You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by "Wei-Chiu Chuang (Jira)" <ji...@apache.org> on 2019/08/30 19:41:00 UTC

[jira] [Created] (HBASE-22954) Whitelist net.java.dev.jna which got pulled in through Hadoop 3.3.0

Wei-Chiu Chuang created HBASE-22954:
---------------------------------------

             Summary: Whitelist net.java.dev.jna which got pulled in through Hadoop 3.3.0
                 Key: HBASE-22954
                 URL: https://issues.apache.org/jira/browse/HBASE-22954
             Project: HBase
          Issue Type: Bug
            Reporter: Wei-Chiu Chuang
            Assignee: Wei-Chiu Chuang


YARN-9477 added a new dependency net.java.dev.jna, which resulted in license check failure in HBase because the checker thinks it's LGPL 2.1 licensed. But in fact, it is dual licensed.

{code}
  <name>Java Native Access</name>
  <description>Java Native Access</description>
  <url>https://github.com/java-native-access/jna</url>

  <licenses>
      <license>
          <name>LGPL, version 2.1</name>
          <url>http://www.gnu.org/licenses/licenses.html</url>
          <distribution>repo</distribution>
      </license>
      <license>
          <name>Apache License v2.0</name>
          <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
          <distribution>repo</distribution>
      </license>
  </licenses>
{code}

We can
(1) white list this dependency
(2) or update the license checker to search for if any of the licenses is permitted



--
This message was sent by Atlassian Jira
(v8.3.2#803003)