You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by David Jencks <da...@yahoo.com> on 2007/08/04 09:23:20 UTC
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
On Aug 3, 2007, at 6:45 PM, Craig L Russell wrote:
>
> On Aug 3, 2007, at 6:20 PM, Stefano Bagnara wrote:
>
>> Sam Ruby ha scritto:
>>> Until the dust settles, I'm asking that all SUN
>>> PROPRIETARY/CONFIDENTIAL dtd's and xsd's be removed. For the
>>> moment,
>>> they can be be replaced by CDDL licensed equivalents (if available)
>>> but only if the only ways that particular product uses these
>>> materials
>>> is directly via their original source form. If, however, any of
>>> these
>>> files are used by the product in question as input to a 'compilation
>>> step' of any sort, then they should be replaced by the binary
>>> outputs
>>> instead (i.e., class "B" artifacts).
>>>
>>> If anybody has any problem with this (either affected products as
>>> this
>>> is an unreasonable burden, or legal-internal folks as this
>>> inconsistent with ASF principles), please let me know ASAP. In the
>>> event that I don't hear any objection in the next 72 hours, I will
>>> make a minor update to the 3party draft some time next week.
I don't think I understand exactly what you mean, I don't think it
makes sense, and just in case I do understand you this will prevent
geronimo from releasing artifacts now under vote. See below.
>>>
>>> - Sam Ruby
>
> Just a clarification. If a dtd or xsd file is "compiled" into a
> binary form, my assumption is that the project still needs to
> identify the resulting file as licensed under the CDDL license of
> the original source. So the distribution will still need the
> LICENSE.txt file identifying the binary and calling out the CDDL
> license.
I'm rapidly coming to the conclusion that apache should not even
think about trying to host or release anything even vaguely related
to a sun licensed schema.
Can you explain which of these should be asf licensed and which cddl
licensed and how exactly you draw the line?
Lets start with the cddl licensed javaee 5 xsds.
1. use xmlbeans to compile the xsds as part of a build process.
Basically all you can specify is the package of the resulting java
source files.
2. use jaxb to generate classes corresponding to the xsds as part of
a build process. I think this is basically the same as (1)
3. use jaxb to generate classes corresponding to the xsds, check the
code into svn, and modify it by hand
4. write some classes with basically the same infomation content as
the schema, and use a rule based approach such as digester to
transfer the information from the xml to the objects. I'm curious
about the status of the rules and the data classes.
5. write some classes with basically the same information content as
the schema and write some say STAX based code to transfer the info
between xml and objects. (i.e. write a subset of xmlbeans or jaxb by
hand).
In all of these cases, when is the source code, whether written by
hand or generated, cddl, when is it asl, and when can it be
distributed as part of an apache project. What would the license be
for jars containing .class files for these classes? What about rules
for (4) if they are in human-readable form?
I can't really see any difference between these cases, so if anyone
else can I'd really appreciate a clear detailed explanation of why
they are different. I also don't really see how a javaee app server
is any different from these source or class files, since it has to
contain data structures semantically equivalent to the xsds.
OK, on to a more specific and time-critical question.
Geronimo has the pre-cddl j2ee 1.4 and javaee5 schemas in the hidden
tck svn repo, and we use xmlbeans to generate classes from them.
Previously we've released source and .class jars for the j2ee 1.4
schemas. We are currently voting on new source and .class jars for
both the j2ee 1.4 and javaee5 schemas. This vote will end aug 4 at
7:17 PST and unless we receive clear notice to the contrary will be
released to the apache maven repo and thence the maven central repo
shortly thereafter.
The stuff being voted on is at
http://people.apache.org/~prasad/geronimo-schema-j2ee_1.4-1.2.tar.gz
http://people.apache.org/~prasad/geronimo-schema-jee_5-1.1.tar.gz
In our naivete we have included the asf2 license in these jars and,
as the source code is entirely generated, not added any license
header to the .java files.
What's the correct license for the generated source java files?
xmlbeans also generates some binary data files from the schemas. I
think (but am by no means certain) that they are serialized java
objects representing the schema: in any case they have almost the
same infomation content as the schemas). What is the correct
license for them?
After the generated java source files get compiled, what is the
correct license for them?
Can any of these be distributed from apache? If not, if we moved
this stuff to say codehaus or sourceforge, and generated exactly the
same code and jars (except for the package name), could we use those
jars in geronimo?
BTW, the theory under which we (geronimo) has been operating is that
the sun copyright and legal statements apply to the text
documentation in the schemas and that once that is removed the rest
forms a part of the javaee specifications that we have a license to
implement, so we can translate it by any means we want (such as
xmlbeans, jaxb, castor, etc etc) to produce source code or class
files or pretty much anything else. I don't see how it's possible to
implement the specification without this: IMO without this
interpretation any javaee product must be cddl.
david jencks
>
> Craig
>
> Craig Russell
> DB PMC, OpenJPA PMC
> clr@apache.org http://db.apache.org/jdo
>
>
RE: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Janet Campbell <ja...@eclipse.org>.
Apologies for coming late to this thread. There is interest in using
myfaces within Eclipse and we are currently completing our due diligence on
the code base. The project has said that they will not be updating the DTD
files to reflect the CDDL license and I believe they understand that to be
what they should do based on this discussion [1]. I haven't been able to
locate a final resolution on that part of the discussion. Could someone
clarify for me?
[1]
http://users.myfaces.markmail.org/search/?q=#query:+page:9+mid:hbl3jra5x57w4
hi6+state:results
Janet
-----Original Message-----
From: Kevan Miller [mailto:kevan.miller@gmail.com]
Sent: Friday, August 10, 2007 9:55 AM
To: Craig L Russell
Cc: Sam Ruby; David Jencks; ASF Legal Discuss; Geronimo Dev List (JIRA)
Subject: Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
On Aug 10, 2007, at 12:52 AM, Craig L Russell wrote:
> On Aug 9, 2007, at 6:50 PM, Sam Ruby wrote:
>
>> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>>
>>> I'm a bit confused though about the inclusion of cddl xsds in apache
>>> svn since IIUC you have indicated xsds are definitely "source
>>> code" (I completely agree) and the draft 3rd party licensing page
>>> says cddl source can't be in apache releases. It doesn't say
>>> whether
>>> a few files can be in svn or not AFAICT but that certainly looks
>>> like
>>> it would prohibit shipping an asf jar with any cddl xsds in it.
>>
>> I've updated the draft 3rd party licensing page:
>>
>> http://people.apache.org/~rubys/3party.html
>
> +1
>
> Thanks for the update, Sam!
Agreed. Also, thanks for the timely and informative responses. They
were very helpful in deciding how to move forward on this matter.
>
> IIUC, Geronimo makes two uses of the CDDL-licensed xsd files.
>
> 1. The unmodified xsd files are available to the xml parser to
> avoid downloading the files from the internet during operation.
>
> 2. The unmodified xsd files are "compiled" into Java classes which
> are then compiled into binary form for execution.
>
> The new policy seems to address both cases, assuming that Geronimo
> chooses to update their copies of the files to the CDDL-licensed
> versions.
Just to be precise, Geronimo does not currently use CDDL-licensed
schema files. Moving to the CDDL-licensed versions of these schema
files is, IMO, the right thing to do. I intend to start this next week.
There's still the question of how the CDDL license extends to the
resultant binaries. Something for next week, I guess...
--kevan
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
RE: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Janet Campbell <ja...@eclipse.org>.
Apologies for coming late to this thread. There is interest in using
myfaces within Eclipse and we are currently completing our due diligence on
the code base. The project has said that they will not be updating the DTD
files to reflect the CDDL license and I believe they understand that to be
what they should do based on this discussion [1]. I haven't been able to
locate a final resolution on that part of the discussion. Could someone
clarify for me?
[1]
http://users.myfaces.markmail.org/search/?q=#query:+page:9+mid:hbl3jra5x57w4
hi6+state:results
Janet
-----Original Message-----
From: Kevan Miller [mailto:kevan.miller@gmail.com]
Sent: Friday, August 10, 2007 9:55 AM
To: Craig L Russell
Cc: Sam Ruby; David Jencks; ASF Legal Discuss; Geronimo Dev List (JIRA)
Subject: Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
On Aug 10, 2007, at 12:52 AM, Craig L Russell wrote:
> On Aug 9, 2007, at 6:50 PM, Sam Ruby wrote:
>
>> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>>
>>> I'm a bit confused though about the inclusion of cddl xsds in apache
>>> svn since IIUC you have indicated xsds are definitely "source
>>> code" (I completely agree) and the draft 3rd party licensing page
>>> says cddl source can't be in apache releases. It doesn't say
>>> whether
>>> a few files can be in svn or not AFAICT but that certainly looks
>>> like
>>> it would prohibit shipping an asf jar with any cddl xsds in it.
>>
>> I've updated the draft 3rd party licensing page:
>>
>> http://people.apache.org/~rubys/3party.html
>
> +1
>
> Thanks for the update, Sam!
Agreed. Also, thanks for the timely and informative responses. They
were very helpful in deciding how to move forward on this matter.
>
> IIUC, Geronimo makes two uses of the CDDL-licensed xsd files.
>
> 1. The unmodified xsd files are available to the xml parser to
> avoid downloading the files from the internet during operation.
>
> 2. The unmodified xsd files are "compiled" into Java classes which
> are then compiled into binary form for execution.
>
> The new policy seems to address both cases, assuming that Geronimo
> chooses to update their copies of the files to the CDDL-licensed
> versions.
Just to be precise, Geronimo does not currently use CDDL-licensed
schema files. Moving to the CDDL-licensed versions of these schema
files is, IMO, the right thing to do. I intend to start this next week.
There's still the question of how the CDDL license extends to the
resultant binaries. Something for next week, I guess...
--kevan
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Kevan Miller <ke...@gmail.com>.
On Aug 10, 2007, at 12:52 AM, Craig L Russell wrote:
> On Aug 9, 2007, at 6:50 PM, Sam Ruby wrote:
>
>> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>>
>>> I'm a bit confused though about the inclusion of cddl xsds in apache
>>> svn since IIUC you have indicated xsds are definitely "source
>>> code" (I completely agree) and the draft 3rd party licensing page
>>> says cddl source can't be in apache releases. It doesn't say
>>> whether
>>> a few files can be in svn or not AFAICT but that certainly looks
>>> like
>>> it would prohibit shipping an asf jar with any cddl xsds in it.
>>
>> I've updated the draft 3rd party licensing page:
>>
>> http://people.apache.org/~rubys/3party.html
>
> +1
>
> Thanks for the update, Sam!
Agreed. Also, thanks for the timely and informative responses. They
were very helpful in deciding how to move forward on this matter.
>
> IIUC, Geronimo makes two uses of the CDDL-licensed xsd files.
>
> 1. The unmodified xsd files are available to the xml parser to
> avoid downloading the files from the internet during operation.
>
> 2. The unmodified xsd files are "compiled" into Java classes which
> are then compiled into binary form for execution.
>
> The new policy seems to address both cases, assuming that Geronimo
> chooses to update their copies of the files to the CDDL-licensed
> versions.
Just to be precise, Geronimo does not currently use CDDL-licensed
schema files. Moving to the CDDL-licensed versions of these schema
files is, IMO, the right thing to do. I intend to start this next week.
There's still the question of how the CDDL license extends to the
resultant binaries. Something for next week, I guess...
--kevan
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Kevan Miller <ke...@gmail.com>.
On Aug 10, 2007, at 12:52 AM, Craig L Russell wrote:
> On Aug 9, 2007, at 6:50 PM, Sam Ruby wrote:
>
>> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>>
>>> I'm a bit confused though about the inclusion of cddl xsds in apache
>>> svn since IIUC you have indicated xsds are definitely "source
>>> code" (I completely agree) and the draft 3rd party licensing page
>>> says cddl source can't be in apache releases. It doesn't say
>>> whether
>>> a few files can be in svn or not AFAICT but that certainly looks
>>> like
>>> it would prohibit shipping an asf jar with any cddl xsds in it.
>>
>> I've updated the draft 3rd party licensing page:
>>
>> http://people.apache.org/~rubys/3party.html
>
> +1
>
> Thanks for the update, Sam!
Agreed. Also, thanks for the timely and informative responses. They
were very helpful in deciding how to move forward on this matter.
>
> IIUC, Geronimo makes two uses of the CDDL-licensed xsd files.
>
> 1. The unmodified xsd files are available to the xml parser to
> avoid downloading the files from the internet during operation.
>
> 2. The unmodified xsd files are "compiled" into Java classes which
> are then compiled into binary form for execution.
>
> The new policy seems to address both cases, assuming that Geronimo
> chooses to update their copies of the files to the CDDL-licensed
> versions.
Just to be precise, Geronimo does not currently use CDDL-licensed
schema files. Moving to the CDDL-licensed versions of these schema
files is, IMO, the right thing to do. I intend to start this next week.
There's still the question of how the CDDL license extends to the
resultant binaries. Something for next week, I guess...
--kevan
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Craig L Russell <Cr...@Sun.COM>.
On Aug 9, 2007, at 6:50 PM, Sam Ruby wrote:
> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>
>> I'm a bit confused though about the inclusion of cddl xsds in apache
>> svn since IIUC you have indicated xsds are definitely "source
>> code" (I completely agree) and the draft 3rd party licensing page
>> says cddl source can't be in apache releases. It doesn't say whether
>> a few files can be in svn or not AFAICT but that certainly looks like
>> it would prohibit shipping an asf jar with any cddl xsds in it.
>
> I've updated the draft 3rd party licensing page:
>
> http://people.apache.org/~rubys/3party.html
+1
Thanks for the update, Sam!
IIUC, Geronimo makes two uses of the CDDL-licensed xsd files.
1. The unmodified xsd files are available to the xml parser to avoid
downloading the files from the internet during operation.
2. The unmodified xsd files are "compiled" into Java classes which
are then compiled into binary form for execution.
The new policy seems to address both cases, assuming that Geronimo
chooses to update their copies of the files to the CDDL-licensed
versions.
> The longer term intent is to revise the document to say something
> along the lines of "Category A is always OK",
> "Category C is never
You mean Category X I assume...
Craig
P.S. One more note: I've been unable to get a timely response from
the Java SE folks regarding licensing of the two remaining dtd files.
Hopefully there will be a reply shortly...
> http://java.sun.com/dtd/properties.dtd
> http://java.sun.com/dtd/preferences.dtd
> OK", and "Category B is up to the PMC, with the following
> guidance...".
>
> - Sam Ruby
>
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only. Statements made on this list are not privileged, do not
> constitute legal advice, and do not necessarily reflect the opinions
> and policies of the ASF. See <http://www.apache.org/licenses/> for
> official ASF policies and documents.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
Craig Russell
Architect, Sun Java Enterprise System http://java.sun.com/products/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Craig L Russell <Cr...@Sun.COM>.
On Aug 9, 2007, at 6:50 PM, Sam Ruby wrote:
> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>
>> I'm a bit confused though about the inclusion of cddl xsds in apache
>> svn since IIUC you have indicated xsds are definitely "source
>> code" (I completely agree) and the draft 3rd party licensing page
>> says cddl source can't be in apache releases. It doesn't say whether
>> a few files can be in svn or not AFAICT but that certainly looks like
>> it would prohibit shipping an asf jar with any cddl xsds in it.
>
> I've updated the draft 3rd party licensing page:
>
> http://people.apache.org/~rubys/3party.html
+1
Thanks for the update, Sam!
IIUC, Geronimo makes two uses of the CDDL-licensed xsd files.
1. The unmodified xsd files are available to the xml parser to avoid
downloading the files from the internet during operation.
2. The unmodified xsd files are "compiled" into Java classes which
are then compiled into binary form for execution.
The new policy seems to address both cases, assuming that Geronimo
chooses to update their copies of the files to the CDDL-licensed
versions.
> The longer term intent is to revise the document to say something
> along the lines of "Category A is always OK",
> "Category C is never
You mean Category X I assume...
Craig
P.S. One more note: I've been unable to get a timely response from
the Java SE folks regarding licensing of the two remaining dtd files.
Hopefully there will be a reply shortly...
> http://java.sun.com/dtd/properties.dtd
> http://java.sun.com/dtd/preferences.dtd
> OK", and "Category B is up to the PMC, with the following
> guidance...".
>
> - Sam Ruby
>
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only. Statements made on this list are not privileged, do not
> constitute legal advice, and do not necessarily reflect the opinions
> and policies of the ASF. See <http://www.apache.org/licenses/> for
> official ASF policies and documents.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
Craig Russell
Architect, Sun Java Enterprise System http://java.sun.com/products/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Sam Ruby <ru...@intertwingly.net>.
On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>
> I'm a bit confused though about the inclusion of cddl xsds in apache
> svn since IIUC you have indicated xsds are definitely "source
> code" (I completely agree) and the draft 3rd party licensing page
> says cddl source can't be in apache releases. It doesn't say whether
> a few files can be in svn or not AFAICT but that certainly looks like
> it would prohibit shipping an asf jar with any cddl xsds in it.
I've updated the draft 3rd party licensing page:
http://people.apache.org/~rubys/3party.html
The longer term intent is to revise the document to say something
along the lines of "Category A is always OK", "Category C is never
OK", and "Category B is up to the PMC, with the following
guidance...".
- Sam Ruby
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by David Jencks <da...@yahoo.com>.
On Aug 4, 2007, at 12:50 PM, Sam Ruby wrote:
> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>
>> As I see it there are two kinds of questions I'm asking:
>>
>> 1. Are the 6 questionable jars (4 I already mentioned plus a servlet
>> spec jar with some retyped sun xsds and dtds) OK to release?
>> Obviously the geronimo PMC thought so but this conversation has
>> thrown that into doubt as far as I am concerned. Is there some
>> information you (or anyone else) would like in order to give an
>> opinion? I tried to explain the process used to generate these jars
>> and the thinking behind the process already. Note that none of these
>> jars start from the cddl licensed sun schemas, they all start from or
>> relate to the pre-cddl schemas. I don't see these questions as being
>> hypothetical, and I hope 6 jars isn't a dump truck. The servlet spec
>> jar under vote is at http://people.apache.org/~mcconne/geronimo-
>> servlet_2.5_spec-1.1.tar.gz. The vote passed but AFAICT it has not
>> yet been called or the artifact actually released.
>
> Legally, yes.
>
> Now onto the next question. Have you documented this in a way that
> users of Geronimo codebase are aware of the composition of the
> package? Given the answer below, I'll presume no; so let's move onto
> the next problem. After we are done we can come back to this one.
Note that the jars under discussion all relate to the pre-cddl
licensed xsds, so I don't think the hypothetical questions following
(2) are relevant to these particular jars.
The jars containing source and compiled xmlbeans generated jars
include the standard ASL1 license and notice files. To the best of
our knowledge they dont contain any text such as comments from the
sun schemas (we recently discovered that the binary files generated
by xmlbeans by default contain the comments from the source and took
steps to configure xmlbeans to leave them out). I guess we could
include a comment explaining how we got them, but if the asl2
licensing is really correct I don't exactly see why that would be
required.
The servlet spec jar contains the standard apache license and notice
files and the hand-typed schemas start out similar to this:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed
with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License,
Version 2.0
(the "License"); you may not use this file except in compliance
with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<xsd:schema xmlns="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://java.sun.com/xml/ns/javaee"
xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
attributeFormDefault="unqualified" version="2.5">
<!--
** This is the Web Application 2.5 XSD with only the
required elements to support an implementation.
** Please see http://java.sun.com/xml/ns/javaee/web-
app_2_5.xsd for a fully documented and latest
** XSD.
-->
If these files are legally OK, I can't see why we would need any
other notice. If they are not legally OK, then we need to change
them and figure out what kind of notice is appropriate. Our position
has been that the stripped down xsds are required to implement a
compliant javaee product, which we have a license to do, so the sun
legalese must be talking about the text bits that aren't needed and
we left out.
That's the state of the non-cddl-questions about the current
stuff ... onto the hypothetical future.
>
>> 2. Hypothetically, starting from the cddl licensed schemas, what can
>> we generate from them, what can we include in apache svn and
>> releases, and what license is any of this under? The geronimo pmc
>> has previously thought that generated source was under asl. Craig is
>> claiming that generated source is cddl, however as I tried to explain
>> this point of view seems to me to lead to the entire server being
>> required to be cddl. In other words I think either Craig is wrong or
>> apache can't develop any javaee products. In addition I think
>> Craig's argument applied to the pre-cddl xsds would entirely prevent
>> apache releasing any j2ee or javaee products whatsoever.
>
> So, the entire server is generated from these XSDs? Sweet! Must be
> one kick ass generator. :-)
>
> Let's assume for the moment that Craig is correct (I believe that
> section 3.5(*) of the license contradicts this interpretation). Even
> assuming that, how do you the leap from generated artifacts being CDDL
> to entire server?
The only way I can make sense of Craig's argument is that the CDDL
applies to the information content of the schemas, not any particular
representation of that information content. As such any compliant
implementation has to include that information content throughout a
large part of its core functionality, so most of the source files are
going to need to be cddl licensed since they are going to contains
bits of that information content. If anyone thinks this isn't what
Craig's argument means, please explain how to draw the line between
cddl and non-cddl in the 5 examples I presented earlier.
>
>> Following onto 2, sometimes there are mistakes in the sun schemas
>> that, well, prevent using them directly in completely compliant
>> implementations. For instance the web-app-2.5.xsd had a incorrect
>> regular expression for http-method. Assuming we eventually do use
>> the cddl licensed schemas, and these are in publicly accessible
>> apache svn, can we fix these errors?
>
> Legally, as long as you comply with the CDDL license (in particular,
> note sections 3.1 and 3.3(*)), yes.
>
> Now as to ASF policy; in general ASF SVN repositories are for the
> development of code under the Apache License. I don't believe a few
> files that are clearly marked would substantially change the fact that
> the Geronimo SVN meets that criteria. If you do proceed to do this,
> mention it in the next regularly scheduled board report and move on.
I think the latest sun web-app schema has actually fixed this mistake
so we will burn this bridge when we come to it in the future.
I'm a bit confused though about the inclusion of cddl xsds in apache
svn since IIUC you have indicated xsds are definitely "source
code" (I completely agree) and the draft 3rd party licensing page
says cddl source can't be in apache releases. It doesn't say whether
a few files can be in svn or not AFAICT but that certainly looks like
it would prohibit shipping an asf jar with any cddl xsds in it.
thanks
david jencks
>
> - Sam Ruby
>
> (*) http://www.sun.com/cddl/cddl.html
>
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only. Statements made on this list are not privileged, do not
> constitute legal advice, and do not necessarily reflect the opinions
> and policies of the ASF. See <http://www.apache.org/licenses/> for
> official ASF policies and documents.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by David Jencks <da...@yahoo.com>.
On Aug 4, 2007, at 12:50 PM, Sam Ruby wrote:
> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>
>> As I see it there are two kinds of questions I'm asking:
>>
>> 1. Are the 6 questionable jars (4 I already mentioned plus a servlet
>> spec jar with some retyped sun xsds and dtds) OK to release?
>> Obviously the geronimo PMC thought so but this conversation has
>> thrown that into doubt as far as I am concerned. Is there some
>> information you (or anyone else) would like in order to give an
>> opinion? I tried to explain the process used to generate these jars
>> and the thinking behind the process already. Note that none of these
>> jars start from the cddl licensed sun schemas, they all start from or
>> relate to the pre-cddl schemas. I don't see these questions as being
>> hypothetical, and I hope 6 jars isn't a dump truck. The servlet spec
>> jar under vote is at http://people.apache.org/~mcconne/geronimo-
>> servlet_2.5_spec-1.1.tar.gz. The vote passed but AFAICT it has not
>> yet been called or the artifact actually released.
>
> Legally, yes.
>
> Now onto the next question. Have you documented this in a way that
> users of Geronimo codebase are aware of the composition of the
> package? Given the answer below, I'll presume no; so let's move onto
> the next problem. After we are done we can come back to this one.
Note that the jars under discussion all relate to the pre-cddl
licensed xsds, so I don't think the hypothetical questions following
(2) are relevant to these particular jars.
The jars containing source and compiled xmlbeans generated jars
include the standard ASL1 license and notice files. To the best of
our knowledge they dont contain any text such as comments from the
sun schemas (we recently discovered that the binary files generated
by xmlbeans by default contain the comments from the source and took
steps to configure xmlbeans to leave them out). I guess we could
include a comment explaining how we got them, but if the asl2
licensing is really correct I don't exactly see why that would be
required.
The servlet spec jar contains the standard apache license and notice
files and the hand-typed schemas start out similar to this:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed
with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License,
Version 2.0
(the "License"); you may not use this file except in compliance
with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<xsd:schema xmlns="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://java.sun.com/xml/ns/javaee"
xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
attributeFormDefault="unqualified" version="2.5">
<!--
** This is the Web Application 2.5 XSD with only the
required elements to support an implementation.
** Please see http://java.sun.com/xml/ns/javaee/web-
app_2_5.xsd for a fully documented and latest
** XSD.
-->
If these files are legally OK, I can't see why we would need any
other notice. If they are not legally OK, then we need to change
them and figure out what kind of notice is appropriate. Our position
has been that the stripped down xsds are required to implement a
compliant javaee product, which we have a license to do, so the sun
legalese must be talking about the text bits that aren't needed and
we left out.
That's the state of the non-cddl-questions about the current
stuff ... onto the hypothetical future.
>
>> 2. Hypothetically, starting from the cddl licensed schemas, what can
>> we generate from them, what can we include in apache svn and
>> releases, and what license is any of this under? The geronimo pmc
>> has previously thought that generated source was under asl. Craig is
>> claiming that generated source is cddl, however as I tried to explain
>> this point of view seems to me to lead to the entire server being
>> required to be cddl. In other words I think either Craig is wrong or
>> apache can't develop any javaee products. In addition I think
>> Craig's argument applied to the pre-cddl xsds would entirely prevent
>> apache releasing any j2ee or javaee products whatsoever.
>
> So, the entire server is generated from these XSDs? Sweet! Must be
> one kick ass generator. :-)
>
> Let's assume for the moment that Craig is correct (I believe that
> section 3.5(*) of the license contradicts this interpretation). Even
> assuming that, how do you the leap from generated artifacts being CDDL
> to entire server?
The only way I can make sense of Craig's argument is that the CDDL
applies to the information content of the schemas, not any particular
representation of that information content. As such any compliant
implementation has to include that information content throughout a
large part of its core functionality, so most of the source files are
going to need to be cddl licensed since they are going to contains
bits of that information content. If anyone thinks this isn't what
Craig's argument means, please explain how to draw the line between
cddl and non-cddl in the 5 examples I presented earlier.
>
>> Following onto 2, sometimes there are mistakes in the sun schemas
>> that, well, prevent using them directly in completely compliant
>> implementations. For instance the web-app-2.5.xsd had a incorrect
>> regular expression for http-method. Assuming we eventually do use
>> the cddl licensed schemas, and these are in publicly accessible
>> apache svn, can we fix these errors?
>
> Legally, as long as you comply with the CDDL license (in particular,
> note sections 3.1 and 3.3(*)), yes.
>
> Now as to ASF policy; in general ASF SVN repositories are for the
> development of code under the Apache License. I don't believe a few
> files that are clearly marked would substantially change the fact that
> the Geronimo SVN meets that criteria. If you do proceed to do this,
> mention it in the next regularly scheduled board report and move on.
I think the latest sun web-app schema has actually fixed this mistake
so we will burn this bridge when we come to it in the future.
I'm a bit confused though about the inclusion of cddl xsds in apache
svn since IIUC you have indicated xsds are definitely "source
code" (I completely agree) and the draft 3rd party licensing page
says cddl source can't be in apache releases. It doesn't say whether
a few files can be in svn or not AFAICT but that certainly looks like
it would prohibit shipping an asf jar with any cddl xsds in it.
thanks
david jencks
>
> - Sam Ruby
>
> (*) http://www.sun.com/cddl/cddl.html
>
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only. Statements made on this list are not privileged, do not
> constitute legal advice, and do not necessarily reflect the opinions
> and policies of the ASF. See <http://www.apache.org/licenses/> for
> official ASF policies and documents.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Sam Ruby <ru...@apache.org>.
On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>
> As I see it there are two kinds of questions I'm asking:
>
> 1. Are the 6 questionable jars (4 I already mentioned plus a servlet
> spec jar with some retyped sun xsds and dtds) OK to release?
> Obviously the geronimo PMC thought so but this conversation has
> thrown that into doubt as far as I am concerned. Is there some
> information you (or anyone else) would like in order to give an
> opinion? I tried to explain the process used to generate these jars
> and the thinking behind the process already. Note that none of these
> jars start from the cddl licensed sun schemas, they all start from or
> relate to the pre-cddl schemas. I don't see these questions as being
> hypothetical, and I hope 6 jars isn't a dump truck. The servlet spec
> jar under vote is at http://people.apache.org/~mcconne/geronimo-
> servlet_2.5_spec-1.1.tar.gz. The vote passed but AFAICT it has not
> yet been called or the artifact actually released.
Legally, yes.
Now onto the next question. Have you documented this in a way that
users of Geronimo codebase are aware of the composition of the
package? Given the answer below, I'll presume no; so let's move onto
the next problem. After we are done we can come back to this one.
> 2. Hypothetically, starting from the cddl licensed schemas, what can
> we generate from them, what can we include in apache svn and
> releases, and what license is any of this under? The geronimo pmc
> has previously thought that generated source was under asl. Craig is
> claiming that generated source is cddl, however as I tried to explain
> this point of view seems to me to lead to the entire server being
> required to be cddl. In other words I think either Craig is wrong or
> apache can't develop any javaee products. In addition I think
> Craig's argument applied to the pre-cddl xsds would entirely prevent
> apache releasing any j2ee or javaee products whatsoever.
So, the entire server is generated from these XSDs? Sweet! Must be
one kick ass generator. :-)
Let's assume for the moment that Craig is correct (I believe that
section 3.5(*) of the license contradicts this interpretation). Even
assuming that, how do you the leap from generated artifacts being CDDL
to entire server?
> Following onto 2, sometimes there are mistakes in the sun schemas
> that, well, prevent using them directly in completely compliant
> implementations. For instance the web-app-2.5.xsd had a incorrect
> regular expression for http-method. Assuming we eventually do use
> the cddl licensed schemas, and these are in publicly accessible
> apache svn, can we fix these errors?
Legally, as long as you comply with the CDDL license (in particular,
note sections 3.1 and 3.3(*)), yes.
Now as to ASF policy; in general ASF SVN repositories are for the
development of code under the Apache License. I don't believe a few
files that are clearly marked would substantially change the fact that
the Geronimo SVN meets that criteria. If you do proceed to do this,
mention it in the next regularly scheduled board report and move on.
- Sam Ruby
(*) http://www.sun.com/cddl/cddl.html
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Sam Ruby <ru...@apache.org>.
On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>
> As I see it there are two kinds of questions I'm asking:
>
> 1. Are the 6 questionable jars (4 I already mentioned plus a servlet
> spec jar with some retyped sun xsds and dtds) OK to release?
> Obviously the geronimo PMC thought so but this conversation has
> thrown that into doubt as far as I am concerned. Is there some
> information you (or anyone else) would like in order to give an
> opinion? I tried to explain the process used to generate these jars
> and the thinking behind the process already. Note that none of these
> jars start from the cddl licensed sun schemas, they all start from or
> relate to the pre-cddl schemas. I don't see these questions as being
> hypothetical, and I hope 6 jars isn't a dump truck. The servlet spec
> jar under vote is at http://people.apache.org/~mcconne/geronimo-
> servlet_2.5_spec-1.1.tar.gz. The vote passed but AFAICT it has not
> yet been called or the artifact actually released.
Legally, yes.
Now onto the next question. Have you documented this in a way that
users of Geronimo codebase are aware of the composition of the
package? Given the answer below, I'll presume no; so let's move onto
the next problem. After we are done we can come back to this one.
> 2. Hypothetically, starting from the cddl licensed schemas, what can
> we generate from them, what can we include in apache svn and
> releases, and what license is any of this under? The geronimo pmc
> has previously thought that generated source was under asl. Craig is
> claiming that generated source is cddl, however as I tried to explain
> this point of view seems to me to lead to the entire server being
> required to be cddl. In other words I think either Craig is wrong or
> apache can't develop any javaee products. In addition I think
> Craig's argument applied to the pre-cddl xsds would entirely prevent
> apache releasing any j2ee or javaee products whatsoever.
So, the entire server is generated from these XSDs? Sweet! Must be
one kick ass generator. :-)
Let's assume for the moment that Craig is correct (I believe that
section 3.5(*) of the license contradicts this interpretation). Even
assuming that, how do you the leap from generated artifacts being CDDL
to entire server?
> Following onto 2, sometimes there are mistakes in the sun schemas
> that, well, prevent using them directly in completely compliant
> implementations. For instance the web-app-2.5.xsd had a incorrect
> regular expression for http-method. Assuming we eventually do use
> the cddl licensed schemas, and these are in publicly accessible
> apache svn, can we fix these errors?
Legally, as long as you comply with the CDDL license (in particular,
note sections 3.1 and 3.3(*)), yes.
Now as to ASF policy; in general ASF SVN repositories are for the
development of code under the Apache License. I don't believe a few
files that are clearly marked would substantially change the fact that
the Geronimo SVN meets that criteria. If you do proceed to do this,
mention it in the next regularly scheduled board report and move on.
- Sam Ruby
(*) http://www.sun.com/cddl/cddl.html
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Craig L Russell <Cr...@Sun.COM>.
Let me first point out that I'm not acting in any official Sun
capacity here. I'm just an Apache guy with an opinion but with no
legal training.
On Aug 5, 2007, at 12:14 AM, David Jencks wrote:
>
> On Aug 4, 2007, at 2:55 PM, Craig L Russell wrote:
>>
>> On Aug 4, 2007, at 12:15 PM, David Jencks wrote:
>>
>>> 2. Hypothetically, starting from the cddl licensed schemas, what
>>> can we generate from them, what can we include in apache svn and
>>> releases, and what license is any of this under? The geronimo
>>> pmc has previously thought that generated source was under asl.
>>
>> If you can clarify what you mean by "generated source" I can
>> respond to this. Seems to be an oxymoron. You were earlier talking
>> about some Java files that were generated by an xml-to-java tool.
>> Are these what you mean by "generated source"?
>
> Starting from one or more schemas, xmlbeans can generate a bunch
> of .java java source files. Similarly jaxb can, starting with one
> or more schemas, generate a bunch of .java java source files. In
> particular, as I would have thought was clear from all the
> discussion, I was thinking of the source jars geronimo was voting
> on that contain java source generated by xmlbeans from the pre-cddl
> sun schemas.
Ok, thanks for clarifying that. I was confused because we had been
talking about xml and xsd files as if they were source and I just
wanted to make sure we were talking about the same thing.
So regarding the generated source files. If these were created from
files with a clear license, then the license terms of the original
files whence the generated sources were generated would apply. In the
case of CDDL, there is a section 3 governing distribution
requirements. (Among other things, these require that the original,
CDDL-licensed version be available in source form with its original
CDDL license).
>
> IMO it can't possibly matter how these files were arrived at: if we
> have a license to implement a javaee spec,
So there is a license for you to implement a JCP spec. That would be
the specification license, which I haven't heard discussed here as
the rationale for shipping code. If the code referenced the
specification license, I'd be ok with it. But a specification license
is not ALv2 the last time I read both, side by side.
> and that spec has an xsd that describes information needed to
> implement the spec, then our implementation must contain code that
> stores that same information as is described by the spec, and must
> contain code that translates the information from a valid document
> per the spec into the data structures defined by the code.
>
> We get to license all that under asl,
I don't follow this leap. I hear you claiming that anything you copy
from a JCP specification can be licensed under ALv2 and I just don't
see anything in the spec license that would permit that. The spec
licenses from Sun have evolved so we would have to look at the
license under which the specifications were released to see if they
contain sub-licensing clauses. One I'm looking at right now contains
language restricting sub-licensing [1].
What I thought was a step in the right direction was to get Sun to
license the required specification code under a more permissive
license than the specification license, and that's why I thought that
the CDDL license would be a good thing.
> no matter how we create the code, whether its apache committers
> writing it after deep analysis, xmlbeans, jaxb, or a bunch of
> monkeys with typewriters.
I do make the distinction between copying files from a distribution
versus deep analysis, hand-coded Java classes, or monkeys at a
typewriter. Of course with the monkey technology you might spend a
lot of time looking through their failed efforts to find files that
passed the tck.
You might claim "fair use" to excerpt parts of the specification for
your own work, but I still fail to see how it is proper to copy files
byte-for-byte without attribution.
>
> If you disagree with this point of view, I'd like to know how
> apache could have a pre-cddl j2ee server and how it could now have
> a non-cddl javaee server. I've asked this quite a few times now
> with no response. Am I being that unclear?
Well, I wasn't around when the original Geronimo licensing
arrangements were being negotiated, so I don't know how the decision
was arrived at to license the xsd and dtd files under an ALv2. But
Apache is all about provenance of code, and to me it's clear that
copying code and not attributing it properly is not ok.
Bottom line,
Regards,
Craig
>
> thanks
> david jencks
[1] Excerpt from a specification license used at least once by Sun
License for the Distribution of Compliant Implementations. Sun also
grants
you a perpetual, non-exclusive, non-transferable, worldwide, fully
paid-up,
royalty free, limited license (without the right to sublicense) under
any
applicable copyrights or, subject to the provisions of subsection 4
below,
patent rights it may have covering the Specification to create and/or
distribute
an Independent Implementation of the Specification that: (a) fully
implements
the Specification including all its required interfaces and
functionality; (b)
does not modify, subset, superset or otherwise extend the Licensor
Name Space,
or include any public or protected packages, classes, Java
interfaces, fields or
methods within the Licensor Name Space other than those required/
authorized by
the Specification or Specifications being implemented; and (c) passes
the
Technology Compatibility Kit (including satisfying the requirements
of the
applicable TCK Users Guide) for such Specification ("Compliant
Implementation").
In addition, the foregoing license is expressly conditioned on your
not acting
outside its scope. No license is granted hereunder for any other purpose
(including, for example, modifying the Specification, other than to
the extent
of your fair use rights, or distributing the Specification to third
parties).
Craig Russell
DB PMC, OpenJPA PMC
clr@apache.org http://db.apache.org/jdo
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Craig L Russell <Cr...@Sun.COM>.
On Aug 4, 2007, at 12:15 PM, David Jencks wrote:
> 2. Hypothetically, starting from the cddl licensed schemas, what
> can we generate from them, what can we include in apache svn and
> releases, and what license is any of this under? The geronimo pmc
> has previously thought that generated source was under asl.
If you can clarify what you mean by "generated source" I can respond
to this. Seems to be an oxymoron. You were earlier talking about some
Java files that were generated by an xml-to-java tool. Are these what
you mean by "generated source"?
Craig Russell
DB PMC, OpenJPA PMC
clr@apache.org http://db.apache.org/jdo
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Craig L Russell <Cr...@Sun.COM>.
On Aug 4, 2007, at 12:15 PM, David Jencks wrote:
> 2. Hypothetically, starting from the cddl licensed schemas, what
> can we generate from them, what can we include in apache svn and
> releases, and what license is any of this under? The geronimo pmc
> has previously thought that generated source was under asl.
If you can clarify what you mean by "generated source" I can respond
to this. Seems to be an oxymoron. You were earlier talking about some
Java files that were generated by an xml-to-java tool. Are these what
you mean by "generated source"?
Craig Russell
DB PMC, OpenJPA PMC
clr@apache.org http://db.apache.org/jdo
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by David Jencks <da...@yahoo.com>.
On Aug 4, 2007, at 4:23 AM, Sam Ruby wrote:
> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>
>> BTW, the theory under which we (geronimo) has been operating is that
>> the sun copyright and legal statements apply to the text
>> documentation in the schemas and that once that is removed the rest
>> forms a part of the javaee specifications that we have a license to
>> implement, so we can translate it by any means we want (such as
>> xmlbeans, jaxb, castor, etc etc) to produce source code or class
>> files or pretty much anything else. I don't see how it's possible to
>> implement the specification without this: IMO without this
>> interpretation any javaee product must be cddl.
>
> I acknowledge that there was a time critical question in the portions
> that I snipped, but first I think that it is important that we come to
> a common understanding of what the problem is. Given that there are
> lawyers on this list, I'm sure that somebody will point out the
> thousands of tiny mistakes that I'm about to make, but I'm confident
> that I have the broad brush strokes right, so here goes...
>
> In order for us to legally distribute some Work, we must comply with
> all the terms and conditions in the licenses that contribute to that
> work. That's it. End of sentence.
>
> Presuming that we do that, do we have the right to distribute code
> under the CDDL? Yes, absolutely. Are there any terms or conditions
> in CDDL that we would find overly burdensome to *us* (the ones
> releasing the software)? Absolutely not.
>
> Furthermore, we even have the rights to distribute the version of XSDs
> that SUN PROPRIETARY/CONFIDENTIAL, even though Sun labeling it so
> brings into doubt what their true intentions were in licensing this
> materials, which makes our ability to demonstrate that we have
> complied with their intentions harder. Note that I said harder, I
> didn't say impossible. We have ample documentation to demonstrate
> that the ASF has the right to ship these XSDs, but who wants to have
> to go and explain all this time and time again, potentially to each
> and every new user of Geronimo?
>
> Back to CDDL. I have no personal knowledge as to why Sun picked this
> particular license, but let's look at it in context. Each of the XSDs
> in question represents a machine readable codification of a portion of
> a standard. As a standard means that you and I do something the same
> way, any modification means that you and I are doing something
> different, so it isn't a standard. So, effectively, we are taking
> these sources in and agreeing not to modify them, which makes them not
> open source. If you think we have heartburn on CDDL, think about the
> idea of the ASF shipping code that contains portions that are not open
> source.
>
> But, we are not about to say that standards are not a good thing. To
> the contrary.
>
> This is all absurd. You can see the source. You can change it, as
> long as you don't claim compatibility. Now, with CDDL, that is
> explicit. Yea!
>
> So, what's the problem here?
>
> The problem isn't with Sun. The problem is with the ASF. The ASF is
> about community (how we develop software) and license (what we permit
> users of our code to do).
>
> Our license is part of who we are. Others may distribute things under
> different licenses, and that, in part, defines who they are.
>
> Our license intentionally allows users to modify, sublicense, and
> distribute our code. All of it. If people want to contribute back
> their changes to us, they can join our communities. If people want to
> release their changes under their own license, they can do that too.
> If people want to retain their changes and only distribute binaries,
> that's OK too.
>
> Most of our code bases make it easy for our users. Everything comes
> under one license. A license that it relatively short, and well
> understood.
>
> Geronimo isn't one of those code bases. It contains many parts from
> many sources. In releasing Geronimo, we need to make sure that all of
> this is crystal clear. The bulk is under the ASF license, and people
> are free to modify that bulk as they see fit. Some portions are
> packaged with the distribution as a convenience (or in the case of
> these XSDs, as a necessity), but none of these subcomponents impose
> any additional restrictions on what you can do with the code that we
> produce, and all of it is clearly labeled.
>
> In particular, (and I may just be misreading your statement), it is
> NOT the case that "any javaee product must BE cddl", but rather "any
> javaee product must CONTAIN cddl" (actually, those files can be
> licensed under other licenses, but lets not digress).
>
> So... what is the ASF legal committee and the Geronimo PMC to do?
> Well, again, legally, Geronomo has the right to make releases as long
> as those releases comply with the appropriate licenses, so one could
> make the case that everything from that point on is up to the Geronimo
> PMC. And, in fact, this stuff is complicated enough that how you make
> the determination as to what makes sense in any particular situation
> depends very much on the situation, so again, it is Geronimo's
> problem.
>
> On the other hand, given that this stuff is complicated, it makes
> sense for us to pool our knowledge. Have a central place where
> projects can go to (and contribute back to) where general guidelines
> are captured and interesting special cases are referenced.
>
> Things like "yes, the license for foo.dtd requires people to provide
> source with any changes that they distribute, but project P only uses
> the dtd in a way that consumes the source itself directly at runtime,
> so that requirement doesn't apply in our situation", and "the license
> for bar.xsd requires that people provide source with any changes that
> they make, and we want to make this crystal clear to people. Since
> bar.xsd doesn't change very often, we compile it into .class (or .jar)
> files, and check that into SVN, along with instructions on where to
> find the original sources".
>
> I've rambled for long enough now... so let me close with this: let's
> suppose somebody gets this wrong (it happens). A bug report comes in.
> Where do you think such a bug report would be routed? To the board?
> To the legal committee? To Geronimo? If you guess the third, you
> would be right.
>
> How can I help? Well, for starters, I don't want to spend any of my
> time answering any time critical hypotheticals. Nor do I want
> somebody to back up a dump truck, and say "here's Geronimo, you figure
> it out". But if there are specific questions that we can jointly work
> through, I am here to help.
>
> If this makes sense, we can go back to your specific question(s). If
> not, let's see if we can come to a common understanding of the context
> before we proceed.
>
> Fair enough?
I hope so.
I think we've successfully derailed releasing any of the questionable
geronimo artifacts, so except for the geronimo community wanting to
get out our last years work the time critical element is gone.
As I see it there are two kinds of questions I'm asking:
1. Are the 6 questionable jars (4 I already mentioned plus a servlet
spec jar with some retyped sun xsds and dtds) OK to release?
Obviously the geronimo PMC thought so but this conversation has
thrown that into doubt as far as I am concerned. Is there some
information you (or anyone else) would like in order to give an
opinion? I tried to explain the process used to generate these jars
and the thinking behind the process already. Note that none of these
jars start from the cddl licensed sun schemas, they all start from or
relate to the pre-cddl schemas. I don't see these questions as being
hypothetical, and I hope 6 jars isn't a dump truck. The servlet spec
jar under vote is at http://people.apache.org/~mcconne/geronimo-
servlet_2.5_spec-1.1.tar.gz. The vote passed but AFAICT it has not
yet been called or the artifact actually released.
2. Hypothetically, starting from the cddl licensed schemas, what can
we generate from them, what can we include in apache svn and
releases, and what license is any of this under? The geronimo pmc
has previously thought that generated source was under asl. Craig is
claiming that generated source is cddl, however as I tried to explain
this point of view seems to me to lead to the entire server being
required to be cddl. In other words I think either Craig is wrong or
apache can't develop any javaee products. In addition I think
Craig's argument applied to the pre-cddl xsds would entirely prevent
apache releasing any j2ee or javaee products whatsoever.
Following onto 2, sometimes there are mistakes in the sun schemas
that, well, prevent using them directly in completely compliant
implementations. For instance the web-app-2.5.xsd had a incorrect
regular expression for http-method. Assuming we eventually do use
the cddl licensed schemas, and these are in publicly accessible
apache svn, can we fix these errors?
thanks
david jencks
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by David Jencks <da...@yahoo.com>.
On Aug 4, 2007, at 4:23 AM, Sam Ruby wrote:
> On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>>
>> BTW, the theory under which we (geronimo) has been operating is that
>> the sun copyright and legal statements apply to the text
>> documentation in the schemas and that once that is removed the rest
>> forms a part of the javaee specifications that we have a license to
>> implement, so we can translate it by any means we want (such as
>> xmlbeans, jaxb, castor, etc etc) to produce source code or class
>> files or pretty much anything else. I don't see how it's possible to
>> implement the specification without this: IMO without this
>> interpretation any javaee product must be cddl.
>
> I acknowledge that there was a time critical question in the portions
> that I snipped, but first I think that it is important that we come to
> a common understanding of what the problem is. Given that there are
> lawyers on this list, I'm sure that somebody will point out the
> thousands of tiny mistakes that I'm about to make, but I'm confident
> that I have the broad brush strokes right, so here goes...
>
> In order for us to legally distribute some Work, we must comply with
> all the terms and conditions in the licenses that contribute to that
> work. That's it. End of sentence.
>
> Presuming that we do that, do we have the right to distribute code
> under the CDDL? Yes, absolutely. Are there any terms or conditions
> in CDDL that we would find overly burdensome to *us* (the ones
> releasing the software)? Absolutely not.
>
> Furthermore, we even have the rights to distribute the version of XSDs
> that SUN PROPRIETARY/CONFIDENTIAL, even though Sun labeling it so
> brings into doubt what their true intentions were in licensing this
> materials, which makes our ability to demonstrate that we have
> complied with their intentions harder. Note that I said harder, I
> didn't say impossible. We have ample documentation to demonstrate
> that the ASF has the right to ship these XSDs, but who wants to have
> to go and explain all this time and time again, potentially to each
> and every new user of Geronimo?
>
> Back to CDDL. I have no personal knowledge as to why Sun picked this
> particular license, but let's look at it in context. Each of the XSDs
> in question represents a machine readable codification of a portion of
> a standard. As a standard means that you and I do something the same
> way, any modification means that you and I are doing something
> different, so it isn't a standard. So, effectively, we are taking
> these sources in and agreeing not to modify them, which makes them not
> open source. If you think we have heartburn on CDDL, think about the
> idea of the ASF shipping code that contains portions that are not open
> source.
>
> But, we are not about to say that standards are not a good thing. To
> the contrary.
>
> This is all absurd. You can see the source. You can change it, as
> long as you don't claim compatibility. Now, with CDDL, that is
> explicit. Yea!
>
> So, what's the problem here?
>
> The problem isn't with Sun. The problem is with the ASF. The ASF is
> about community (how we develop software) and license (what we permit
> users of our code to do).
>
> Our license is part of who we are. Others may distribute things under
> different licenses, and that, in part, defines who they are.
>
> Our license intentionally allows users to modify, sublicense, and
> distribute our code. All of it. If people want to contribute back
> their changes to us, they can join our communities. If people want to
> release their changes under their own license, they can do that too.
> If people want to retain their changes and only distribute binaries,
> that's OK too.
>
> Most of our code bases make it easy for our users. Everything comes
> under one license. A license that it relatively short, and well
> understood.
>
> Geronimo isn't one of those code bases. It contains many parts from
> many sources. In releasing Geronimo, we need to make sure that all of
> this is crystal clear. The bulk is under the ASF license, and people
> are free to modify that bulk as they see fit. Some portions are
> packaged with the distribution as a convenience (or in the case of
> these XSDs, as a necessity), but none of these subcomponents impose
> any additional restrictions on what you can do with the code that we
> produce, and all of it is clearly labeled.
>
> In particular, (and I may just be misreading your statement), it is
> NOT the case that "any javaee product must BE cddl", but rather "any
> javaee product must CONTAIN cddl" (actually, those files can be
> licensed under other licenses, but lets not digress).
>
> So... what is the ASF legal committee and the Geronimo PMC to do?
> Well, again, legally, Geronomo has the right to make releases as long
> as those releases comply with the appropriate licenses, so one could
> make the case that everything from that point on is up to the Geronimo
> PMC. And, in fact, this stuff is complicated enough that how you make
> the determination as to what makes sense in any particular situation
> depends very much on the situation, so again, it is Geronimo's
> problem.
>
> On the other hand, given that this stuff is complicated, it makes
> sense for us to pool our knowledge. Have a central place where
> projects can go to (and contribute back to) where general guidelines
> are captured and interesting special cases are referenced.
>
> Things like "yes, the license for foo.dtd requires people to provide
> source with any changes that they distribute, but project P only uses
> the dtd in a way that consumes the source itself directly at runtime,
> so that requirement doesn't apply in our situation", and "the license
> for bar.xsd requires that people provide source with any changes that
> they make, and we want to make this crystal clear to people. Since
> bar.xsd doesn't change very often, we compile it into .class (or .jar)
> files, and check that into SVN, along with instructions on where to
> find the original sources".
>
> I've rambled for long enough now... so let me close with this: let's
> suppose somebody gets this wrong (it happens). A bug report comes in.
> Where do you think such a bug report would be routed? To the board?
> To the legal committee? To Geronimo? If you guess the third, you
> would be right.
>
> How can I help? Well, for starters, I don't want to spend any of my
> time answering any time critical hypotheticals. Nor do I want
> somebody to back up a dump truck, and say "here's Geronimo, you figure
> it out". But if there are specific questions that we can jointly work
> through, I am here to help.
>
> If this makes sense, we can go back to your specific question(s). If
> not, let's see if we can come to a common understanding of the context
> before we proceed.
>
> Fair enough?
I hope so.
I think we've successfully derailed releasing any of the questionable
geronimo artifacts, so except for the geronimo community wanting to
get out our last years work the time critical element is gone.
As I see it there are two kinds of questions I'm asking:
1. Are the 6 questionable jars (4 I already mentioned plus a servlet
spec jar with some retyped sun xsds and dtds) OK to release?
Obviously the geronimo PMC thought so but this conversation has
thrown that into doubt as far as I am concerned. Is there some
information you (or anyone else) would like in order to give an
opinion? I tried to explain the process used to generate these jars
and the thinking behind the process already. Note that none of these
jars start from the cddl licensed sun schemas, they all start from or
relate to the pre-cddl schemas. I don't see these questions as being
hypothetical, and I hope 6 jars isn't a dump truck. The servlet spec
jar under vote is at http://people.apache.org/~mcconne/geronimo-
servlet_2.5_spec-1.1.tar.gz. The vote passed but AFAICT it has not
yet been called or the artifact actually released.
2. Hypothetically, starting from the cddl licensed schemas, what can
we generate from them, what can we include in apache svn and
releases, and what license is any of this under? The geronimo pmc
has previously thought that generated source was under asl. Craig is
claiming that generated source is cddl, however as I tried to explain
this point of view seems to me to lead to the entire server being
required to be cddl. In other words I think either Craig is wrong or
apache can't develop any javaee products. In addition I think
Craig's argument applied to the pre-cddl xsds would entirely prevent
apache releasing any j2ee or javaee products whatsoever.
Following onto 2, sometimes there are mistakes in the sun schemas
that, well, prevent using them directly in completely compliant
implementations. For instance the web-app-2.5.xsd had a incorrect
regular expression for http-method. Assuming we eventually do use
the cddl licensed schemas, and these are in publicly accessible
apache svn, can we fix these errors?
thanks
david jencks
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Sam Ruby <ru...@apache.org>.
On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>
> BTW, the theory under which we (geronimo) has been operating is that
> the sun copyright and legal statements apply to the text
> documentation in the schemas and that once that is removed the rest
> forms a part of the javaee specifications that we have a license to
> implement, so we can translate it by any means we want (such as
> xmlbeans, jaxb, castor, etc etc) to produce source code or class
> files or pretty much anything else. I don't see how it's possible to
> implement the specification without this: IMO without this
> interpretation any javaee product must be cddl.
I acknowledge that there was a time critical question in the portions
that I snipped, but first I think that it is important that we come to
a common understanding of what the problem is. Given that there are
lawyers on this list, I'm sure that somebody will point out the
thousands of tiny mistakes that I'm about to make, but I'm confident
that I have the broad brush strokes right, so here goes...
In order for us to legally distribute some Work, we must comply with
all the terms and conditions in the licenses that contribute to that
work. That's it. End of sentence.
Presuming that we do that, do we have the right to distribute code
under the CDDL? Yes, absolutely. Are there any terms or conditions
in CDDL that we would find overly burdensome to *us* (the ones
releasing the software)? Absolutely not.
Furthermore, we even have the rights to distribute the version of XSDs
that SUN PROPRIETARY/CONFIDENTIAL, even though Sun labeling it so
brings into doubt what their true intentions were in licensing this
materials, which makes our ability to demonstrate that we have
complied with their intentions harder. Note that I said harder, I
didn't say impossible. We have ample documentation to demonstrate
that the ASF has the right to ship these XSDs, but who wants to have
to go and explain all this time and time again, potentially to each
and every new user of Geronimo?
Back to CDDL. I have no personal knowledge as to why Sun picked this
particular license, but let's look at it in context. Each of the XSDs
in question represents a machine readable codification of a portion of
a standard. As a standard means that you and I do something the same
way, any modification means that you and I are doing something
different, so it isn't a standard. So, effectively, we are taking
these sources in and agreeing not to modify them, which makes them not
open source. If you think we have heartburn on CDDL, think about the
idea of the ASF shipping code that contains portions that are not open
source.
But, we are not about to say that standards are not a good thing. To
the contrary.
This is all absurd. You can see the source. You can change it, as
long as you don't claim compatibility. Now, with CDDL, that is
explicit. Yea!
So, what's the problem here?
The problem isn't with Sun. The problem is with the ASF. The ASF is
about community (how we develop software) and license (what we permit
users of our code to do).
Our license is part of who we are. Others may distribute things under
different licenses, and that, in part, defines who they are.
Our license intentionally allows users to modify, sublicense, and
distribute our code. All of it. If people want to contribute back
their changes to us, they can join our communities. If people want to
release their changes under their own license, they can do that too.
If people want to retain their changes and only distribute binaries,
that's OK too.
Most of our code bases make it easy for our users. Everything comes
under one license. A license that it relatively short, and well
understood.
Geronimo isn't one of those code bases. It contains many parts from
many sources. In releasing Geronimo, we need to make sure that all of
this is crystal clear. The bulk is under the ASF license, and people
are free to modify that bulk as they see fit. Some portions are
packaged with the distribution as a convenience (or in the case of
these XSDs, as a necessity), but none of these subcomponents impose
any additional restrictions on what you can do with the code that we
produce, and all of it is clearly labeled.
In particular, (and I may just be misreading your statement), it is
NOT the case that "any javaee product must BE cddl", but rather "any
javaee product must CONTAIN cddl" (actually, those files can be
licensed under other licenses, but lets not digress).
So... what is the ASF legal committee and the Geronimo PMC to do?
Well, again, legally, Geronomo has the right to make releases as long
as those releases comply with the appropriate licenses, so one could
make the case that everything from that point on is up to the Geronimo
PMC. And, in fact, this stuff is complicated enough that how you make
the determination as to what makes sense in any particular situation
depends very much on the situation, so again, it is Geronimo's
problem.
On the other hand, given that this stuff is complicated, it makes
sense for us to pool our knowledge. Have a central place where
projects can go to (and contribute back to) where general guidelines
are captured and interesting special cases are referenced.
Things like "yes, the license for foo.dtd requires people to provide
source with any changes that they distribute, but project P only uses
the dtd in a way that consumes the source itself directly at runtime,
so that requirement doesn't apply in our situation", and "the license
for bar.xsd requires that people provide source with any changes that
they make, and we want to make this crystal clear to people. Since
bar.xsd doesn't change very often, we compile it into .class (or .jar)
files, and check that into SVN, along with instructions on where to
find the original sources".
I've rambled for long enough now... so let me close with this: let's
suppose somebody gets this wrong (it happens). A bug report comes in.
Where do you think such a bug report would be routed? To the board?
To the legal committee? To Geronimo? If you guess the third, you
would be right.
How can I help? Well, for starters, I don't want to spend any of my
time answering any time critical hypotheticals. Nor do I want
somebody to back up a dump truck, and say "here's Geronimo, you figure
it out". But if there are specific questions that we can jointly work
through, I am here to help.
If this makes sense, we can go back to your specific question(s). If
not, let's see if we can come to a common understanding of the context
before we proceed.
Fair enough?
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Sam Ruby <ru...@apache.org>.
On 8/4/07, David Jencks <da...@yahoo.com> wrote:
>
> BTW, the theory under which we (geronimo) has been operating is that
> the sun copyright and legal statements apply to the text
> documentation in the schemas and that once that is removed the rest
> forms a part of the javaee specifications that we have a license to
> implement, so we can translate it by any means we want (such as
> xmlbeans, jaxb, castor, etc etc) to produce source code or class
> files or pretty much anything else. I don't see how it's possible to
> implement the specification without this: IMO without this
> interpretation any javaee product must be cddl.
I acknowledge that there was a time critical question in the portions
that I snipped, but first I think that it is important that we come to
a common understanding of what the problem is. Given that there are
lawyers on this list, I'm sure that somebody will point out the
thousands of tiny mistakes that I'm about to make, but I'm confident
that I have the broad brush strokes right, so here goes...
In order for us to legally distribute some Work, we must comply with
all the terms and conditions in the licenses that contribute to that
work. That's it. End of sentence.
Presuming that we do that, do we have the right to distribute code
under the CDDL? Yes, absolutely. Are there any terms or conditions
in CDDL that we would find overly burdensome to *us* (the ones
releasing the software)? Absolutely not.
Furthermore, we even have the rights to distribute the version of XSDs
that SUN PROPRIETARY/CONFIDENTIAL, even though Sun labeling it so
brings into doubt what their true intentions were in licensing this
materials, which makes our ability to demonstrate that we have
complied with their intentions harder. Note that I said harder, I
didn't say impossible. We have ample documentation to demonstrate
that the ASF has the right to ship these XSDs, but who wants to have
to go and explain all this time and time again, potentially to each
and every new user of Geronimo?
Back to CDDL. I have no personal knowledge as to why Sun picked this
particular license, but let's look at it in context. Each of the XSDs
in question represents a machine readable codification of a portion of
a standard. As a standard means that you and I do something the same
way, any modification means that you and I are doing something
different, so it isn't a standard. So, effectively, we are taking
these sources in and agreeing not to modify them, which makes them not
open source. If you think we have heartburn on CDDL, think about the
idea of the ASF shipping code that contains portions that are not open
source.
But, we are not about to say that standards are not a good thing. To
the contrary.
This is all absurd. You can see the source. You can change it, as
long as you don't claim compatibility. Now, with CDDL, that is
explicit. Yea!
So, what's the problem here?
The problem isn't with Sun. The problem is with the ASF. The ASF is
about community (how we develop software) and license (what we permit
users of our code to do).
Our license is part of who we are. Others may distribute things under
different licenses, and that, in part, defines who they are.
Our license intentionally allows users to modify, sublicense, and
distribute our code. All of it. If people want to contribute back
their changes to us, they can join our communities. If people want to
release their changes under their own license, they can do that too.
If people want to retain their changes and only distribute binaries,
that's OK too.
Most of our code bases make it easy for our users. Everything comes
under one license. A license that it relatively short, and well
understood.
Geronimo isn't one of those code bases. It contains many parts from
many sources. In releasing Geronimo, we need to make sure that all of
this is crystal clear. The bulk is under the ASF license, and people
are free to modify that bulk as they see fit. Some portions are
packaged with the distribution as a convenience (or in the case of
these XSDs, as a necessity), but none of these subcomponents impose
any additional restrictions on what you can do with the code that we
produce, and all of it is clearly labeled.
In particular, (and I may just be misreading your statement), it is
NOT the case that "any javaee product must BE cddl", but rather "any
javaee product must CONTAIN cddl" (actually, those files can be
licensed under other licenses, but lets not digress).
So... what is the ASF legal committee and the Geronimo PMC to do?
Well, again, legally, Geronomo has the right to make releases as long
as those releases comply with the appropriate licenses, so one could
make the case that everything from that point on is up to the Geronimo
PMC. And, in fact, this stuff is complicated enough that how you make
the determination as to what makes sense in any particular situation
depends very much on the situation, so again, it is Geronimo's
problem.
On the other hand, given that this stuff is complicated, it makes
sense for us to pool our knowledge. Have a central place where
projects can go to (and contribute back to) where general guidelines
are captured and interesting special cases are referenced.
Things like "yes, the license for foo.dtd requires people to provide
source with any changes that they distribute, but project P only uses
the dtd in a way that consumes the source itself directly at runtime,
so that requirement doesn't apply in our situation", and "the license
for bar.xsd requires that people provide source with any changes that
they make, and we want to make this crystal clear to people. Since
bar.xsd doesn't change very often, we compile it into .class (or .jar)
files, and check that into SVN, along with instructions on where to
find the original sources".
I've rambled for long enough now... so let me close with this: let's
suppose somebody gets this wrong (it happens). A bug report comes in.
Where do you think such a bug report would be routed? To the board?
To the legal committee? To Geronimo? If you guess the third, you
would be right.
How can I help? Well, for starters, I don't want to spend any of my
time answering any time critical hypotheticals. Nor do I want
somebody to back up a dump truck, and say "here's Geronimo, you figure
it out". But if there are specific questions that we can jointly work
through, I am here to help.
If this makes sense, we can go back to your specific question(s). If
not, let's see if we can come to a common understanding of the context
before we proceed.
Fair enough?
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Kevan Miller <ke...@gmail.com>.
On Aug 4, 2007, at 3:23 AM, David Jencks wrote:
<snip>
>
> OK, on to a more specific and time-critical question.
>
> Geronimo has the pre-cddl j2ee 1.4 and javaee5 schemas in the
> hidden tck svn repo, and we use xmlbeans to generate classes from
> them. Previously we've released source and .class jars for the
> j2ee 1.4 schemas. We are currently voting on new source and .class
> jars for both the j2ee 1.4 and javaee5 schemas. This vote will end
> aug 4 at 7:17 PST and unless we receive clear notice to the
> contrary will be released to the apache maven repo and thence the
> maven central repo shortly thereafter.
> The stuff being voted on is at
> http://people.apache.org/~prasad/geronimo-schema-j2ee_1.4-1.2.tar.gz
> http://people.apache.org/~prasad/geronimo-schema-jee_5-1.1.tar.gz
David,
Given the current state of this discussion, I don't think that the
vote on these releases can be passed. As you have noted on
dev@geronimo the same condition would apply to our geronimo-
servlet_2.5_spec vote. Until we've resolved this CDDL issue, IMO we
won't be able to make these releases. I've noted my opinion on the
relevant vote threads.
--kevan
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF. See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: SUN PROPRIETARY/CONFIDENTIAL code in myfaces
Posted by Kevan Miller <ke...@gmail.com>.
On Aug 4, 2007, at 3:23 AM, David Jencks wrote:
<snip>
>
> OK, on to a more specific and time-critical question.
>
> Geronimo has the pre-cddl j2ee 1.4 and javaee5 schemas in the
> hidden tck svn repo, and we use xmlbeans to generate classes from
> them. Previously we've released source and .class jars for the
> j2ee 1.4 schemas. We are currently voting on new source and .class
> jars for both the j2ee 1.4 and javaee5 schemas. This vote will end
> aug 4 at 7:17 PST and unless we receive clear notice to the
> contrary will be released to the apache maven repo and thence the
> maven central repo shortly thereafter.
> The stuff being voted on is at
> http://people.apache.org/~prasad/geronimo-schema-j2ee_1.4-1.2.tar.gz
> http://people.apache.org/~prasad/geronimo-schema-jee_5-1.1.tar.gz
David,
Given the current state of this discussion, I don't think that the
vote on these releases can be passed. As you have noted on
dev@geronimo the same condition would apply to our geronimo-
servlet_2.5_spec vote. Until we've resolved this CDDL issue, IMO we
won't be able to make these releases. I've noted my opinion on the
relevant vote threads.
--kevan