Images in source code.

[James Bognar <ja...@apache.org>]

I just added several png files to the source tree of our podling.  I
created them myself.  Are there any best-practices on how to mark these as
Apache licensed?

Re: Images in source code.

[Mark Thomas <ma...@apache.org>]

On 02/06/2017 22:20, James Bognar wrote:
> Thanks!
> 
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.

That is more than is necessary. It might even cause confusion at some
point in the future. I would recommend against doing that. The concern
is that folks have a tendency to attempt to reverse engineer ASF policy
from what they see other projects do which leads them to assume all
sorts of things are required when they are not. That in turn can consume
effort that could have been better spent on other things.

Any file in the project's source tree is ALv2 licensed unless explicitly
called out otherwise in the LICENSE file at the root of the source tree.

Where we can add a header to a file we do, but if we can't (easily),
then we don't and that is fine.

Mark


> 
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> 
>> On 6/2/17 1:15 PM, James Bognar wrote:
>>
>>> I just added several png files to the source tree of our podling.  I
>>> created them myself.  Are there any best-practices on how to mark these as
>>> Apache licensed?
>>>
>>>
>> I'm not sure of a good way to track this. I'm not sure if png supports
>> arbitrary metadata which could be edited. Some ways I've seen used
>> elsewhere to try to better propagate license/ownership:
>>
>> * Comments on the issue-tracker issue that introduced them citing
>> origin/source (typically for images that are copied, not created)
>> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
>> * A README in the same directory with relevant info
>>
>> If the images are of the podling's creation, I wouldn't be particularly
>> worried. The copyright notice on your source-release and LICENSE are
>> sufficient to inform downstream consumers.
>>
>> Probably not the answer you're looking for, but hope it helps :)
>>
>> - Josh
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
>> For additional commands, e-mail: general-help@incubator.apache.org
>>
>>
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[Josh Elser <el...@apache.org>]

Agreed. If I wasn't clear the first time, I did not mean to suggest to 
add a file named LICENSE* in the same directory as the images.

This would be confusing for the reason Ted also mentioned. I concur with 
his suggestion of "README" :)

On 6/2/17 6:16 PM, Ted Dunning wrote:
> I think a README would be a better name for the explanatory file.
> 
> 
> 
> On Fri, Jun 2, 2017 at 11:20 PM, James Bognar <ja...@salesforce.com>
> wrote:
> 
>> Thanks!
>>
>> I haven't found a metadata editor that works yet, so I'll just add a
>> LICENSE.txt file to the directory.  Hopefully that's enough.
>>
>> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
>>
>>> On 6/2/17 1:15 PM, James Bognar wrote:
>>>
>>>> I just added several png files to the source tree of our podling.  I
>>>> created them myself.  Are there any best-practices on how to mark these
>> as
>>>> Apache licensed?
>>>>
>>>>
>>> I'm not sure of a good way to track this. I'm not sure if png supports
>>> arbitrary metadata which could be edited. Some ways I've seen used
>>> elsewhere to try to better propagate license/ownership:
>>>
>>> * Comments on the issue-tracker issue that introduced them citing
>>> origin/source (typically for images that are copied, not created)
>>> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
>>> * A README in the same directory with relevant info
>>>
>>> If the images are of the podling's creation, I wouldn't be particularly
>>> worried. The copyright notice on your source-release and LICENSE are
>>> sufficient to inform downstream consumers.
>>>
>>> Probably not the answer you're looking for, but hope it helps :)
>>>
>>> - Josh
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
>>> For additional commands, e-mail: general-help@incubator.apache.org
>>>
>>>
>>
>>
>> --
>> James Bognar
>>
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[Ted Dunning <te...@gmail.com>]

I think a README would be a better name for the explanatory file.



On Fri, Jun 2, 2017 at 11:20 PM, James Bognar <ja...@salesforce.com>
wrote:

> Thanks!
>
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.
>
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
>
> > On 6/2/17 1:15 PM, James Bognar wrote:
> >
> >> I just added several png files to the source tree of our podling.  I
> >> created them myself.  Are there any best-practices on how to mark these
> as
> >> Apache licensed?
> >>
> >>
> > I'm not sure of a good way to track this. I'm not sure if png supports
> > arbitrary metadata which could be edited. Some ways I've seen used
> > elsewhere to try to better propagate license/ownership:
> >
> > * Comments on the issue-tracker issue that introduced them citing
> > origin/source (typically for images that are copied, not created)
> > * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > * A README in the same directory with relevant info
> >
> > If the images are of the podling's creation, I wouldn't be particularly
> > worried. The copyright notice on your source-release and LICENSE are
> > sufficient to inform downstream consumers.
> >
> > Probably not the answer you're looking for, but hope it helps :)
> >
> > - Josh
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >
>
>
> --
> James Bognar
>

Re: Images in source code.

[Bertrand Delacretaz <bd...@codeconsult.ch>]

On Sat, Jun 3, 2017 at 6:12 PM, James Bognar
<ja...@salesforce.com> wrote:
> ...The reason I asked is because we've previously been asked about ownership
> of image files during release votes, so I wasn't sure if we were supposed
> to mark them somehow...

You could create a ticket in your issue tracker to indicate the
provenance of those images, and mention the ticket ID in the commit
messages when adding those images. Or maybe just add "created by
myself" to the commit messages for clarity.

-Bertrand

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[James Bognar <ja...@salesforce.com>]

Thanks everyone who replied.

The reason I asked is because we've previously been asked about ownership
of image files during release votes, so I wasn't sure if we were supposed
to mark them somehow.

On Sat, Jun 3, 2017 at 9:46 AM John D. Ament <jo...@apache.org> wrote:

> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > >> For additional commands, e-mail: general-help@incubator.apache.org
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > clr@apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >
>
-- 
James Bognar

Re: Images in source code.

[Martin Gainty <mg...@hotmail.com>]

________________________________
From: James Bognar <ja...@salesforce.com>
Sent: Sunday, June 4, 2017 9:13 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.

That's a good question.  I've discovered that images CAN contain metadata
that includes ownership information.  Rat could check for these.  In
practice though, these comment fields don't seem to be often used.

If I could add a simple "Copyright Apache" message to the metadata, I
would, but the tooling is suprisingly lacking.

MG>To answer the second question
MG>entities who purchase a product (salesforce) would not necessarily know:
MG>who created the code (especially when license information is stripped out and there is no attribution in META-INF readme/licenses)
MG>who generated the images..(assuming designers have the legal right to trademark/copyright their work)

MG>apologies for picking on salesforce ..ive seen other organisations grab OpenSource Assets/Code, stripout licenses & call it their own

MG>James if you can show me where the Copyright Apache is in metadata .. I'll get maven-rat-plugin to read metadata and throw BuildException
MG>and fail the rat check

MG>thanks for your help

On Sun, Jun 4, 2017 at 8:49 AM, Martin Gainty <mg...@hotmail.com> wrote:

> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:



>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <jo...@apache.org>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: general@incubator.apache.org
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > >> For additional commands, e-mail: general-help@incubator.apache.org
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > clr@apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >
>



--
James Bognar

Re: Images in source code.

[James Bognar <ja...@salesforce.com>]

That's a good question.  I've discovered that images CAN contain metadata
that includes ownership information.  Rat could check for these.  In
practice though, these comment fields don't seem to be often used.

If I could add a simple "Copyright Apache" message to the metadata, I
would, but the tooling is suprisingly lacking.

On Sun, Jun 4, 2017 at 8:49 AM, Martin Gainty <mg...@hotmail.com> wrote:

> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <jo...@apache.org>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: general@incubator.apache.org
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > >> For additional commands, e-mail: general-help@incubator.apache.org
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > clr@apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >
>



-- 
James Bognar

Re: Images in source code.

[Shane Curcuru <as...@shanecurcuru.org>]

Mike Drob wrote on 6/4/17 3:12 PM:
> Project logos are Apache Licensed, but cannot be used for "any purpose" I
> thought? They're specifically called out and most uses of trademark logos
> need to be approved by VP Brand.

Correct, although not quite exact.  The Apache license itself explicitly
*excludes* trademark rights [1]:

  https://www.apache.org/licenses/LICENSE-2.0.html#trademarks

So users are free to reuse our icons and logos and what-not almost
anyway they like, but *not* in ways that would infringe on our existing
trademarks for software products.

Users can take the nutty Apache Flink squirrel logo and use it to refer
to Apache Flink itself.  They could also use it as part of an art
collage, or in a presentation about squirrels, or mash it up with logos
of dogs or any other sort of non-trademark uses.  They can't use it (in
general cases) to refer to a different software product than Flink.

The reporting guide has some steps for thinking about "Is this
$somebody's use of an Apache logo OK or not?"

  https://www.apache.org/foundation/marks/reporting#kinds

-- 

- Shane
  https://www.apache.org/foundation/marks/resources

[1] Protip: no OSI-approved software license gives users any trademark
rights - even if "trademarks" never appears in the license.  FOSS
licenses are only *copyright* licenses, not trademark licenses.

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[Ted Dunning <te...@gmail.com>]

Mike,

Is that what Martin was talking about? Doesn't that seem pretty far off of
this thread which is about how to label images created for testing purposes?


On Sun, Jun 4, 2017 at 9:12 PM, Mike Drob <md...@apache.org> wrote:

> Project logos are Apache Licensed, but cannot be used for "any purpose" I
> thought? They're specifically called out and most uses of trademark logos
> need to be approved by VP Brand.
>
> https://www.apache.org/foundation/marks/
>
>
> On Sun, Jun 4, 2017 at 9:09 AM, Ted Dunning <te...@gmail.com> wrote:
>
> > What does subverted by Salesforce even mean here?
> >
> > Any Apache licensed material can be "subverted" by pretty much anybody if
> > subverted means use for any purpose they feel like.
> >
> > On Jun 4, 2017 14:49, "Martin Gainty" <mg...@hotmail.com> wrote:
> >
> > > is there anyway to run maven-rat-plugin to make sure ASF licensed
> assets
> > > are *not* being subverted by salesforce
>

Re: Images in source code.

[Mike Drob <md...@apache.org>]

Project logos are Apache Licensed, but cannot be used for "any purpose" I
thought? They're specifically called out and most uses of trademark logos
need to be approved by VP Brand.

https://www.apache.org/foundation/marks/

On Sun, Jun 4, 2017 at 9:09 AM, Ted Dunning <te...@gmail.com> wrote:

> What does subverted by Salesforce even mean here?
>
> Any Apache licensed material can be "subverted" by pretty much anybody if
> subverted means use for any purpose they feel like.
>
> On Jun 4, 2017 14:49, "Martin Gainty" <mg...@hotmail.com> wrote:
>
> > is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> > are *not* being subverted by salesforce
> >
> >
> > http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
> >
> >
> > Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> > apache.org/rat/apache-rat-plugin/rat-mojo.html>
> > creadur.apache.org
> > apache-rat:rat. Note:This goal should be used as a Maven report. Full
> > name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
> >
> > ?
> >
> > Martin
> > ______________________________________________
> >
> >
> >
> > ________________________________
> > From: John D. Ament <jo...@apache.org>
> > Sent: Saturday, June 3, 2017 9:46 AM
> > To: general@incubator.apache.org
> > Subject: Re: Images in source code.
> >
> > On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com>
> wrote:
> >
> > > Hi James,
> > >
> > > Everything that is not explicitly called out in the top level NOTICE
> and
> > > LICENSE files are licensed under the Apache 2.0 license.
> > >
> > > Adding a file to this directory might mislead people into thinking that
> > > they need to perform more due diligence with other files in other
> > > directories.
> > >
> > > My advice is to *not* add anything. Let the images be licensed per the
> > > terms the top level LICENSE file.
> > >
> >
> > Agreed.  What we do like to make sure is called out is if there is
> > provenance that these images came from somewhere else.  If these images
> > were not created by you and were not already under apache license, then
> we
> > would have a concern.
> >
> >
> > >
> > > Craig
> > >
> > > > On Jun 2, 2017, at 2:20 PM, James Bognar <
> james.bognar@salesforce.com>
> > > wrote:
> > > >
> > > > Thanks!
> > > >
> > > > I haven't found a metadata editor that works yet, so I'll just add a
> > > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > > >
> > > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org>
> wrote:
> > > >
> > > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > > >>
> > > >>> I just added several png files to the source tree of our podling.
> I
> > > >>> created them myself.  Are there any best-practices on how to mark
> > > these as
> > > >>> Apache licensed?
> > > >>>
> > > >>>
> > > >> I'm not sure of a good way to track this. I'm not sure if png
> supports
> > > >> arbitrary metadata which could be edited. Some ways I've seen used
> > > >> elsewhere to try to better propagate license/ownership:
> > > >>
> > > >> * Comments on the issue-tracker issue that introduced them citing
> > > >> origin/source (typically for images that are copied, not created)
> > > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of
> course)
> > > >> * A README in the same directory with relevant info
> > > >>
> > > >> If the images are of the podling's creation, I wouldn't be
> > particularly
> > > >> worried. The copyright notice on your source-release and LICENSE are
> > > >> sufficient to inform downstream consumers.
> > > >>
> > > >> Probably not the answer you're looking for, but hope it helps :)
> > > >>
> > > >> - Josh
> > > >>
> > > >> ------------------------------------------------------------
> ---------
> > > >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > > >> For additional commands, e-mail: general-help@incubator.apache.org
> > > >>
> > > >>
> > > >
> > > >
> > > > --
> > > > James Bognar
> > >
> > > Craig L Russell
> > > clr@apache.org
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > > For additional commands, e-mail: general-help@incubator.apache.org
> > >
> > >
> >
>

Re: Images in source code.

[Ted Dunning <te...@gmail.com>]

What does subverted by Salesforce even mean here?

Any Apache licensed material can be "subverted" by pretty much anybody if
subverted means use for any purpose they feel like.

On Jun 4, 2017 14:49, "Martin Gainty" <mg...@hotmail.com> wrote:

> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <jo...@apache.org>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: general@incubator.apache.org
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > >> For additional commands, e-mail: general-help@incubator.apache.org
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > clr@apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >
>

Re: Images in source code.

[Martin Gainty <mg...@hotmail.com>]

________________________________

From: Felix Meschberger <fm...@adobe.com.INVALID>
Sent: Thursday, June 15, 2017 8:13 PM
To: general@incubator.apache.org
Cc: james.bognar@salesforce.com
Subject: Re: Images in source code.

Here: http://www.sno.phy.queensu.ca/~phil/exiftool/ ?
ExifTool by Phil Harvey - Queen's University<http://www.sno.phy.queensu.ca/~phil/exiftool/>
www.sno.phy.queensu.ca
The OS X package installs the ExifTool command-line application and libraries in /usr/local/bin. After installing, type "exiftool" in a Terminal window to run ...

MG>Thank god for Opensource technologies that work
MG>Vielen Danke Felix!


and http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html
XMP Tags - Queen's University<http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html>
www.sno.phy.queensu.ca
XMP Tags. XMP stands for "Extensible Metadata Platform", an XML/RDF-based metadata format which is being pushed by Adobe. Information in this format can be embedded ...




(Thanks Google ;-) )

Regards
Felix

Am 15.06.2017 um 16:46 schrieb Martin Gainty <mg...@hotmail.com>>:

James and Team


quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)

i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled

Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image

Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated


Thanks,

Martin
______________________________________________



________________________________
From: Martin Gainty <mg...@hotmail.com>>
Sent: Sunday, June 4, 2017 8:49 AM
To: general@incubator.apache.org<ma...@incubator.apache.org>
Subject: Re: Images in source code.


is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:





Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:



creadur.apache.org<http://creadur.apache.org>
[http://www.apache.org/images/asf_logo.gif]<http://creadur.apache.org/>

Apache Creadur - Apache Software Foundation<http://creadur.apache.org/>
creadur.apache.org
Welcome to Apache Creadur About Apache Creadur. This project started as just Rat, a release auditing tool good with licenses, coded in Java with plugins for Ant and Maven



apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <jo...@apache.org>
Sent: Saturday, June 3, 2017 9:46 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:

Hi James,

Everything that is not explicitly called out in the top level NOTICE and
LICENSE files are licensed under the Apache 2.0 license.

Adding a file to this directory might mislead people into thinking that
they need to perform more due diligence with other files in other
directories.

My advice is to *not* add anything. Let the images be licensed per the
terms the top level LICENSE file.


Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.



Craig

On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
wrote:

Thanks!

I haven't found a metadata editor that works yet, so I'll just add a
LICENSE.txt file to the directory.  Hopefully that's enough.

On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:

On 6/2/17 1:15 PM, James Bognar wrote:

I just added several png files to the source tree of our podling.  I
created them myself.  Are there any best-practices on how to mark
these as
Apache licensed?


I'm not sure of a good way to track this. I'm not sure if png supports
arbitrary metadata which could be edited. Some ways I've seen used
elsewhere to try to better propagate license/ownership:

* Comments on the issue-tracker issue that introduced them citing
origin/source (typically for images that are copied, not created)
* Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
* A README in the same directory with relevant info

If the images are of the podling's creation, I wouldn't be particularly
worried. The copyright notice on your source-release and LICENSE are
sufficient to inform downstream consumers.

Probably not the answer you're looking for, but hope it helps :)

- Josh

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org




--
James Bognar

Craig L Russell
clr@apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[Martin Gainty <mg...@hotmail.com>]

________________________________
From: Julian Hyde <jh...@apache.org>
Sent: Thursday, June 15, 2017 8:19 PM
To: general@incubator.apache.org
Subject: Re: Images in source code.

Can someone please log a JIRA case on RAT? As soon as this feature is in a released version of RAT I’ll change our release process to require headers in all images.

Julian

MG>i have a rat patch but its untested so no claim to victory until i know it passes at least one testcase with embedded metadata for at least one MG>Image format
MG>mea culpa on no entry in RAT Jira ..i will do that right now
MG>Many Thanks to Julian,Felix and James

> On Jun 15, 2017, at 5:13 PM, Felix Meschberger <fm...@adobe.com.INVALID> wrote:
>
> Here: http://www.sno.phy.queensu.ca/~phil/exiftool/ ?
ExifTool by Phil Harvey - Queen's University<http://www.sno.phy.queensu.ca/~phil/exiftool/>
www.sno.phy.queensu.ca
The OS X package installs the ExifTool command-line application and libraries in /usr/local/bin. After installing, type "exiftool" in a Terminal window to run ...



>
> and http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html
XMP Tags - Queen's University<http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html>
www.sno.phy.queensu.ca
XMP Tags. XMP stands for "Extensible Metadata Platform", an XML/RDF-based metadata format which is being pushed by Adobe. Information in this format can be embedded ...



>
> (Thanks Google ;-) )
>
> Regards
> Felix
>
> Am 15.06.2017 um 16:46 schrieb Martin Gainty <mg...@hotmail.com>>:
>
> James and Team
>
>
> quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)
>
> i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled
>
> Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image
>
> Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated
>
>
> Thanks,
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: Martin Gainty <mg...@hotmail.com>>
> Sent: Sunday, June 4, 2017 8:49 AM
> To: general@incubator.apache.org<ma...@incubator.apache.org>
> Subject: Re: Images in source code.
>
>
> is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:



>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:



> creadur.apache.org<http://creadur.apache.org>
[http://www.apache.org/images/asf_logo.gif]<http://creadur.apache.org/>

Apache Creadur - Apache Software Foundation<http://creadur.apache.org/>
creadur.apache.org
Welcome to Apache Creadur About Apache Creadur. This project started as just Rat, a release auditing tool good with licenses, coded in Java with plugins for Ant and Maven



> apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <jo...@apache.org>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: general@incubator.apache.org
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
>
> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
>
> Craig
>
> On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> wrote:
>
> Thanks!
>
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.
>
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
>
> On 6/2/17 1:15 PM, James Bognar wrote:
>
> I just added several png files to the source tree of our podling.  I
> created them myself.  Are there any best-practices on how to mark
> these as
> Apache licensed?
>
>
> I'm not sure of a good way to track this. I'm not sure if png supports
> arbitrary metadata which could be edited. Some ways I've seen used
> elsewhere to try to better propagate license/ownership:
>
> * Comments on the issue-tracker issue that introduced them citing
> origin/source (typically for images that are copied, not created)
> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> * A README in the same directory with relevant info
>
> If the images are of the podling's creation, I wouldn't be particularly
> worried. The copyright notice on your source-release and LICENSE are
> sufficient to inform downstream consumers.
>
> Probably not the answer you're looking for, but hope it helps :)
>
> - Josh
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>
>
>
> --
> James Bognar
>
> Craig L Russell
> clr@apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[Julian Hyde <jh...@apache.org>]

Can someone please log a JIRA case on RAT? As soon as this feature is in a released version of RAT I’ll change our release process to require headers in all images.

Julian

> On Jun 15, 2017, at 5:13 PM, Felix Meschberger <fm...@adobe.com.INVALID> wrote:
> 
> Here: http://www.sno.phy.queensu.ca/~phil/exiftool/ ?
> 
> and http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html
> 
> (Thanks Google ;-) )
> 
> Regards
> Felix
> 
> Am 15.06.2017 um 16:46 schrieb Martin Gainty <mg...@hotmail.com>>:
> 
> James and Team
> 
> 
> quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)
> 
> i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled
> 
> Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image
> 
> Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated
> 
> 
> Thanks,
> 
> Martin
> ______________________________________________
> 
> 
> 
> ________________________________
> From: Martin Gainty <mg...@hotmail.com>>
> Sent: Sunday, June 4, 2017 8:49 AM
> To: general@incubator.apache.org<ma...@incubator.apache.org>
> Subject: Re: Images in source code.
> 
> 
> is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce
> 
> 
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
> 
> 
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org<http://creadur.apache.org>
> apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
> 
> ?
> 
> Martin
> ______________________________________________
> 
> 
> 
> ________________________________
> From: John D. Ament <jo...@apache.org>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: general@incubator.apache.org
> Subject: Re: Images in source code.
> 
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
> 
> Hi James,
> 
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
> 
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
> 
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
> 
> 
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
> 
> 
> 
> Craig
> 
> On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> wrote:
> 
> Thanks!
> 
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.
> 
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> 
> On 6/2/17 1:15 PM, James Bognar wrote:
> 
> I just added several png files to the source tree of our podling.  I
> created them myself.  Are there any best-practices on how to mark
> these as
> Apache licensed?
> 
> 
> I'm not sure of a good way to track this. I'm not sure if png supports
> arbitrary metadata which could be edited. Some ways I've seen used
> elsewhere to try to better propagate license/ownership:
> 
> * Comments on the issue-tracker issue that introduced them citing
> origin/source (typically for images that are copied, not created)
> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> * A README in the same directory with relevant info
> 
> If the images are of the podling's creation, I wouldn't be particularly
> worried. The copyright notice on your source-release and LICENSE are
> sufficient to inform downstream consumers.
> 
> Probably not the answer you're looking for, but hope it helps :)
> 
> - Josh
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
> 
> 
> 
> 
> --
> James Bognar
> 
> Craig L Russell
> clr@apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[Felix Meschberger <fm...@adobe.com.INVALID>]

Here: http://www.sno.phy.queensu.ca/~phil/exiftool/ ?

and http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html

(Thanks Google ;-) )

Regards
Felix

Am 15.06.2017 um 16:46 schrieb Martin Gainty <mg...@hotmail.com>>:

James and Team


quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)

i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled

Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image

Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated


Thanks,

Martin
______________________________________________



________________________________
From: Martin Gainty <mg...@hotmail.com>>
Sent: Sunday, June 4, 2017 8:49 AM
To: general@incubator.apache.org<ma...@incubator.apache.org>
Subject: Re: Images in source code.


is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org<http://creadur.apache.org>
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <jo...@apache.org>
Sent: Saturday, June 3, 2017 9:46 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:

Hi James,

Everything that is not explicitly called out in the top level NOTICE and
LICENSE files are licensed under the Apache 2.0 license.

Adding a file to this directory might mislead people into thinking that
they need to perform more due diligence with other files in other
directories.

My advice is to *not* add anything. Let the images be licensed per the
terms the top level LICENSE file.


Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.



Craig

On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
wrote:

Thanks!

I haven't found a metadata editor that works yet, so I'll just add a
LICENSE.txt file to the directory.  Hopefully that's enough.

On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:

On 6/2/17 1:15 PM, James Bognar wrote:

I just added several png files to the source tree of our podling.  I
created them myself.  Are there any best-practices on how to mark
these as
Apache licensed?


I'm not sure of a good way to track this. I'm not sure if png supports
arbitrary metadata which could be edited. Some ways I've seen used
elsewhere to try to better propagate license/ownership:

* Comments on the issue-tracker issue that introduced them citing
origin/source (typically for images that are copied, not created)
* Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
* A README in the same directory with relevant info

If the images are of the podling's creation, I wouldn't be particularly
worried. The copyright notice on your source-release and LICENSE are
sufficient to inform downstream consumers.

Probably not the answer you're looking for, but hope it helps :)

- Josh

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org




--
James Bognar

Craig L Russell
clr@apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[James Bognar <ja...@salesforce.com>]

I was unsuccessful finding a tool as well.

On Thu, Jun 15, 2017 at 7:46 PM, Martin Gainty <mg...@hotmail.com> wrote:

> James and Team
>
>
> quick update I have factored rat-plugin to read XMP (an XML
> metadata-tagged file with embedded Image)
>
> i have tried adding metadata tags using the crippled freebie photoshop and
> could not find any way to add metadata tags to PNG, JPG or PSD as the
> File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled
>
>
> Im reading some blogs that exiftool<sp?> can add metadata tags to any
> existing image
>
> Any clues as to where to locate any tool that can add metadata tag to an
> Image would be appreciated
>
>
> Thanks,
> Martin
> ______________________________________________
>
>
>
>
> ------------------------------
> *From:* Martin Gainty <mg...@hotmail.com>
> *Sent:* Sunday, June 4, 2017 8:49 AM
> *To:* general@incubator.apache.org
> *Subject:* Re: Images in source code.
>
>
> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat
> <http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
> ?
>
> Martin
> ______________________________________________
>
>
>
>
> ------------------------------
> *From:* John D. Ament <jo...@apache.org>
> *Sent:* Saturday, June 3, 2017 9:46 AM
> *To:* general@incubator.apache.org
> *Subject:* Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > >> For additional commands, e-mail: general-help@incubator.apache.org
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > clr@apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >
>



-- 
James Bognar

Re: Images in source code.

[Martin Gainty <mg...@hotmail.com>]

James and Team


quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)

i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled

Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image

Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated


Thanks,

Martin
______________________________________________



________________________________
From: Martin Gainty <mg...@hotmail.com>
Sent: Sunday, June 4, 2017 8:49 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.


is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <jo...@apache.org>
Sent: Saturday, June 3, 2017 9:46 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: general-help@incubator.apache.org
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> clr@apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>

Re: Images in source code.

[Martin Gainty <mg...@hotmail.com>]

is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <jo...@apache.org>
Sent: Saturday, June 3, 2017 9:46 AM
To: general@incubator.apache.org
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: general-help@incubator.apache.org
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> clr@apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>

Re: Images in source code.

["John D. Ament" <jo...@apache.org>]

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <ap...@gmail.com> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: general-help@incubator.apache.org
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> clr@apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>

Re: Images in source code.

[Craig Russell <ap...@gmail.com>]

Hi James,

Everything that is not explicitly called out in the top level NOTICE and LICENSE files are licensed under the Apache 2.0 license.

Adding a file to this directory might mislead people into thinking that they need to perform more due diligence with other files in other directories.

My advice is to *not* add anything. Let the images be licensed per the terms the top level LICENSE file.

Craig

> On Jun 2, 2017, at 2:20 PM, James Bognar <ja...@salesforce.com> wrote:
> 
> Thanks!
> 
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.
> 
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:
> 
>> On 6/2/17 1:15 PM, James Bognar wrote:
>> 
>>> I just added several png files to the source tree of our podling.  I
>>> created them myself.  Are there any best-practices on how to mark these as
>>> Apache licensed?
>>> 
>>> 
>> I'm not sure of a good way to track this. I'm not sure if png supports
>> arbitrary metadata which could be edited. Some ways I've seen used
>> elsewhere to try to better propagate license/ownership:
>> 
>> * Comments on the issue-tracker issue that introduced them citing
>> origin/source (typically for images that are copied, not created)
>> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
>> * A README in the same directory with relevant info
>> 
>> If the images are of the podling's creation, I wouldn't be particularly
>> worried. The copyright notice on your source-release and LICENSE are
>> sufficient to inform downstream consumers.
>> 
>> Probably not the answer you're looking for, but hope it helps :)
>> 
>> - Josh
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
>> For additional commands, e-mail: general-help@incubator.apache.org
>> 
>> 
> 
> 
> -- 
> James Bognar

Craig L Russell
clr@apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org

Re: Images in source code.

[James Bognar <ja...@salesforce.com>]

Thanks!

I haven't found a metadata editor that works yet, so I'll just add a
LICENSE.txt file to the directory.  Hopefully that's enough.

On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <el...@apache.org> wrote:

> On 6/2/17 1:15 PM, James Bognar wrote:
>
>> I just added several png files to the source tree of our podling.  I
>> created them myself.  Are there any best-practices on how to mark these as
>> Apache licensed?
>>
>>
> I'm not sure of a good way to track this. I'm not sure if png supports
> arbitrary metadata which could be edited. Some ways I've seen used
> elsewhere to try to better propagate license/ownership:
>
> * Comments on the issue-tracker issue that introduced them citing
> origin/source (typically for images that are copied, not created)
> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> * A README in the same directory with relevant info
>
> If the images are of the podling's creation, I wouldn't be particularly
> worried. The copyright notice on your source-release and LICENSE are
> sufficient to inform downstream consumers.
>
> Probably not the answer you're looking for, but hope it helps :)
>
> - Josh
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>


-- 
James Bognar

Re: Images in source code.

[Josh Elser <el...@apache.org>]

On 6/2/17 1:15 PM, James Bognar wrote:
> I just added several png files to the source tree of our podling.  I
> created them myself.  Are there any best-practices on how to mark these as
> Apache licensed?
> 

I'm not sure of a good way to track this. I'm not sure if png supports 
arbitrary metadata which could be edited. Some ways I've seen used 
elsewhere to try to better propagate license/ownership:

* Comments on the issue-tracker issue that introduced them citing 
origin/source (typically for images that are copied, not created)
* Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
* A README in the same directory with relevant info

If the images are of the podling's creation, I wouldn't be particularly 
worried. The copyright notice on your source-release and LICENSE are 
sufficient to inform downstream consumers.

Probably not the answer you're looking for, but hope it helps :)

- Josh

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org