You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by Guang Yang <yg...@outlook.com> on 2016/10/04 19:40:56 UTC
Build failure due to license validation
Hello,
While working on the Jetty 9 upgrade patch, after polling in several new artifacts, the build failed due to the license validation, for example:
1. It pulled in the javax.annotation whose license is 'CDDL + GPLv2 with classpath exception' which failed our whitelist check since once 'CDDL' is found, it tries to find '1.1' or '1.0' but failed to find those sub strings.
2. Another one failed the validation is javax.validation, whose license is 'Apache Software License, Version 2.0', whereas in our whitelist, it is 'Apache License, Version 2.0' (note there is no 'Software').
I would like to ask what is the recommendation to deal with this type of mismatch?
Thanks,
Guang
Re: Build failure due to license validation
Posted by Guang Yang <yg...@yahoo-inc.com.INVALID>.
Thanks Sean and Ted, I now understand the policy to deal with the license validations, will follow that. Thanks,Guang
On Tuesday, October 4, 2016 3:15 PM, Sean Busbey <bu...@cloudera.com> wrote:
1) CDDL + GPLv2 allows you to pick a license. as an ASF project we
pick CDDL. You should update the supplemental info to properly
document the use of CDDL (including the version).
2) You should update the supplemental info file to refer to the correct name.
You should also make sure there are no additional changes needed to
LICENSE or NOTICE files for the change in dependencies beyond what the
automatic tooling does.
On Tue, Oct 4, 2016 at 2:40 PM, Guang Yang <yg...@outlook.com> wrote:
> Hello,
> While working on the Jetty 9 upgrade patch, after polling in several new artifacts, the build failed due to the license validation, for example:
> 1. It pulled in the javax.annotation whose license is 'CDDL + GPLv2 with classpath exception' which failed our whitelist check since once 'CDDL' is found, it tries to find '1.1' or '1.0' but failed to find those sub strings.
>
> 2. Another one failed the validation is javax.validation, whose license is 'Apache Software License, Version 2.0', whereas in our whitelist, it is 'Apache License, Version 2.0' (note there is no 'Software').
>
> I would like to ask what is the recommendation to deal with this type of mismatch?
>
> Thanks,
> Guang
--
busbey
Re: Build failure due to license validation
Posted by Sean Busbey <bu...@cloudera.com>.
1) CDDL + GPLv2 allows you to pick a license. as an ASF project we
pick CDDL. You should update the supplemental info to properly
document the use of CDDL (including the version).
2) You should update the supplemental info file to refer to the correct name.
You should also make sure there are no additional changes needed to
LICENSE or NOTICE files for the change in dependencies beyond what the
automatic tooling does.
On Tue, Oct 4, 2016 at 2:40 PM, Guang Yang <yg...@outlook.com> wrote:
> Hello,
> While working on the Jetty 9 upgrade patch, after polling in several new artifacts, the build failed due to the license validation, for example:
> 1. It pulled in the javax.annotation whose license is 'CDDL + GPLv2 with classpath exception' which failed our whitelist check since once 'CDDL' is found, it tries to find '1.1' or '1.0' but failed to find those sub strings.
>
> 2. Another one failed the validation is javax.validation, whose license is 'Apache Software License, Version 2.0', whereas in our whitelist, it is 'Apache License, Version 2.0' (note there is no 'Software').
>
> I would like to ask what is the recommendation to deal with this type of mismatch?
>
> Thanks,
> Guang
--
busbey
Re: Build failure due to license validation
Posted by Ted Yu <yu...@gmail.com>.
For #1, only javax.annotation.Generated is imported.
We can create a similar class in hbase-common which replaces the above
import.
On Tue, Oct 4, 2016 at 12:40 PM, Guang Yang <yg...@outlook.com> wrote:
> Hello,
> While working on the Jetty 9 upgrade patch, after polling in several new
> artifacts, the build failed due to the license validation, for example:
> 1. It pulled in the javax.annotation whose license is 'CDDL + GPLv2 with
> classpath exception' which failed our whitelist check since once 'CDDL' is
> found, it tries to find '1.1' or '1.0' but failed to find those sub strings.
>
> 2. Another one failed the validation is javax.validation, whose license is
> 'Apache Software License, Version 2.0', whereas in our whitelist, it is
> 'Apache License, Version 2.0' (note there is no 'Software').
>
> I would like to ask what is the recommendation to deal with this type of
> mismatch?
>
> Thanks,
> Guang