Re: Please Help Fix MXNet Licensing Issues for the next Release!

[Meghna Baijal]

Henri,
Thanks for the detailed information,
Based on your review and the comments on the general VOTE thread, I have
made some changes to the top level LICENSE file in this PR
.

The final changes to the LICENSE file can be summarized as follows -

1. I have reverted commit 8930d96 (PR #9484)

2. Revisited some comments from previous release which are now relevant and
made appropriate changes - based on points 8-11 and 13 to 19 in this wiki,
section E


3. Ran a fresh search for dependencies with a separate license and added
the missing ones to the LICENSE file.

4. Reviewed the Apache Policy and confirmed to the best of my understanding
the LICENSE file complies with the guidelines.


Please let me know if there are any other major issues in this file or any
other issue that should be addressed. I want to be sure I fix these before
the next RC is created.


Thanks,

Meghna Baijal

On Thu, Feb 1, 2018 at 9:58 AM, Hen  wrote:

> I think we should revert the license file to the previous, and improve from
> there. The policy is:
>
> "The LICENSE file MUST contain the full text of the Apache License 2.0
> .
>
> When a package bundles code under several licenses, the LICENSE file MUST
> contain details of all these licenses. For each component which is not
> Apache licensed, details of the component MUST be appended to the LICENSE
> file.
> The component license itself MUST either be appended or else stored
> elsewhere in the package with a pointer to it from the LICENSE file, e.g.
> if the license is long."
>
> Looking at Justin's feedback linked on the wiki page, his objection was
> missing items in the license file.
>
> I know there was a suggestion to remove the listing of components to make
> it harder to have missing items, but that shouldn't mean removing license
> text. If two components don't have exactly the same license text then they
> are not the same license. Most commonly nowadays that means that you can't
> merge BSD licenses together, and sometimes can't merge MIT together
> (depending on variants and how you handle the copyright statements).
>
> Hen
>
> On Tue, Jan 30, 2018 at 2:42 PM, Meghna Baijal  >
> wrote:
>
> > Hello Henri,
> >
> > Thank you for your review.
> > As I have detailed in this PR
> > , the previous
> > version
> > of the LICENSE file contained a list of packages which were using the BSD
> > license (based on the license text), along with the whole content of the
> > actual license (Warp-CTC, Caffe, Cub, Sphinx etc). Since it was decided
> to
> > remove this list, to be safe, I left one copy of the BSD license text in
> > there. I agree this might not be the right way of doing it and would be
> > happy to fix it.
> >
> > However, there has been a lot of back and forth on this top level LICENSE
> > and NOTICE file and it would be great if you could help me understand the
> > Apache policy correctly and fix these appropriately.
> >
> > Thanks,
> > Meghna Baijal
> >
> >
> >
> >
> > On Mon, Jan 29, 2018 at 7:54 PM, Hen  wrote:
> >
> > > The last paragraph of the LICENSE looks suspect. I doubt we've taken
> code
> > > from the BSD project. I would suggest deleting that last paragraph.
> > >
> > > With MIT and BSD licenses you do have to be careful that the text of
> each
> > > is the same. Each term is often used for a family of related licenses.
> > >
> > > Additionally each of MIT and BSD typically has a Copyright
> > > statement accompanying it. If the rules say to remove that from
> LICENSE,
> > > then we should be adding it to the NOTICE.
> > >
> > > Hen
> > >
> > >
> > > On Wed, Jan 24, 2018 at 5:07 PM, Meghna Baijal <
> > meghnabaijal2...@gmail.com
> > > >
> > > wrote:
> > >
> > > > Marco,
> > > > Thanks a lot for looking through this ! Some comments below -
> > > >
> > > >1. *R-package:* Before we create the final tarball for the
> release,
> > > the
> > > >R-package is explicitly removed from the cloned MXNet repo. The
> only
> > > > info I
> > > >have in this regard is that “there are some unresolved licensing
> > > issues
> > > > in
> > > >this package and cannot be released”.
> > > >2. *Dockerfiles:* You can refer to this PR for details
> > > >https://github.com/apache/incubator-mxnet/pull/9500. I plan to
> > handle
> > > >this differently next time.
> > > >3. *perl-package*: There were some copyright issues in the past
> with
> > > >this folder. I just excluded it to be on the safer side, but I
> think
> > > it
> > > >should be ok to add the ASF header here.
> > > >4. *docs/** - Yes, agreed. I will add the licenses where needed
> but
> > I
> > > >still think its safer to exclude the folder as a whole from the
> RAT
> > > > check.
> 

Re: Please Help Fix MXNet Licensing Issues for the next Release!

[Hen]

The last paragraph of the LICENSE looks suspect. I doubt we've taken code
from the BSD project. I would suggest deleting that last paragraph.

With MIT and BSD licenses you do have to be careful that the text of each
is the same. Each term is often used for a family of related licenses.

Additionally each of MIT and BSD typically has a Copyright
statement accompanying it. If the rules say to remove that from LICENSE,
then we should be adding it to the NOTICE.

Hen


On Wed, Jan 24, 2018 at 5:07 PM, Meghna Baijal 
wrote:

> Marco,
> Thanks a lot for looking through this ! Some comments below -
>
>1. *R-package:* Before we create the final tarball for the release, the
>R-package is explicitly removed from the cloned MXNet repo. The only
> info I
>have in this regard is that “there are some unresolved licensing issues
> in
>this package and cannot be released”.
>2. *Dockerfiles:* You can refer to this PR for details
>https://github.com/apache/incubator-mxnet/pull/9500. I plan to handle
>this differently next time.
>3. *perl-package*: There were some copyright issues in the past with
>this folder. I just excluded it to be on the safer side, but I think it
>should be ok to add the ASF header here.
>4. *docs/** - Yes, agreed. I will add the licenses where needed but I
>still think its safer to exclude the folder as a whole from the RAT
> check.
>5. *CODEOWNERS* - agreed, will add to the list of excluded files.
>6. *appveyor.yml:* Is this file relevant anymore? I will add a license
>anyway.
>7. *tests/ci_build/pylintrc:* ok
>8. *example/image-classification/predict-cpp/image-
> classification-predict.cc
>* - yes, mutiple opinions on this
> one
>during the voting process too.
>9. *gradle-wrapper *- yes, I remember that one too. I am hoping for some
>suggestion on how this can be handled without breaking anything.
>
> Best,
> Meghna
>
> On Wed, Jan 24, 2018 at 4:47 PM, Marco de Abreu <
> marco.g.ab...@googlemail.com> wrote:
>
> > Hi Meghna,
> >
> > thank you for driving the licensing issues!
> >
> > - R-package: In the linked wiki, you're mentioning that R-package is not
> a
> > part of the release. Could you please elaborate? From my understand, all
> > files in the GitHub repository are part of the release.
> > - Dockerfiles: I just checked another Apache-project [1] and it seems
> like
> > they are successfully applying the license to dockerfiles. Do you see any
> > issues in doing so?
> > - perl-package: Same as R-package
> > - docs/*: Just my personal opinion, but I agree that it might not be a
> good
> > idea to have the license inside every file as some of them are directly
> > getting sent out. But we have some shell-scripts inside this directory,
> so
> > they'll need proper licensing.
> > - CODEOWNERS: This is a setting file got our GitHub repository and not
> part
> > of the release or the software itself. Thus I'd say that there's no need
> > for a license - especially considering that the content itself has no
> > value.
> > - appveyor.yml: I'd treat this like the Jenkinsfile and apply a license.
> > - tests/ci_build/pylintrc: I'd add a license
> > - example/image-classification/predict-cpp/image-
> > classification-predict.cc:
> > It seems like Mu has had issues with the licensing of this file in the
> > past. Maybe consult him
> > - gradle-wrapper: I don't have a link, but I'm very sure that there was a
> > discussion regarding this jar-file during the last release.
> >
> > Anybody, please feel free to correct me if I made a wrong assumption.
> >
> > Best regards,
> > Marco
> >
> > [1]: https://github.com/apache/bookkeeper/blob/master/docker/Dockerfile
> >
> > On Wed, Jan 24, 2018 at 4:27 PM, Meghna Baijal <
> meghnabaijal2...@gmail.com
> > >
> > wrote:
> >
> > > Hello,
> > >
> > > This is an update on the current status of the license fixes (all
> details
> > > in the wiki linked below)–
> > >
> > >1. I am constantly updating this wiki, so you can check it at any
> time
> > >to know the status -
> > >https://cwiki.apache.org/confluence/display/MXNET/
> > MXNet+Source+Licenses
> > >2. All 7 PRs have been merged however if anyone has any comments on
> > >these changes please let me know.
> > >3. There are still 6-7 files that do not have a license and are
> > failing
> > >the RAT check. These are files I was not entirely confident about
> > > adding an
> > >apache header to.
> > >4. There is a list of file formats, files and directories that have
> > >currently been excluded from the RAT check. I have mentioned the
> exact
> > >reason for adding these to this list in the wiki. However, this list
> > > needs
> > >to be reviewed and validated.
> > >
> > >
> > > *Coming Up Later –*
> > >
> > > *1. *Once points 3 and 4 above have been fixed, I will set up a RAT job
> > in
> > > CI which will run a nightly check 

Re: Please Help Fix MXNet Licensing Issues for the next Release!

[Meghna Baijal]

Marco,
Thanks a lot for looking through this ! Some comments below -

   1. *R-package:* Before we create the final tarball for the release, the
   R-package is explicitly removed from the cloned MXNet repo. The only info I
   have in this regard is that “there are some unresolved licensing issues in
   this package and cannot be released”.
   2. *Dockerfiles:* You can refer to this PR for details
   https://github.com/apache/incubator-mxnet/pull/9500. I plan to handle
   this differently next time.
   3. *perl-package*: There were some copyright issues in the past with
   this folder. I just excluded it to be on the safer side, but I think it
   should be ok to add the ASF header here.
   4. *docs/** - Yes, agreed. I will add the licenses where needed but I
   still think its safer to exclude the folder as a whole from the RAT check.
   5. *CODEOWNERS* - agreed, will add to the list of excluded files.
   6. *appveyor.yml:* Is this file relevant anymore? I will add a license
   anyway.
   7. *tests/ci_build/pylintrc:* ok
   8. *example/image-classification/predict-cpp/image-classification-predict.cc
   * - yes, mutiple opinions on this one
   during the voting process too.
   9. *gradle-wrapper *- yes, I remember that one too. I am hoping for some
   suggestion on how this can be handled without breaking anything.

Best,
Meghna

On Wed, Jan 24, 2018 at 4:47 PM, Marco de Abreu <
marco.g.ab...@googlemail.com> wrote:

> Hi Meghna,
>
> thank you for driving the licensing issues!
>
> - R-package: In the linked wiki, you're mentioning that R-package is not a
> part of the release. Could you please elaborate? From my understand, all
> files in the GitHub repository are part of the release.
> - Dockerfiles: I just checked another Apache-project [1] and it seems like
> they are successfully applying the license to dockerfiles. Do you see any
> issues in doing so?
> - perl-package: Same as R-package
> - docs/*: Just my personal opinion, but I agree that it might not be a good
> idea to have the license inside every file as some of them are directly
> getting sent out. But we have some shell-scripts inside this directory, so
> they'll need proper licensing.
> - CODEOWNERS: This is a setting file got our GitHub repository and not part
> of the release or the software itself. Thus I'd say that there's no need
> for a license - especially considering that the content itself has no
> value.
> - appveyor.yml: I'd treat this like the Jenkinsfile and apply a license.
> - tests/ci_build/pylintrc: I'd add a license
> - example/image-classification/predict-cpp/image-
> classification-predict.cc:
> It seems like Mu has had issues with the licensing of this file in the
> past. Maybe consult him
> - gradle-wrapper: I don't have a link, but I'm very sure that there was a
> discussion regarding this jar-file during the last release.
>
> Anybody, please feel free to correct me if I made a wrong assumption.
>
> Best regards,
> Marco
>
> [1]: https://github.com/apache/bookkeeper/blob/master/docker/Dockerfile
>
> On Wed, Jan 24, 2018 at 4:27 PM, Meghna Baijal  >
> wrote:
>
> > Hello,
> >
> > This is an update on the current status of the license fixes (all details
> > in the wiki linked below)–
> >
> >1. I am constantly updating this wiki, so you can check it at any time
> >to know the status -
> >https://cwiki.apache.org/confluence/display/MXNET/
> MXNet+Source+Licenses
> >2. All 7 PRs have been merged however if anyone has any comments on
> >these changes please let me know.
> >3. There are still 6-7 files that do not have a license and are
> failing
> >the RAT check. These are files I was not entirely confident about
> > adding an
> >apache header to.
> >4. There is a list of file formats, files and directories that have
> >currently been excluded from the RAT check. I have mentioned the exact
> >reason for adding these to this list in the wiki. However, this list
> > needs
> >to be reviewed and validated.
> >
> >
> > *Coming Up Later –*
> >
> > *1. *Once points 3 and 4 above have been fixed, I will set up a RAT job
> in
> > CI which will run a nightly check (This is currently being run in a local
> > Jenkins setup)
> >
> > 2. I will also add a rat-excludes file to the mxnet repo so that anyone
> can
> > run a RAT check locally to check the licenses.
> >
> >
> > I am still looking for the MXNet community and the Mentors to review the
> > open questions in the wiki and help me resolve these before the upcoming
> > release!
> >
> >
> > Thank you,
> >
> > Meghna Baijal
> >
> >
> >
> > On Thu, Jan 18, 2018 at 9:14 PM, Meghna Baijal <
> meghnabaijal2...@gmail.com
> > >
> > wrote:
> >
> > > Hello All!
> > >
> > > I am currently attempting to fix the licensing issues in MXNet. These
> are
> > > being tracked in this wiki -
> > >
> > > *https://cwiki.apache.org/confluence/display/MXNET/
> MXNet+Source+Licenses
> > > 

Re: Please Help Fix MXNet Licensing Issues for the next Release!

[Marco de Abreu]

Hi Meghna,

thank you for driving the licensing issues!

- R-package: In the linked wiki, you're mentioning that R-package is not a
part of the release. Could you please elaborate? From my understand, all
files in the GitHub repository are part of the release.
- Dockerfiles: I just checked another Apache-project [1] and it seems like
they are successfully applying the license to dockerfiles. Do you see any
issues in doing so?
- perl-package: Same as R-package
- docs/*: Just my personal opinion, but I agree that it might not be a good
idea to have the license inside every file as some of them are directly
getting sent out. But we have some shell-scripts inside this directory, so
they'll need proper licensing.
- CODEOWNERS: This is a setting file got our GitHub repository and not part
of the release or the software itself. Thus I'd say that there's no need
for a license - especially considering that the content itself has no value.
- appveyor.yml: I'd treat this like the Jenkinsfile and apply a license.
- tests/ci_build/pylintrc: I'd add a license
- example/image-classification/predict-cpp/image-classification-predict.cc:
It seems like Mu has had issues with the licensing of this file in the
past. Maybe consult him
- gradle-wrapper: I don't have a link, but I'm very sure that there was a
discussion regarding this jar-file during the last release.

Anybody, please feel free to correct me if I made a wrong assumption.

Best regards,
Marco

[1]: https://github.com/apache/bookkeeper/blob/master/docker/Dockerfile

On Wed, Jan 24, 2018 at 4:27 PM, Meghna Baijal 
wrote:

> Hello,
>
> This is an update on the current status of the license fixes (all details
> in the wiki linked below)–
>
>1. I am constantly updating this wiki, so you can check it at any time
>to know the status -
>https://cwiki.apache.org/confluence/display/MXNET/MXNet+Source+Licenses
>2. All 7 PRs have been merged however if anyone has any comments on
>these changes please let me know.
>3. There are still 6-7 files that do not have a license and are failing
>the RAT check. These are files I was not entirely confident about
> adding an
>apache header to.
>4. There is a list of file formats, files and directories that have
>currently been excluded from the RAT check. I have mentioned the exact
>reason for adding these to this list in the wiki. However, this list
> needs
>to be reviewed and validated.
>
>
> *Coming Up Later –*
>
> *1. *Once points 3 and 4 above have been fixed, I will set up a RAT job in
> CI which will run a nightly check (This is currently being run in a local
> Jenkins setup)
>
> 2. I will also add a rat-excludes file to the mxnet repo so that anyone can
> run a RAT check locally to check the licenses.
>
>
> I am still looking for the MXNet community and the Mentors to review the
> open questions in the wiki and help me resolve these before the upcoming
> release!
>
>
> Thank you,
>
> Meghna Baijal
>
>
>
> On Thu, Jan 18, 2018 at 9:14 PM, Meghna Baijal  >
> wrote:
>
> > Hello All!
> >
> > I am currently attempting to fix the licensing issues in MXNet. These are
> > being tracked in this wiki -
> >
> > *https://cwiki.apache.org/confluence/display/MXNET/MXNet+Source+Licenses
> >  >*
> >
> > You can follow the links in this wiki to find the following details -
> > 1. Links to relevant email threads which point the license issues out.
> > 2. Links to Github Issues created based on these emails.
> > 3. Apache pages which details the licensing policies.
> > 4. *The PRs created to fix these issues.* (These need review and all help
> > is welcome!)
> > 5. A table to track the high level issues and their progress.
> > 6. And a list of open *issues/questions/doubts/concerns* that need some
> > answers.
> >
> > I would appreciate any comments/ feedback/ suggestions from the community
> > regarding this work and it would be particularly helpful if you could
> > help review and validate the PRs and other planned changes.
> >
> > This is still a work in progress and there are a few files/folders that
> > are currently excluded from the Apache RAT checks. Also, there are around
> > 30 files that are still failing Apache RAT check (both lists are in the
> > wiki). If you know how to fix any of these remaining issues, please let
> me
> > know or even better create a PR!
> >
> > Do let me know if I can provide more details on any of the points.
> >
> > Thanks,
> > Meghna Baijal
> >
>

Re: Please Help Fix MXNet Licensing Issues for the next Release!

[Meghna Baijal]

Hello,

This is an update on the current status of the license fixes (all details
in the wiki linked below)–

   1. I am constantly updating this wiki, so you can check it at any time
   to know the status -
   https://cwiki.apache.org/confluence/display/MXNET/MXNet+Source+Licenses
   2. All 7 PRs have been merged however if anyone has any comments on
   these changes please let me know.
   3. There are still 6-7 files that do not have a license and are failing
   the RAT check. These are files I was not entirely confident about adding an
   apache header to.
   4. There is a list of file formats, files and directories that have
   currently been excluded from the RAT check. I have mentioned the exact
   reason for adding these to this list in the wiki. However, this list needs
   to be reviewed and validated.


*Coming Up Later –*

*1. *Once points 3 and 4 above have been fixed, I will set up a RAT job in
CI which will run a nightly check (This is currently being run in a local
Jenkins setup)

2. I will also add a rat-excludes file to the mxnet repo so that anyone can
run a RAT check locally to check the licenses.


I am still looking for the MXNet community and the Mentors to review the
open questions in the wiki and help me resolve these before the upcoming
release!


Thank you,

Meghna Baijal



On Thu, Jan 18, 2018 at 9:14 PM, Meghna Baijal 
wrote:

> Hello All!
>
> I am currently attempting to fix the licensing issues in MXNet. These are
> being tracked in this wiki -
>
> *https://cwiki.apache.org/confluence/display/MXNET/MXNet+Source+Licenses
> *
>
> You can follow the links in this wiki to find the following details -
> 1. Links to relevant email threads which point the license issues out.
> 2. Links to Github Issues created based on these emails.
> 3. Apache pages which details the licensing policies.
> 4. *The PRs created to fix these issues.* (These need review and all help
> is welcome!)
> 5. A table to track the high level issues and their progress.
> 6. And a list of open *issues/questions/doubts/concerns* that need some
> answers.
>
> I would appreciate any comments/ feedback/ suggestions from the community
> regarding this work and it would be particularly helpful if you could
> help review and validate the PRs and other planned changes.
>
> This is still a work in progress and there are a few files/folders that
> are currently excluded from the Apache RAT checks. Also, there are around
> 30 files that are still failing Apache RAT check (both lists are in the
> wiki). If you know how to fix any of these remaining issues, please let me
> know or even better create a PR!
>
> Do let me know if I can provide more details on any of the points.
>
> Thanks,
> Meghna Baijal
>

Please Help Fix MXNet Licensing Issues for the next Release!

[Meghna Baijal]

Hello All!

I am currently attempting to fix the licensing issues in MXNet. These are
being tracked in this wiki -

*https://cwiki.apache.org/confluence/display/MXNET/MXNet+Source+Licenses
*

You can follow the links in this wiki to find the following details -
1. Links to relevant email threads which point the license issues out.
2. Links to Github Issues created based on these emails.
3. Apache pages which details the licensing policies.
4. *The PRs created to fix these issues.* (These need review and all help
is welcome!)
5. A table to track the high level issues and their progress.
6. And a list of open *issues/questions/doubts/concerns* that need some
answers.

I would appreciate any comments/ feedback/ suggestions from the community
regarding this work and it would be particularly helpful if you could help
review and validate the PRs and other planned changes.

This is still a work in progress and there are a few files/folders that are
currently excluded from the Apache RAT checks. Also, there are around 30
files that are still failing Apache RAT check (both lists are in the wiki).
If you know how to fix any of these remaining issues, please let me know or
even better create a PR!

Do let me know if I can provide more details on any of the points.

Thanks,
Meghna Baijal