[
https://issues.apache.org/jira/browse/JAMES-1269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13050436#comment-13050436
]
Robert Burrell Donkin commented on JAMES-1269:
----------------------------------------------
I have a appointment with the physio and don't expect to be back until later
this evening, so I'll outline what I'm doing. Take a look at the commit record
for more details.
The LICENSE and NOTICE distributed with the binary need to be quite different.
So, I've add version to the source:
container-spring/src/main/licensing/license-for-binary.txt
container-spring/src/main/licensing/notice-for-binary.txt
Maven is missing a lot of the provenance meta-data required. I'm reviewing and
auditing a group of dependent jars from an upstream vendor. (In some cases,
this means finding and download the original release then verifying checksums
see spring sections for details.) Next check that the license is okay. Then
updating
src/main/appended-resources/supplemental-models.xml
with just the missing information. Then adding licensing details to LICENSE. If
the LICENSE requires additions to NOTICE, I add them but try to keep the NOTICE
clean.
> Create a correct NOTICE/LICENSE files for the spring binary artifact
> (currently having bad contents)
> ----------------------------------------------------------------------------------------------------
>
> Key: JAMES-1269
> URL: https://issues.apache.org/jira/browse/JAMES-1269
> Project: JAMES Server
> Issue Type: Bug
> Affects Versions: 3.0-M2
> Reporter: Stefano Bagnara
> Priority: Blocker
> Fix For: 3.0-beta1
>
> Attachments: DEPENDENCIES
>
>
> Our first attempt to release beta1 didn't include a LICENSE/NOTICE at all.
> Current trunk includes a plain LICENSE/NOTICE tuple with just ASF
> "references".
> We have to reintroduce complete LICENSE/NOTICE files in the binary
> distribution as we include third party dependencies in that package.
> Subtask: we have to make sure we correctly document the way JSW artifacts are
> included and what their license is (and the fact that appassembler doesn't
> include licensing informations about itself and the JSW content they took
> from the tanuki wrapper).
> I uploaded the tanuki wrapper version 3.2.3 I obtained under the MIT license
> here:
> http://people.apache.org/~bago/third-party/
> I compared the content of "my" wrapper with the content in the
> "org\codehaus\mojo\appassembler\daemon\jsw" folder inside the
> org.codehaus.mojo/appassembler-maven-plugin-1.0.jar maven plugin (the files
> our build process includes in the binary) and they are bitwise identical.
> So we have to review the lib folder from the current trunk and make sure we
> correclty identify LICENSE/NOTICE requirement for them (for sure we have to
> add the MIT licensing for the tanuki wrapper code we include, but probably we
> have other artifacts to be attributed to the copyright holders and the
> respective licenses under we redistribute them).
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
