You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Emmanuel Lécharny <el...@gmail.com> on 2014/10/08 12:38:12 UTC
Re: Fortress IP clearance
Le 07/10/14 15:30, Shawn McKinney a écrit :
> Hi Emmanuel,
>
> I have accepted the role of committer on private mailing and emailed a copy of ICLA form to the secretary. AFIK these are the sole tasks assigned to me currently. Thanks for the help.
Hi Shawn,
let's pursue this conversation on the dev mailing list.
I'mcurrently filling parts of the IP clearance document, but at some
point, I'll need your help.
Typically, here are the info I'll need :
- the code base URL, with a MD5/SHA checksum, at the very date of the
donation (ie, if we have some modification after this date, then they
should be retained and injected into teh code base when moved to The ASF
repository. All in all, it's a matter of building a zip and sign it, and
move it to a place we can download it (can be teh latest release, for
instance)
- a Corporate CLA (from Joshua tree and Symas) as to be fulfilled and
sent to The ASF
- The list of all the people having worked on the code base, with their
consent
- The list of dependencies with their licence have to be checked to be
sure they are compatible (ie, " Apache, BSD, Artistic, MIT/X, MIT/W3C,
MPL 1.1, or something with essentially the same terms").
Tell me what item you can deal with !
Thanks !
Re: Fortress IP clearance
Posted by Shawn McKinney <mc...@att.net>.
On 10/15/2014 01:34 AM, Emmanuel Lécharny wrote:
> At this point, and focusing on Fortress-core only, I wouls suggest we
> simply get rid of Uboundid dependency, and then we should be good to go.
>
> Anyone has another take on this matter ?
Seems reasonable, though as previously stated there will be a bit of work to complete the DAO integration with apache ldap API (password policy + a couple of utility entities - suffix and container) to pass all of the junit tests. The realm package is just fortress + a tomcat lib so might be worth doing at same time as core.
Re: Fortress IP clearance
Posted by Emmanuel Lécharny <el...@gmail.com>.
Hi,
yesterday, I imported the Fortress core pom.xml into Luna (eclipse)
which gives the list of libs the fukll project depends on (including
transitive deps).
Here is the (impressive) list :
antlr/antlr/2.7.7/antlr-2.7.7.jar
avalon-framework/avalon-framework/4.1.4/avalon-framework-4.1.4.jar
bsf/bsf/2.4.0/bsf-2.4.0.jar
com/adobe/xmp/xmpcore/5.1.2/xmpcore-5.1.2.jar
com/drewnoakes/metadata-extractor/2.6.2/metadata-extractor-2.6.2.jar
com/fifesoft/rsyntaxtextarea/2.5.1/rsyntaxtextarea-2.5.1.jar
com/googlecode/juniversalchardet/juniversalchardet/1.0.3/juniversalchardet-1.0.3.jar
com/googlecode/mp4parser/isoparser/1.0-RC-1/isoparser-1.0-RC-1.jar
com/thoughtworks/xstream/xstream/1.4.4/xstream-1.4.4.jar
com/unboundid/unboundid-ldapsdk/2.3.3/unboundid-ldapsdk-2.3.3.jar
commons-beanutils/commons-beanutils/1.7.0/commons-beanutils-1.7.0.jar
commons-beanutils/commons-beanutils-core/1.8.0/commons-beanutils-core-1.8.0.jar
commons-codec/commons-codec/1.2/commons-codec-1.2.jar
commons-collections/commons-collections/3.2.1/commons-collections-3.2.1.jar
commons-configuration/commons-configuration/1.6/commons-configuration-1.6.jar
commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar
commons-io/commons-io/2.4/commons-io-2.4.jar
commons-jexl/commons-jexl/1.1/commons-jexl-1.1.jar
commons-lang/commons-lang/2.4/commons-lang-2.4.jar
commons-logging/commons-logging/1.1.1/commons-logging-1.1.1.jar
commons-net/commons-net/3.3/commons-net-3.3.jar
commons-pool/commons-pool/1.6/commons-pool-1.6.jar
de/l3s/boilerpipe/boilerpipe/1.1.0/boilerpipe-1.1.0.jar
dom4j/dom4j/1.6.1/dom4j-1.6.1.jar
edu/ucar/netcdf/4.2-min/netcdf-4.2-min.jar
excalibur-datasource/excalibur-datasource/1.1.1/excalibur-datasource-1.1.1.jar
excalibur-instrument/excalibur-instrument/1.0/excalibur-instrument-1.0.jar
excalibur-logger/excalibur-logger/1.1/excalibur-logger-1.1.jar
excalibur-pool/excalibur-pool/1.2/excalibur-pool-1.2.jar
javax/activation/activation/1.1/activation-1.1.jar
javax/mail/mail/1.5.0-b01/mail-1.5.0-b01.jar
javax/ws/rs/jsr311-api/1.1-ea/jsr311-api-1.1-ea.jar
jcharts/jcharts/0.7.5/jcharts-0.7.5.jar
jdom/jdom/1.0/jdom-1.0.jar
junit/junit/4.11/junit-4.11.jar
log4j/log4j/1.2.17/log4j-1.2.17.jar
logkit/logkit/2.0/logkit-2.0.jar
net/sf/ehcache/ehcache-core/2.6.9/ehcache-core-2.6.9.jar
net/sf/jtidy/jtidy/r938/jtidy-r938.jar
net/sf/opencsv/opencsv/2.3/opencsv-2.3.jar
org/apache/ant/ant/1.9.1/ant-1.9.1.jar
org/apache/ant/ant-launcher/1.9.1/ant-launcher-1.9.1.jar
org/apache/commons/commons-compress/1.5/commons-compress-1.5.jar
org/apache/commons/commons-jexl/2.1.1/commons-jexl-2.1.1.jar
org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar
org/apache/cxf/cxf-common-utilities/2.5.10/cxf-common-utilities-2.5.10.jar
org/apache/directory/api/api-all/1.0.0-M22/api-all-1.0.0-M22.jar
org/apache/directory/server/apacheds-all/2.0.0-M16/apacheds-all-2.0.0-M16.jar
org/apache/httpcomponents/httpclient/4.2.6/httpclient-4.2.6.jar
org/apache/httpcomponents/httpcore/4.2.5/httpcore-4.2.5.jar
org/apache/httpcomponents/httpmime/4.2.6/httpmime-4.2.6.jar
org/apache/geronimo/specs/geronimo-jms_1.1_spec/1.1.1/geronimo-jms_1.1_spec-1.1.1.jar
org/apache/geronimo/specs/geronimo-stax-api_1.0_spec/1.0.1/geronimo-stax-api_1.0_spec-1.0.1.jar
org/apache/jmeter/ApacheJMeter_components/2.11/ApacheJMeter_components-2.11.jar
org/apache/jmeter/ApacheJMeter_core/2.11/ApacheJMeter_core-2.11.jar
org/apache/jmeter/ApacheJMeter_java/2.11/ApacheJMeter_java-2.11.jar
org/apache/jmeter/jorphan/2.11/jorphan-2.11.jar
org/apache/james/apache-mime4j-core/0.7.2/apache-mime4j-core-0.7.2.jar
org/apache/james/apache-mime4j-dom/0.7.2/apache-mime4j-dom-0.7.2.jar
org/apache/mina/mina-core/2.0.7/mina-core-2.0.7.jar
org/apache/pdfbox/pdfbox/1.8.1/pdfbox-1.8.1.jar
org/apache/pdfbox/fontbox/1.8.1/fontbox-1.8.1.jar
org/apache/pdfbox/jempbox/1.8.1/jempbox-1.8.1.jar
org/apache/poi/poi/3.9/poi-3.9.jar
org/apache/poi/poi-scratchpad/3.9/poi-scratchpad-3.9.jar
org/apache/poi/poi-ooxml/3.9/poi-ooxml-3.9.jar
org/apache/poi/poi-ooxml-schemas/3.9/poi-ooxml-schemas-3.9.jar
org/apache/tika/tika-core/1.4/tika-core-1.4.jar
org/apache/tika/tika-parsers/1.4/tika-parsers-1.4.jar
org/apache/ws/xmlschema/xmlschema-core/2.0.3/xmlschema-core-2.0.3.jar
org/apache/xmlbeans/xmlbeans/2.3.0/xmlbeans-2.3.0.jar
org/apache/xmlgraphics/xmlgraphics-commons/1.5/xmlgraphics-commons-1.5.jar
org/aspectj/aspectjrt/1.6.11/aspectjrt-1.6.11.jar
org/beanshell/bsh/2.0b5/bsh-2.0b5.jar
org/bouncycastle/bcmail-jdk15/1.45/bcmail-jdk15-1.45.jar
org/bouncycastle/bcmail-jdk15on/1.49/bcmail-jdk15on-1.49.jar
org/bouncycastle/bcpkix-jdk15on/1.49/bcpkix-jdk15on-1.49.jar
org/bouncycastle/bcprov-jdk15/1.45/bcprov-jdk15-1.45.jar
org/bouncycastle/bcprov-jdk15on/1.49/bcprov-jdk15on-1.49.jar
org/ccil/cowan/tagsoup/tagsoup/1.2.1/tagsoup-1.2.1.jar
org/codehaus/woodstox/stax2-api/3.1.1/stax2-api-3.1.1.jar
org/codehaus/woodstox/woodstox-core-asl/4.2.0/woodstox-core-asl-4.2.0.jar
org/gagravarr/vorbis-java-core/0.1/vorbis-java-core-0.1.jar
org/gagravarr/vorbis-java-core/0.1/vorbis-java-core-0.1-tests.jar
org/gagravarr/vorbis-java-tika/0.1/vorbis-java-tika-0.1.jar
org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
org/htmlparser/htmllexer/2.1/htmllexer-2.1.jar
org/htmlparser/htmlparser/2.1/htmlparser-2.1.jar
org/jasypt/jasypt/1.8/jasypt-1.8.jar
org/jgrapht/jgrapht-jdk1.5/0.7.3/jgrapht-jdk1.5-0.7.3.jar
org/jodd/jodd-core/3.4.10/jodd-core-3.4.10.jar
org/jdom/jdom/1.1.3/jdom-1.1.3.jar
org/jodd/jodd-lagarto/3.4.10/jodd-lagarto-3.4.10.jar
org/jsoup/jsoup/1.7.3/jsoup-1.7.3.jar
org/mongodb/mongo-java-driver/2.11.3/mongo-java-driver-2.11.3.jar
org/mozilla/rhino/1.7R4/rhino-1.7R4.jar
org/openldap/accelerator-api/1.0-RC39/accelerator-api-1.0-RC39.jar
org/openldap/accelerator-impl/1.0-RC39/accelerator-impl-1.0-RC39.jar
oro/oro/2.0.8/oro-2.0.8.jar
org/ow2/asm/asm-debug-all/4.1/asm-debug-all-4.1.jar
org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.jar
org/slf4j/slf4j-log4j12/1.7.5/slf4j-log4j12-1.7.5.jar
org/slf4j/slf4j-nop/1.7.5/slf4j-nop-1.7.5.jar
org/tukaani/xz/1.2/xz-1.2.jar
rome/rome/0.9/rome-0.9.jar
soap/soap/2.3.1/soap-2.3.1.jar
xalan/serializer/2.7.1/serializer-2.7.1.jar
xalan/xalan/2.7.1/xalan-2.7.1.jar
xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar
xml-apis/xml-apis/1.0.b2/xml-apis-1.0.b2.jar
xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar
xpp3/xpp3/1.1.4c/xpp3-1.1.4c.jar
xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar
The pb is to get the real hierarchy, instead of a bold list of
dependencies. For instance, JMeter is requiring a huge list of
transitive dependencies, just because it's a tool that can be used to
test many different protocols. This is clearly shown by the dependencies
tree produce when you run the mvn eclipse:eclipse command at the project
root :
[DEBUG] org.openldap:fortress:jar:1.0-RC39 (selected for null)
[DEBUG] org.openldap:accelerator-api:jar:1.0-RC39:compile (selected
for compile)
[DEBUG]
org.apache.directory.api:api-all:jar:1.0.0-M22-SNAPSHOT:compile
(selected for compile)
[DEBUG] org.slf4j:slf4j-api:jar:1.7.5:compile (selected for compile)
[DEBUG] org.openldap:accelerator-impl:jar:1.0-RC39:compile (selected
for compile)
[DEBUG] commons-lang:commons-lang:jar:2.4:compile (selected for compile)
[DEBUG] commons-configuration:commons-configuration:jar:1.6:compile
(selected for compile)
[DEBUG] commons-collections:commons-collections:jar:3.2.1:compile
(selected for compile)
[DEBUG] commons-logging:commons-logging:jar:1.1.1:compile (selected
for compile)
[DEBUG] commons-digester:commons-digester:jar:1.8:compile (selected
for compile)
[DEBUG] commons-beanutils:commons-beanutils:jar:1.7.0:compile
(selected for compile)
[DEBUG] commons-logging:commons-logging:jar:1.0.3:compile
(removed - nearer found: 1.1.1)
[DEBUG] commons-logging:commons-logging:jar:1.1:compile (removed -
nearer found: 1.1.1)
[DEBUG] commons-beanutils:commons-beanutils-core:jar:1.8.0:compile
(selected for compile)
[DEBUG] commons-collections:commons-collections:jar:3.2.1:compile
(selected for compile)
[DEBUG] commons-io:commons-io:jar:2.4:compile (selected for compile)
[DEBUG] commons-httpclient:commons-httpclient:jar:3.1:compile
(selected for compile)
[DEBUG] commons-logging:commons-logging:jar:1.0.4:compile (removed -
nearer found: 1.1.1)
[DEBUG] commons-codec:commons-codec:jar:1.2:compile (selected for
compile)
[DEBUG] com.unboundid:unboundid-ldapsdk:jar:2.3.3:compile (selected
for compile)
[DEBUG] org.slf4j:slf4j-api:jar:1.7.5:compile (selected for compile)
[DEBUG] org.slf4j:slf4j-log4j12:jar:1.7.5:compile (selected for compile)
[DEBUG] log4j:log4j:jar:1.2.17:compile (selected for compile)
[DEBUG] log4j:log4j:jar:1.2.17:compile (selected for compile)
[DEBUG] org.jasypt:jasypt:jar:1.8:compile (selected for compile)
[DEBUG] org.jgrapht:jgrapht-jdk1.5:jar:0.7.3:compile (selected for
compile)
[DEBUG] net.sf.ehcache:ehcache-core:jar:2.6.9:compile (selected for
compile)
[DEBUG] org.slf4j:slf4j-api:jar:1.6.1:compile (removed - nearer
found: 1.7.5)
[DEBUG] org.apache.ant:ant:jar:1.9.1:compile (selected for compile)
[DEBUG] org.apache.ant:ant-launcher:jar:1.9.1:compile (selected for
compile)
[DEBUG] org.apache.cxf:cxf-common-utilities:jar:2.5.10:compile
(selected for compile)
[DEBUG] org.apache.ws.xmlschema:xmlschema-core:jar:2.0.3:compile
(selected for compile)
[DEBUG] org.codehaus.woodstox:woodstox-core-asl:jar:4.2.0:compile
(selected for compile)
[DEBUG] org.codehaus.woodstox:stax2-api:jar:3.1.1:compile
(selected for compile)
[DEBUG] javax.ws.rs:jsr311-api:jar:1.1-ea:compile (selected for compile)
[DEBUG] junit:junit:jar:4.11:test (selected for test)
[DEBUG] org.hamcrest:hamcrest-core:jar:1.3:test (selected for test)
[DEBUG] net.sf.opencsv:opencsv:jar:2.3:test (selected for test)
[DEBUG] org.apache.jmeter:ApacheJMeter_core:jar:2.11:test (selected
for test)
[DEBUG] org.apache.jmeter:jorphan:jar:2.11:test (selected for test)
[DEBUG] bsf:bsf:jar:2.4.0:test (selected for test)
[DEBUG] commons-logging:commons-logging:jar:1.0.4:test (removed
- nearer found: 1.1.1)
[DEBUG] avalon-framework:avalon-framework:jar:4.1.4:test (selected
for test)
[DEBUG] org.beanshell:bsh:jar:2.0b5:test (selected for test)
[DEBUG] org.bouncycastle:bcmail-jdk15on:jar:1.49:test (selected
for test)
[DEBUG] org.bouncycastle:bcprov-jdk15on:jar:1.49:test (selected
for test)
[DEBUG] org.bouncycastle:bcpkix-jdk15on:jar:1.49:test (selected
for test)
[DEBUG] org.bouncycastle:bcprov-jdk15on:jar:1.49:test (selected
for test)
[DEBUG] org.bouncycastle:bcpkix-jdk15on:jar:1.49:test (selected
for test)
[DEBUG] commons-codec:commons-codec:jar:1.8:test (removed - nearer
found: 1.2)
[DEBUG] commons-jexl:commons-jexl:jar:1.1:test (selected for test)
[DEBUG] commons-logging:commons-logging:jar:1.0.3:test (removed
- nearer found: 1.1.1)
[DEBUG] junit:junit:jar:3.8.1:test (removed - nearer found: 4.11)
[DEBUG] org.apache.commons:commons-jexl:jar:2.1.1:test (selected
for test)
[DEBUG] org.apache.commons:commons-lang3:jar:3.1:test (selected
for test)
[DEBUG] commons-logging:commons-logging:jar:1.1.3:test (removed -
nearer found: 1.1.1)
[DEBUG] commons-net:commons-net:jar:3.3:test (selected for test)
[DEBUG] excalibur-datasource:excalibur-datasource:jar:1.1.1:test
(selected for test)
[DEBUG] excalibur-instrument:excalibur-instrument:jar:1.0:test
(selected for test)
[DEBUG] excalibur-logger:excalibur-logger:jar:1.1:test (selected
for test)
[DEBUG] excalibur-pool:excalibur-pool:jar:1.2:test (selected for test)
[DEBUG] org.htmlparser:htmllexer:jar:2.1:test (selected for test)
[DEBUG] org.htmlparser:htmlparser:jar:2.1:test (selected for test)
[DEBUG] org.apache.httpcomponents:httpclient:jar:4.2.6:test
(selected for test)
[DEBUG] org.apache.httpcomponents:httpcore:jar:4.2.5:test
(selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.6:test (removed -
nearer found: 1.2)
[DEBUG] org.apache.httpcomponents:httpmime:jar:4.2.6:test
(selected for test)
[DEBUG] org.apache.httpcomponents:httpcore:jar:4.2.5:test
(selected for test)
[DEBUG] oro:oro:jar:2.0.8:test (selected for test)
[DEBUG] jcharts:jcharts:jar:0.7.5:test (selected for test)
[DEBUG] org.jdom:jdom:jar:1.1.3:test (selected for test)
[DEBUG] org.mozilla:rhino:jar:1.7R4:test (selected for test)
[DEBUG] logkit:logkit:jar:2.0:test (selected for test)
[DEBUG] soap:soap:jar:2.3.1:test (selected for test)
[DEBUG] net.sf.jtidy:jtidy:jar:r938:test (selected for test)
[DEBUG] org.apache.tika:tika-core:jar:1.4:test (selected for test)
[DEBUG] org.apache.tika:tika-parsers:jar:1.4:test (selected for test)
[DEBUG] org.gagravarr:vorbis-java-tika:jar:0.1:test (selected
for test)
[DEBUG] org.gagravarr:vorbis-java-core:jar:tests:0.1:test
(selected for test)
[DEBUG] org.apache.tika:tika-core:jar:1.0:test (removed -
nearer found: 1.4)
[DEBUG] edu.ucar:netcdf:jar:4.2-min:test (selected for test)
[DEBUG] org.slf4j:slf4j-api:jar:1.5.6:test (removed - nearer
found: 1.7.5)
[DEBUG] org.apache.james:apache-mime4j-core:jar:0.7.2:test
(selected for test)
[DEBUG] org.apache.james:apache-mime4j-dom:jar:0.7.2:test
(selected for test)
[DEBUG] org.apache.commons:commons-compress:jar:1.5:test
(selected for test)
[DEBUG] org.tukaani:xz:jar:1.2:test (selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.5:test (removed -
nearer found: 1.2)
[DEBUG] org.apache.pdfbox:pdfbox:jar:1.8.1:test (selected for test)
[DEBUG] org.apache.pdfbox:fontbox:jar:1.8.1:test (selected for
test)
[DEBUG] org.apache.pdfbox:jempbox:jar:1.8.1:test (selected for
test)
[DEBUG] org.bouncycastle:bcmail-jdk15:jar:1.45:test (selected
for test)
[DEBUG] org.bouncycastle:bcprov-jdk15:jar:1.45:test (selected
for test)
[DEBUG] org.bouncycastle:bcprov-jdk15:jar:1.45:test (selected
for test)
[DEBUG] org.apache.poi:poi:jar:3.9:test (selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.5:test (removed -
nearer found: 1.2)
[DEBUG] org.apache.poi:poi-scratchpad:jar:3.9:test (selected for
test)
[DEBUG] org.apache.poi:poi-ooxml:jar:3.9:test (selected for test)
[DEBUG] org.apache.poi:poi-ooxml-schemas:jar:3.9:test
(selected for test)
[DEBUG] org.apache.xmlbeans:xmlbeans:jar:2.3.0:test
(selected for test)
[DEBUG] dom4j:dom4j:jar:1.6.1:test (selected for test)
[DEBUG]
org.apache.geronimo.specs:geronimo-stax-api_1.0_spec:jar:1.0.1:test
(selected for test)
[DEBUG] org.ccil.cowan.tagsoup:tagsoup:jar:1.2.1:test (selected
for test)
[DEBUG] org.ow2.asm:asm-debug-all:jar:4.1:test (selected for test)
[DEBUG] com.googlecode.mp4parser:isoparser:jar:1.0-RC-1:test
(selected for test)
[DEBUG] org.aspectj:aspectjrt:jar:1.6.11:test (selected for test)
[DEBUG] com.drewnoakes:metadata-extractor:jar:2.6.2:test
(selected for test)
[DEBUG] com.adobe.xmp:xmpcore:jar:5.1.2:test (selected for test)
[DEBUG] xerces:xercesImpl:jar:2.8.1:test (selected for test)
[DEBUG] xml-apis:xml-apis:jar:1.3.03:test (selected for test)
[DEBUG] de.l3s.boilerpipe:boilerpipe:jar:1.1.0:test (selected
for test)
[DEBUG] rome:rome:jar:0.9:test (selected for test)
[DEBUG] jdom:jdom:jar:1.0:test (selected for test)
[DEBUG] org.gagravarr:vorbis-java-core:jar:0.1:test (selected
for test)
[DEBUG]
com.googlecode.juniversalchardet:juniversalchardet:jar:1.0.3:test
(selected for test)
[DEBUG] com.thoughtworks.xstream:xstream:jar:1.4.4:test (selected
for test)
[DEBUG] xmlpull:xmlpull:jar:1.1.3.1:test (selected for test)
[DEBUG] xpp3:xpp3_min:jar:1.1.4c:test (selected for test)
[DEBUG] xmlpull:xmlpull:jar:1.1.3.1:test (selected for test)
[DEBUG] xpp3:xpp3_min:jar:1.1.4c:test (selected for test)
[DEBUG] xalan:xalan:jar:2.7.1:test (selected for test)
[DEBUG] xalan:serializer:jar:2.7.1:test (selected for test)
[DEBUG] xml-apis:xml-apis:jar:1.3.03:test (removed - nearer
found: 1.3.04)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:test (selected for test)
[DEBUG] xalan:serializer:jar:2.7.1:test (selected for test)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:test (selected for test)
[DEBUG] xerces:xercesImpl:jar:2.8.1:test (removed - nearer found:
2.9.1)
[DEBUG] xerces:xercesImpl:jar:2.9.1:test (selected for test)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:test (selected for test)
[DEBUG] org.apache.xmlgraphics:xmlgraphics-commons:jar:1.5:test
(selected for test)
[DEBUG] commons-io:commons-io:jar:1.3.1:test (removed - nearer
found: 2.4)
[DEBUG] commons-logging:commons-logging:jar:1.0.4:test (removed
- nearer found: 1.1.1)
[DEBUG] javax.mail:mail:jar:1.5.0-b01:test (selected for test)
[DEBUG] javax.activation:activation:jar:1.1:test (selected for test)
[DEBUG]
org.apache.geronimo.specs:geronimo-jms_1.1_spec:jar:1.1.1:test (selected
for test)
[DEBUG] org.jsoup:jsoup:jar:1.7.3:test (selected for test)
[DEBUG] org.jodd:jodd-core:jar:3.4.10:test (selected for test)
[DEBUG] org.jodd:jodd-lagarto:jar:3.4.10:test (selected for test)
[DEBUG] org.slf4j:slf4j-api:jar:1.7.2:test (removed - nearer
found: 1.7.5)
[DEBUG] org.mongodb:mongo-java-driver:jar:2.11.3:test (selected
for test)
[DEBUG] com.fifesoft:rsyntaxtextarea:jar:2.5.1:test (selected for
test)
[DEBUG] org.slf4j:slf4j-nop:jar:1.7.5:test (selected for test)
[DEBUG] bsf:bsf:jar:2.4.0:test (selected for test)
[DEBUG] commons-logging:commons-logging:jar:1.0.4:test (removed -
nearer found: 1.1.1)
[DEBUG] avalon-framework:avalon-framework:jar:4.1.4:test (selected
for test)
[DEBUG] org.beanshell:bsh:jar:2.0b5:test (selected for test)
[DEBUG] org.bouncycastle:bcmail-jdk15on:jar:1.49:test (selected for
test)
[DEBUG] org.bouncycastle:bcprov-jdk15on:jar:1.49:test (selected for
test)
[DEBUG] org.bouncycastle:bcpkix-jdk15on:jar:1.49:test (selected for
test)
[DEBUG] commons-codec:commons-codec:jar:1.8:test (removed - nearer
found: 1.2)
[DEBUG] commons-jexl:commons-jexl:jar:1.1:test (selected for test)
[DEBUG] commons-logging:commons-logging:jar:1.0.3:test (removed -
nearer found: 1.1.1)
[DEBUG] junit:junit:jar:3.8.1:test (removed - nearer found: 4.11)
[DEBUG] org.apache.commons:commons-jexl:jar:2.1.1:test (selected for
test)
[DEBUG] org.apache.commons:commons-lang3:jar:3.1:test (selected for
test)
[DEBUG] commons-logging:commons-logging:jar:1.1.3:test (removed -
nearer found: 1.1.1)
[DEBUG] commons-net:commons-net:jar:3.3:test (selected for test)
[DEBUG] excalibur-datasource:excalibur-datasource:jar:1.1.1:test
(selected for test)
[DEBUG] excalibur-instrument:excalibur-instrument:jar:1.0:test
(selected for test)
[DEBUG] excalibur-logger:excalibur-logger:jar:1.1:test (selected for
test)
[DEBUG] excalibur-pool:excalibur-pool:jar:1.2:test (selected for test)
[DEBUG] org.htmlparser:htmllexer:jar:2.1:test (selected for test)
[DEBUG] org.htmlparser:htmlparser:jar:2.1:test (selected for test)
[DEBUG] org.apache.httpcomponents:httpclient:jar:4.2.6:test
(selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.6:test (removed - nearer
found: 1.2)
[DEBUG] org.apache.httpcomponents:httpmime:jar:4.2.6:test (selected
for test)
[DEBUG] org.apache.httpcomponents:httpcore:jar:4.2.5:test (selected
for test)
[DEBUG] oro:oro:jar:2.0.8:test (selected for test)
[DEBUG] jcharts:jcharts:jar:0.7.5:test (selected for test)
[DEBUG] org.jdom:jdom:jar:1.1.3:test (selected for test)
[DEBUG] org.mozilla:rhino:jar:1.7R4:test (selected for test)
[DEBUG] logkit:logkit:jar:2.0:test (selected for test)
[DEBUG] soap:soap:jar:2.3.1:test (selected for test)
[DEBUG] net.sf.jtidy:jtidy:jar:r938:test (selected for test)
[DEBUG] org.apache.tika:tika-core:jar:1.4:test (selected for test)
[DEBUG] org.apache.tika:tika-parsers:jar:1.4:test (selected for test)
[DEBUG] org.gagravarr:vorbis-java-tika:jar:0.1:test (selected for
test)
[DEBUG] org.gagravarr:vorbis-java-core:jar:tests:0.1:test
(selected for test)
[DEBUG] org.apache.tika:tika-core:jar:1.0:test (removed - nearer
found: 1.4)
[DEBUG] edu.ucar:netcdf:jar:4.2-min:test (selected for test)
[DEBUG] org.slf4j:slf4j-api:jar:1.5.6:test (removed - nearer
found: 1.7.5)
[DEBUG] org.apache.james:apache-mime4j-core:jar:0.7.2:test
(selected for test)
[DEBUG] org.apache.james:apache-mime4j-dom:jar:0.7.2:test
(selected for test)
[DEBUG] org.apache.commons:commons-compress:jar:1.5:test (selected
for test)
[DEBUG] org.tukaani:xz:jar:1.2:test (selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.5:test (removed - nearer
found: 1.2)
[DEBUG] org.apache.pdfbox:pdfbox:jar:1.8.1:test (selected for test)
[DEBUG] org.apache.pdfbox:fontbox:jar:1.8.1:test (selected for test)
[DEBUG] org.apache.pdfbox:jempbox:jar:1.8.1:test (selected for test)
[DEBUG] org.bouncycastle:bcmail-jdk15:jar:1.45:test (selected for
test)
[DEBUG] org.bouncycastle:bcprov-jdk15:jar:1.45:test (selected
for test)
[DEBUG] org.bouncycastle:bcprov-jdk15:jar:1.45:test (selected for
test)
[DEBUG] org.apache.poi:poi:jar:3.9:test (selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.5:test (removed -
nearer found: 1.2)
[DEBUG] org.apache.poi:poi-scratchpad:jar:3.9:test (selected for test)
[DEBUG] org.apache.poi:poi-ooxml:jar:3.9:test (selected for test)
[DEBUG] org.apache.poi:poi-ooxml-schemas:jar:3.9:test (selected
for test)
[DEBUG] org.apache.xmlbeans:xmlbeans:jar:2.3.0:test (selected
for test)
[DEBUG] dom4j:dom4j:jar:1.6.1:test (selected for test)
[DEBUG]
org.apache.geronimo.specs:geronimo-stax-api_1.0_spec:jar:1.0.1:test
(selected for test)
[DEBUG] org.ccil.cowan.tagsoup:tagsoup:jar:1.2.1:test (selected
for test)
[DEBUG] org.ow2.asm:asm-debug-all:jar:4.1:test (selected for test)
[DEBUG] com.googlecode.mp4parser:isoparser:jar:1.0-RC-1:test
(selected for test)
[DEBUG] org.aspectj:aspectjrt:jar:1.6.11:test (selected for test)
[DEBUG] com.drewnoakes:metadata-extractor:jar:2.6.2:test (selected
for test)
[DEBUG] com.adobe.xmp:xmpcore:jar:5.1.2:test (selected for test)
[DEBUG] xerces:xercesImpl:jar:2.8.1:test (removed - nearer
found: 2.9.1)
[DEBUG] de.l3s.boilerpipe:boilerpipe:jar:1.1.0:test (selected for
test)
[DEBUG] rome:rome:jar:0.9:test (selected for test)
[DEBUG] jdom:jdom:jar:1.0:test (selected for test)
[DEBUG] org.gagravarr:vorbis-java-core:jar:0.1:test (selected for
test)
[DEBUG]
com.googlecode.juniversalchardet:juniversalchardet:jar:1.0.3:test
(selected for test)
[DEBUG] com.thoughtworks.xstream:xstream:jar:1.4.4:test (selected
for test)
[DEBUG] xmlpull:xmlpull:jar:1.1.3.1:test (selected for test)
[DEBUG] xpp3:xpp3_min:jar:1.1.4c:test (selected for test)
[DEBUG] xalan:xalan:jar:2.7.1:test (selected for test)
[DEBUG] xalan:serializer:jar:2.7.1:test (selected for test)
[DEBUG] xerces:xercesImpl:jar:2.9.1:test (selected for test)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:test (selected for test)
[DEBUG] org.apache.xmlgraphics:xmlgraphics-commons:jar:1.5:test
(selected for test)
[DEBUG] commons-io:commons-io:jar:1.3.1:test (removed - nearer
found: 2.4)
[DEBUG] commons-logging:commons-logging:jar:1.0.4:test (removed -
nearer found: 1.1.1)
[DEBUG] javax.mail:mail:jar:1.5.0-b01:test (selected for test)
[DEBUG] javax.activation:activation:jar:1.1:test (selected for test)
[DEBUG]
org.apache.geronimo.specs:geronimo-jms_1.1_spec:jar:1.1.1:test (selected
for test)
[DEBUG] org.jsoup:jsoup:jar:1.7.3:test (selected for test)
[DEBUG] org.jodd:jodd-core:jar:3.4.10:test (selected for test)
[DEBUG] org.jodd:jodd-lagarto:jar:3.4.10:test (selected for test)
[DEBUG] org.slf4j:slf4j-api:jar:1.7.2:test (removed - nearer
found: 1.7.5)
[DEBUG] org.mongodb:mongo-java-driver:jar:2.11.3:test (selected for
test)
[DEBUG] com.fifesoft:rsyntaxtextarea:jar:2.5.1:test (selected for test)
[DEBUG] org.slf4j:slf4j-nop:jar:1.7.5:test (selected for test)
[DEBUG] org.apache.jmeter:ApacheJMeter_java:jar:2.11:test (selected
for test)
[DEBUG] org.apache.jmeter:ApacheJMeter_components:jar:2.11:test
(selected for test)
[DEBUG] commons-codec:commons-codec:jar:1.8:test (removed - nearer
found: 1.2)
[DEBUG] commons-logging:commons-logging:jar:1.1.3:test (removed -
nearer found: 1.1.1)
[DEBUG] commons-codec:commons-codec:jar:1.8:test (removed - nearer
found: 1.2)
[DEBUG] commons-logging:commons-logging:jar:1.1.3:test (removed -
nearer found: 1.1.1)
[DEBUG] org.apache.directory.server:apacheds-all:jar:2.0.0-M16:compile
(selected for compile)
[DEBUG]
org.apache.directory.api:api-all:jar:1.0.0-M22-SNAPSHOT:compile (removed
- nearer found: 1.0.0-M22)
[DEBUG] org.apache.directory.api:api-all:jar:1.0.0-M22:compile
(selected for compile)
[DEBUG] xpp3:xpp3:jar:1.1.4c:compile (selected for compile)
[DEBUG] dom4j:dom4j:jar:1.6.1:compile (selected for compile)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:test (setting artifactScope
to: compile)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:compile (selected for compile)
[DEBUG] xml-apis:xml-apis:jar:1.3.04:compile (removed - nearer
found: 1.0.b2)
[DEBUG] xml-apis:xml-apis:jar:1.0.b2:compile (selected for compile)
[DEBUG] commons-pool:commons-pool:jar:1.6:compile (selected for compile)
[DEBUG] org.apache.mina:mina-core:jar:2.0.7:compile (selected for
compile)
[DEBUG] org.slf4j:slf4j-api:jar:1.6.6:compile (removed - nearer
found: 1.7.5)
[DEBUG] commons-lang:commons-lang:jar:2.6:compile (removed - nearer
found: 2.4)
[DEBUG] antlr:antlr:jar:2.7.7:compile (selected for compile)
[DEBUG] org.slf4j:slf4j-api:jar:1.7.7:compile (removed - nearer
found: 1.7.5)
In fact, if we focus on direct dependencies, here is the list of jars we
need :
[DEBUG] org.openldap:fortress:jar:1.0-RC39 (selected for null)
[DEBUG] commons-lang:commons-lang:jar:2.4:compile (selected for compile)
[DEBUG] commons-configuration:commons-configuration:jar:1.6:compile
(selected for compile)
[DEBUG] commons-collections:commons-collections:jar:3.2.1:compile
(selected for compile)
[DEBUG] commons-io:commons-io:jar:2.4:compile (selected for compile)
[DEBUG] commons-httpclient:commons-httpclient:jar:3.1:compile
(selected for compile)
[DEBUG] com.unboundid:unboundid-ldapsdk:jar:2.3.3:compile (selected
for compile)
[DEBUG] org.slf4j:slf4j-api:jar:1.7.5:compile (selected for compile)
[DEBUG] org.slf4j:slf4j-log4j12:jar:1.7.5:compile (selected for compile)
[DEBUG] log4j:log4j:jar:1.2.17:compile (selected for compile)
[DEBUG] org.jasypt:jasypt:jar:1.8:compile (selected for compile)
[DEBUG] org.jgrapht:jgrapht-jdk1.5:jar:0.7.3:compile (selected for
compile)
[DEBUG] net.sf.ehcache:ehcache-core:jar:2.6.9:compile (selected for
compile)
[DEBUG] org.apache.ant:ant:jar:1.9.1:compile (selected for compile)
[DEBUG] org.apache.cxf:cxf-common-utilities:jar:2.5.10:compile
(selected for compile)
[DEBUG] javax.ws.rs:jsr311-api:jar:1.1-ea:compile (selected for compile)
[DEBUG] junit:junit:jar:4.11:test (selected for test)
[DEBUG] net.sf.opencsv:opencsv:jar:2.3:test (selected for test)
[DEBUG] org.apache.jmeter:ApacheJMeter_core:jar:2.11:test (selected
for test)
[DEBUG] org.apache.jmeter:ApacheJMeter_java:jar:2.11:test (selected
for test)
[DEBUG] org.apache.directory.server:apacheds-all:jar:2.0.0-M16:compile
(selected for compile)
[DEBUG]
org.apache.directory.api:api-all:jar:1.0.0-M22-SNAPSHOT:compile (removed
- nearer found: 1.0.0-M22)
[DEBUG] org.apache.directory.api:api-all:jar:1.0.0-M22:compile
(selected for compile)
Assuming that the Apache dependencies have already did thir due
diligence (a reasonnable assumption), we should then focus on the three
following dependencies :
[DEBUG] com.unboundid:unboundid-ldapsdk:jar:2.3.3:compile (selected
for compile)
[DEBUG] org.jasypt:jasypt:jar:1.8:compile (selected for compile)
[DEBUG] org.jgrapht:jgrapht-jdk1.5:jar:0.7.3:compile (selected for
compile)
[DEBUG] javax.ws.rs:jsr311-api:jar:1.1-ea:compile (selected for compile)
[DEBUG] net.sf.opencsv:opencsv:jar:2.3:test (selected for test)
Jasypt is an AL 2.0 lib, JGrapht has a dual license (LGPL and EPL, so we
should pick EPL, which enters into the "Category B: Reciprocal Licenses
" from http://www.apache.org/legal/3party.html), javax.ws.rs is under a
CDDL license (again, a Category B license), net.sf.opencsv is available
under an AL 2.0 license.
The real problem lies in the UboundID package, which comes with three
different possible licenses : GPL2, LGPL2 - both incompatible with AL
2.0) and a more convenient "UnboundID LDAP SDK Free Use License"
(https://www.unboundid.com/products/ldap-sdk/docs/LICENSE-UnboundID-LDAPSDK.txt).
I'm not able to clearly see the implication of the free license, it's a
bit too vague for me.
At this point, and focusing on Fortress-core only, I wouls suggest we
simply get rid of Uboundid dependency, and then we should be good to go.
Anyone has another take on this matter ?
Thanks !
Re: Fortress IP clearance
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 08/10/14 14:21, Shawn McKinney a écrit :
> On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
>> Typically, here are the info I'll need :
>> - the code base URL, with a MD5/SHA checksum, at the very date of the
>> donation (ie, if we have some modification after this date, then they
>> should be retained and injected into teh code base when moved to The ASF
>> repository. All in all, it's a matter of building a zip and sign it, and
>> move it to a place we can download it (can be teh latest release, for
>> instance)
>
> What date are we considering the donation date - today? Assuming it
> is that, I will download latest snapshot from each of the four repos
> (core, commander, enmasse, realm), sign, and then upload to one of our
> file servers.
Well, the date is not important. What is important is that the zip you
sign will be the one we will take the date from. What I meant was that
you can't say "teh code is donated on april first" and provide a zip
with source dating from may &stj, with many changes since 01/04. In
other words, produce the zip, and we use the production date.
>
> On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
>> - a Corporate CLA (from Joshua tree and Symas) as to be fulfilled and
>> sent to The ASF
>
> Yes, I will arrange this.
Cool.
>
> On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
>> The list of all the people having worked on the code base, with their
>> consent
>
> Again yes, no problem.
Cool.
>
>
> On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
>> The list of dependencies with their licence have to be checked to be
>> sure they are compatible (ie, " Apache, BSD, Artistic, MIT/X, MIT/W3C,
>> MPL 1.1, or something with essentially the same terms").
>
> So here I am assuming the dependencies in the pom.xml are not
> adequate. Rather we need to list the resolved dependencies, i.e.
> located in the /lib folder, for each project. I will take care of
> this too.
Not sure if the dependencis are not adequate, we just have to be sure
that all the dependencies have a compatible license. And of course, the
dependencies they themselves depend on...
Re: Fortress IP clearance
Posted by Shawn McKinney <mc...@att.net>.
On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
> Typically, here are the info I'll need :
> - the code base URL, with a MD5/SHA checksum, at the very date of the
> donation (ie, if we have some modification after this date, then they
> should be retained and injected into teh code base when moved to The ASF
> repository. All in all, it's a matter of building a zip and sign it, and
> move it to a place we can download it (can be teh latest release, for
> instance)
What date are we considering the donation date - today? Assuming it is
that, I will download latest snapshot from each of the four repos (core,
commander, enmasse, realm), sign, and then upload to one of our file
servers.
On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
> - a Corporate CLA (from Joshua tree and Symas) as to be fulfilled and
> sent to The ASF
Yes, I will arrange this.
On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
> The list of all the people having worked on the code base, with their
> consent
Again yes, no problem.
On 10/08/2014 05:38 AM, Emmanuel Lécharny wrote:
> The list of dependencies with their licence have to be checked to be
> sure they are compatible (ie, " Apache, BSD, Artistic, MIT/X, MIT/W3C,
> MPL 1.1, or something with essentially the same terms").
So here I am assuming the dependencies in the pom.xml are not adequate.
Rather we need to list the resolved dependencies, i.e. located in the
/lib folder, for each project. I will take care of this too.