly that the phrase is "developed at" not "developed by"
The source NOTICE file is the same as the binary NOTICE file, yet the binary
archive contains lots of additional jars.
It looks to me as though the above 5 lines is all that are needed for the
source archive. The existing source LICENSE.txt file looks OK.
However, the binary LICENSE file makes no mention at all of any licenses for
the additional products. It should point to the licenses for each of the
additional products that are included, for example: Aether, Sisu, Plexus etc.
These licenses need to be obtained and stored in a suitable directory which is
referenced in LICENSE.txt.
[1] http://www.apache.org/dev/licensing-howto.html
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
