You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by Stephen Mallette <sp...@gmail.com> on 2022/03/18 13:15:18 UTC
gremlin-go license/notice
Note sure where to start with this, but we do need to make sure we've
gotten our LICENSE/NOTICE straight for gremlin-go if we are to make a
release of any sort. My understanding is that the tagging of the repo with
the pattern `v3.5.3` (or the like) will allow go users to make use of that
version. I further believe that in referencing that version, it will
trigger the download of the entire TinkerPop repository - i.e. the source
code for all of TinkerPop, despite only really needing the gremlin-go part
of it.
I looked at Apache Arrow which has a golang package and I'm not completely
sure that their pattern is the one to follow (a dangerous game to assume
the other Apache project did it right), but it did help me think through
our particular situation.
The LICENSE/NOTICE should only be modified to address bundled bits. and
gremlin-go does not have any source code that is from a third party (please
correct me if I'm wrong). The only third-party code is that which is
unrelated to gremlin-go and is already listed in the root NOTICE. We cover
the licenses for those items already in our root LICENSE and /licenses
directory.
Since the user gets the whole repo downloaded to include those files, I
would think those root files are enough to satisfy ASF concerns.
The NOTICE file currently proposed for gremlin-go in particular, doesn't
seem necessary as none of the items in there are "bundled bits". They are
additional dependencies that come separate to what we say are in our
package. I think that file can be removed.
Re: gremlin-go license/notice
Posted by Lyndon Bauto <ly...@bitquilltech.com.INVALID>.
Thanks for looking into this, Stephen. I am going to follow this thread for
a little bit and remove it if there are no comments against removing it.
On Fri, Mar 18, 2022 at 6:15 AM Stephen Mallette <sp...@gmail.com>
wrote:
> Note sure where to start with this, but we do need to make sure we've
> gotten our LICENSE/NOTICE straight for gremlin-go if we are to make a
> release of any sort. My understanding is that the tagging of the repo with
> the pattern `v3.5.3` (or the like) will allow go users to make use of that
> version. I further believe that in referencing that version, it will
> trigger the download of the entire TinkerPop repository - i.e. the source
> code for all of TinkerPop, despite only really needing the gremlin-go part
> of it.
>
> I looked at Apache Arrow which has a golang package and I'm not completely
> sure that their pattern is the one to follow (a dangerous game to assume
> the other Apache project did it right), but it did help me think through
> our particular situation.
>
> The LICENSE/NOTICE should only be modified to address bundled bits. and
> gremlin-go does not have any source code that is from a third party (please
> correct me if I'm wrong). The only third-party code is that which is
> unrelated to gremlin-go and is already listed in the root NOTICE. We cover
> the licenses for those items already in our root LICENSE and /licenses
> directory.
>
> Since the user gets the whole repo downloaded to include those files, I
> would think those root files are enough to satisfy ASF concerns.
>
> The NOTICE file currently proposed for gremlin-go in particular, doesn't
> seem necessary as none of the items in there are "bundled bits". They are
> additional dependencies that come separate to what we say are in our
> package. I think that file can be removed.
>
--
*Lyndon Bauto*
Team Lead
Bit Quill Technologies Inc.
lyndonb@bitquilltech.com
https://www.bitquilltech.com