You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cordova.apache.org by Patrick Mueller <pm...@gmail.com> on 2012/01/20 19:41:51 UTC
review weinre NOTICE file
I've been prepping weinre for build/release-ability, and have a NOTICE file
with 3rd party code that I use. Could someone familiar with NOTICE files
give me a quick review, before I push to Apache? (here at the m/l, not
within GitHub)
https://github.com/pmuellr/incubator-cordova-weinre/blob/issue-176/NOTICE
--
Patrick Mueller
http://muellerware.org
Re: review weinre NOTICE file
Posted by Patrick Mueller <pm...@gmail.com>.
On Mon, Jan 23, 2012 at 10:44, Patrick Mueller <pm...@gmail.com> wrote:
> I'm thinking here of surgically altering the jetty.jar to remove the
> UnixCrypt.class file. That means I don't have to worry about crypto
> anymore, but do have to somehow mention that I've surgically altered the
> jetty.jar to remove something. Kosher?
>
Another obvious option is to just stop reshipping Jetty. I'd continue to
ship a weinre.jar file, but not include the Jetty bits; I could point to a
Jetty page that would tell you how to download Jetty, and show the
incantation to run it. Basically, it goes from:
java -jar path/to/weinre.jar [options]
to something like
java -cp path/to/jetty.jar -jar path/to/weinre.jar [options]
(or similar).
--
Patrick Mueller
http://muellerware.org
Re: review weinre NOTICE file
Posted by Patrick Mueller <pm...@gmail.com>.
On Fri, Jan 20, 2012 at 14:08, Patrick Mueller <pm...@gmail.com> wrote:
> Jetty is a weird beast. It was at Apache for a while, then moved to
> Eclipse; maybe it's at both; perhaps I can root around and find the Apache
> version somewhere.
>
So, my recollection of Jetty living one time at Apache was wrong, I think.
It was at CodeHaus, then moved to Eclipse. From previous experience, I
remembered that Apache Geronimo was using Jetty, so looked to see what they
did. if you search on their current LICENSE file [1], and if you search on
the string "Eclipse Public", and then scroll down, you'll see that they've
included the EPLv1 and listed the same bits of Jetty that I use (packaged a
little differently). One thing I'll have to do is stop redistributing the
jetty source code [2], which I did just to make debugging easier.
PS3. I notice the reference to UnixCrypt. Can you check whether it
> falls within the requirements of the export control laws as described
> in http://www.apache.org/dev/crypto.html?
>
Ugg. This seems like a load of work for something I don't even use - I
don't actually make use of any of the crypto that Jetty ships.
I'm thinking here of surgically altering the jetty.jar to remove the
UnixCrypt.class file. That means I don't have to worry about crypto
anymore, but do have to somehow mention that I've surgically altered the
jetty.jar to remove something. Kosher?
[1]: https://svn.apache.org/repos/asf/geronimo/server/trunk/LICENSE
[2]: http://www.apache.org/legal/resolved.html#category-b
--
Patrick Mueller
http://muellerware.org
Re: review weinre NOTICE file
Posted by Patrick Mueller <pm...@gmail.com>.
On Fri, Jan 20, 2012 at 13:55, Jukka Zitting <ju...@gmail.com>wrote:
> ...
>
excellent, thanks for the info
> PS3. I notice the reference to UnixCrypt. Can you check whether it
> falls within the requirements of the export control laws as described
> in http://www.apache.org/dev/crypto.html?
>
Jetty is a weird beast. It was at Apache for a while, then moved to
Eclipse; maybe it's at both; perhaps I can root around and find the Apache
version somewhere.
And Jetty is only needed because the weinre server is implemented in Java.
Once we re-implement it using node, it won't be needed at all. Wonder how
long that would take? :-) Of course, then we'll going to have to deal
with the npm pre-reqs (express, etc).
--
Patrick Mueller
http://muellerware.org
Re: review weinre NOTICE file
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Fri, Jan 20, 2012 at 7:41 PM, Patrick Mueller <pm...@gmail.com> wrote:
> I've been prepping weinre for build/release-ability, and have a NOTICE file
> with 3rd party code that I use. Could someone familiar with NOTICE files
> give me a quick review, before I push to Apache?
Looks good for a LICENSE file. The NOTICE file is for "required
third-party notices" that are pretty rare in practice [1].
So I'd just include the following default content in the NOTICE file:
<NOTICE>
Apache Cordova weinre
Copyright 2012 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
</NOTICE>
... and put the parts about included software into the LICENSE file,
after the ALv2 text.
PS1. Other products from within the ASF don't need to be explicitly
mentioned in NOTICE or LICENSE (the default text covers everything
developed within the ASF), except possibly for parts where they
contain extra third party code that needs to be mentioned.
PS2. As long as coffee-script is not included in the source or binary
packages, there's no need to mention it either in NOTICE or LICENSE.
PS3. I notice the reference to UnixCrypt. Can you check whether it
falls within the requirements of the export control laws as described
in http://www.apache.org/dev/crypto.html?
[1] http://www.apache.org/legal/resolved.html#required-third-party-notices
BR,
Jukka Zitting