On Mon, Jun 15, 2009 at 11:24 PM, Stefano Bagnara<apa...@bago.org> wrote: > Robert Burrell Donkin ha scritto: >> On Mon, Jun 15, 2009 at 10:59 AM, Stefano Bagnara<apa...@bago.org> wrote: >>> David Jencks ha scritto: >>>> On Jun 14, 2009, at 11:06 AM, Norman Maurer wrote: >>>> >>>>> Hi guys, >>>>> >>>>> here is the VOTE for release jSPF 0.9.7. Please cast your VOTE after >>>>> review: >>>>> >>>>> http://people.apache.org/~norman/staging-repository/org/apache/james/jspf/apache-jspf/0.9.7/ >>>>> >>>> I'm confused by a few things. >>>> >>>> I'm really confused by the two LICENSE files and two NOTICE files. Not >>>> being a lawyer I think I'd have to consult one before considering using >>>> the product. I'm not sure how anyone could figure out which file >>>> applies to the product. >>> This is how most James releases are distributed. Maybe the >>> LICENSE.apache file is only needed by projects using ANT, but Robert can >>> probably give a better answer. Maybe we can remove the NOTICE.base and >>> LICENSE.apache as long as we don't have ant support. >> >> they're there because people wanted them there >> >> if no one wants them any more, i'm happy to remove them >> >>>> My understanding of apache policy is that the legal files are supposed >>>> to describe and apply to exactly what is in the artifact that contains >>>> them. I didn't do a complete search but suspect from the language that >>>> the larger LICENSE and NOTICE files also include information about >>>> dependencies such as junit that are not actually redistributed. The >>>> notice file also has some "thanks for the inspiration" notes that don't >>>> seem to me appropriate for the NOTICE file. Again, its only my >>>> impression of apache policy, but I think the NOTICE file is supposed to >>>> be as short as possible and only include the standard apache notice and >>>> anything legally required by external code that is actually included in >>>> the artifact. >>> We discussed it also on legal-discuss. THe policy is to describe ikn >>> NOTICE and LICENSE exactly what we have in each distro but most projects >>> don't do this and doing so would be a PITA, so it is acceptable to have >>> a NOTICE/LICENSE that include more that what is required. >> >> <rant> >> to my best knowledge, no committee votes have happened to change to >> this much stricter policy nor to bless my descriptive non-normative >> documentation on the apache site with policy status. some others >> vigourously disagree with this point. so, i really don't want to get >> into yet another useles flame war about what is and what is not apache >> policy :-/ >> </rant> >> >> i would agree with david that it's best to be precise and minimal but >> as far as i'm concerned the james releases are within the acceptable >> range. i'd be happy to move further towards what i think of as best >> practice if there are no longer any objections to that. > > To my knowledge there are JIRA issues for the legal team opened since a > year. If there is some sort of consensus they should be closed and all > of the apache projects should be warned about the policy because, as you > can see from a fast overview I did when I opened that issues, most of > them simply don't follow the most basic rules.
too many people now mistake guildance on best practice for policy > In order to have a correct NOTICE/LICENSE (with no superflous stuff in > it) for each package most time means having 1 for the binary, 1 for the > source distro, 1 for the remaining artifacts. I don't think it is worthy > for anyone to have to mantain such a PITA. maven is now quite close to automatically producing satisfactory releases now - robert --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
