Notices and Licenses

[Paul King <pa...@asert.com.au>]

I updated the updateLicense task in assemble.gradle (now called updateLicenses) and added an updateNotices task.

If adding/deleting files which have special license requirements you should place/remove the appropriate notice and license information in the root project's notices and licenses directories (follow the conventions of other files), re-run those gradle tasks and then commit the resulting generated files. See also, the readme.txt files in those directories. In some cases, you might need to tweak the assemble.gradle file.

Please feel free to review the logic used in those task definitions and the current generated licenses and notice files. Let me know if you spot any errors or anything missing.

What's still left to do?

* Over time we might want to push some of the license/notice generation down into subprojects and then auto aggregate.

* We might be able to remove some notice info I put in for "deemed-permissive" licenses. Still working on that - might need clarification from Apache legal.

* Using short-form references to licenses is preferred over including full licenses. We should be able to tweak things to use the short-form (at least in some places to start with).

* I was going to do a bit more checking for any bubble-up license/notice requirements from our binary dependencies. So far, I think we might be missing a CDDL license for servlet-api (used by groovy-servlet) and the public domain license for jsr166y (used by GPars). I'll keep investigating.

Cheers, Paul.

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Re: Notices and Licenses

[Pascal Schumacher <pa...@gmx.net>]

Looks very good as far as I can tell.

Thanks!

Cheers,
Pascal

Am 23.07.2015 um 06:53 schrieb Paul King:
>
> I have now removed the notices for "permissive" licenses and adopted 
> short-form
> license referencing where possible.
>
> As part of doing this, I noticed that the grooid jars aren't in the 
> binary zip.
> I made a grooid directory (similar to indy) and put the jars in there. 
> I also
> removed the openbeans jar from the lib directory since it is embedded in
> the grooid jars and I don't believe used anywhere else.
>
> Unless I hear any corrections/objections, I'll merge latest changes 
> back onto
> the 2_4_X branch.
>
> Cheers, Paul.
>
> On 21/07/2015 10:24 PM, Paul King wrote:
>>
>> I updated the updateLicense task in assemble.gradle (now called 
>> updateLicenses) and added an updateNotices task.
>>
>> If adding/deleting files which have special license requirements you 
>> should place/remove the appropriate notice and license information in 
>> the root project's notices and licenses directories (follow the 
>> conventions of other files), re-run those gradle tasks and then 
>> commit the resulting generated files. See also, the readme.txt files 
>> in those directories. In some cases, you might need to tweak the 
>> assemble.gradle file.
>>
>> Please feel free to review the logic used in those task definitions 
>> and the current generated licenses and notice files. Let me know if 
>> you spot any errors or anything missing.
>>
>> What's still left to do?
>>
>> * Over time we might want to push some of the license/notice 
>> generation down into subprojects and then auto aggregate.
>>
>> * We might be able to remove some notice info I put in for 
>> "deemed-permissive" licenses. Still working on that - might need 
>> clarification from Apache legal.
>>
>> * Using short-form references to licenses is preferred over including 
>> full licenses. We should be able to tweak things to use the 
>> short-form (at least in some places to start with).
>>
>> * I was going to do a bit more checking for any bubble-up 
>> license/notice requirements from our binary dependencies. So far, I 
>> think we might be missing a CDDL license for servlet-api (used by 
>> groovy-servlet) and the public domain license for jsr166y (used by 
>> GPars). I'll keep investigating.
>>
>> Cheers, Paul.
>>
>> ---
>> This email has been checked for viruses by Avast antivirus software.
>> https://www.avast.com/antivirus
>>
>>
>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>

Re: Notices and Licenses

[Cédric Champeau <ce...@gmail.com>]

It's good for me. Thanks Paul!
Le 23 juil. 2015 06:54, "Paul King" <pa...@asert.com.au> a écrit :

>
> I have now removed the notices for "permissive" licenses and adopted
> short-form
> license referencing where possible.
>
> As part of doing this, I noticed that the grooid jars aren't in the binary
> zip.
> I made a grooid directory (similar to indy) and put the jars in there. I
> also
> removed the openbeans jar from the lib directory since it is embedded in
> the grooid jars and I don't believe used anywhere else.
>
> Unless I hear any corrections/objections, I'll merge latest changes back
> onto
> the 2_4_X branch.
>
> Cheers, Paul.
>
> On 21/07/2015 10:24 PM, Paul King wrote:
>
>>
>> I updated the updateLicense task in assemble.gradle (now called
>> updateLicenses) and added an updateNotices task.
>>
>> If adding/deleting files which have special license requirements you
>> should place/remove the appropriate notice and license information in the
>> root project's notices and licenses directories (follow the conventions of
>> other files), re-run those gradle tasks and then commit the resulting
>> generated files. See also, the readme.txt files in those directories. In
>> some cases, you might need to tweak the assemble.gradle file.
>>
>> Please feel free to review the logic used in those task definitions and
>> the current generated licenses and notice files. Let me know if you spot
>> any errors or anything missing.
>>
>> What's still left to do?
>>
>> * Over time we might want to push some of the license/notice generation
>> down into subprojects and then auto aggregate.
>>
>> * We might be able to remove some notice info I put in for
>> "deemed-permissive" licenses. Still working on that - might need
>> clarification from Apache legal.
>>
>> * Using short-form references to licenses is preferred over including
>> full licenses. We should be able to tweak things to use the short-form (at
>> least in some places to start with).
>>
>> * I was going to do a bit more checking for any bubble-up license/notice
>> requirements from our binary dependencies. So far, I think we might be
>> missing a CDDL license for servlet-api (used by groovy-servlet) and the
>> public domain license for jsr166y (used by GPars). I'll keep investigating.
>>
>> Cheers, Paul.
>>
>> ---
>> This email has been checked for viruses by Avast antivirus software.
>> https://www.avast.com/antivirus
>>
>>
>>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
>

Re: Notices and Licenses

[Paul King <pa...@asert.com.au>]

I have now removed the notices for "permissive" licenses and adopted short-form
license referencing where possible.

As part of doing this, I noticed that the grooid jars aren't in the binary zip.
I made a grooid directory (similar to indy) and put the jars in there. I also
removed the openbeans jar from the lib directory since it is embedded in
the grooid jars and I don't believe used anywhere else.

Unless I hear any corrections/objections, I'll merge latest changes back onto
the 2_4_X branch.

Cheers, Paul.

On 21/07/2015 10:24 PM, Paul King wrote:
>
> I updated the updateLicense task in assemble.gradle (now called updateLicenses) and added an updateNotices task.
>
> If adding/deleting files which have special license requirements you should place/remove the appropriate notice and license information in the root project's notices and licenses directories (follow the conventions of other files), re-run those gradle tasks and then commit the resulting generated files. See also, the readme.txt files in those directories. In some cases, you might need to tweak the assemble.gradle file.
>
> Please feel free to review the logic used in those task definitions and the current generated licenses and notice files. Let me know if you spot any errors or anything missing.
>
> What's still left to do?
>
> * Over time we might want to push some of the license/notice generation down into subprojects and then auto aggregate.
>
> * We might be able to remove some notice info I put in for "deemed-permissive" licenses. Still working on that - might need clarification from Apache legal.
>
> * Using short-form references to licenses is preferred over including full licenses. We should be able to tweak things to use the short-form (at least in some places to start with).
>
> * I was going to do a bit more checking for any bubble-up license/notice requirements from our binary dependencies. So far, I think we might be missing a CDDL license for servlet-api (used by groovy-servlet) and the public domain license for jsr166y (used by GPars). I'll keep investigating.
>
> Cheers, Paul.
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
>


---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Re: Notices and Licenses

[Emmanuel Lécharny <el...@gmail.com>]

Hi guys,

I don't know how good it is, but there is a new tool that has been
created whch might help : https://github.com/nexB/scancode-toolkit/wiki
<https://github.com/nexB/scancode-toolkit/releases>

I'm currently evaluating it on my own projects to see what it produces.