David Jencks ha scritto:
Thinking about the situation a little more....
the normal maven generated artifacts (jar, source, javadoc jars) can
get the m-r-r-p generated legal files as they include what maven
expects from these artifacts
On the other hand, you need to have hardcoded LICENSE and NOTICE files
in svn at the expected checkout root that apply to everything in the
checkout. Since you have the maven repo in the checkout, you have to
include all the legal goo for everything in the repo in those LICENSE
and NOTICE files; thus they will also be suitable for the distro
zip/tar.gzs.
Does that make sense?
This wouldn't solve the binary zip distribution: it includes and
redistribute the runtime dependencies.
We would need another LICENSE/NOTICE tuple for it :-(
We don't need the m-r-r-p at all if the LICENSE/NOTICE file that we want
to include there does not include depdencies because all of our products
(JAMES PMC) do not include non ASF code in the main binary jar. So no
need to use a complex autogenerated tuple to simply add 2 static simple
files.
I'm still for a single LICENSE/NOTICE including everything
(build/test/runtime dependencies) and used even in the jar only: this
makes life less easy for users but I think this is the best "compromise"
to be sure we comply to legal requirements and we don't waste our time
with plenty of different LICENSE/NOTICE files for each use case.
Furthermore, from a user perspective I find it more useful to read once
single LICENSE/NOTICE and understand what all the dependencies are and
what are their license/requirements instead of seeing that the jar alone
does not have requirements and then having to manually download the
runtime dependencies and check their license one by one.
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
