[QVote] Where to put licenses?

[Carsten Ziegeler <cz...@s-und-n.de>]

Actually we have more important things to do than discussing
where the licenses should be stored.
But as it shouldn't be *just me* deciding this, just a quick 
vote about it.

>From a users POV putting all in the legal directory makes
more sense than to put it next to each jar file.

So, if noone is against it, I will move all of them into
the legal directory again.

Please respond only if you're against it.

Thanks

Carsten 

Carsten Ziegeler 
Open Source Group, S&N AG
http://www.osoco.net/weblogs/rael/

RE: [QVote] Where to put licenses?

[Antonio Gallardo <ag...@agssa.net>]

Carsten Ziegeler dijo:
> Joerg Heinicke wrote:
>>
>> On 03.03.2004 14:42, Carsten Ziegeler wrote:
>>
>> >>But what I absolutely don't like is the adding of the
>> package version
>> >>to the license file. What's it for? A comparison between
>> >>package-xyz-1.23.45.jar and package-xyz.license.txt can
>> also be done
>> >>without any problem. It's useless remove and readd of files to CVS
>> >>IMO.
>> >
>> > That's simple. As we learned recently, the license might change
>> > between versions! So having the version number in the license name
>> > will more clearly show that updating a jar has to go in combination
>> > with (perhaps) updating the license.
>> > If e.g. someone of us had updated Jisp to 3.0 I bet that
>> noone would
>> > ever have noticed that we actually couldn't use that version as the
>> > jisp.license we had in our CVS was still compatible.
>>
>> A valid point as it attracts attention
>>
>> >>Adding this logic to the test script/check-jars.xsl/gump or
>> what ever
>> >>is much more clever.
>> >>
>> >
>> > As soon as there is a script we *could* remove the version number.
>> > But I think not any sooner.
>>
>> The script would not help with the above point. Or do you
>> want to check the content of the license file?? This would
>> mean an "either or", not an "it depends".
>>
> Exactly my point (although I might not have made it that clear), a
> script can't test the contents of the license, that's why I wrote
> we "*could*" remove the version number. I still think, having the
> version numbers helps more than any script can do.
> If you're using scripts you tend to rely on the scripts without
> assuring that the scripts really do what you want.
>
> Anyways, it seems noone is really against moving all licenses
> back to the legal directory and if someone comes up with a script
> we will see if it helps or not.

I really don't understand why the license files are travelling across all
the source code. :-D

Before committing any jar, we review the license to check changes against
the old one. The peer review is the best we can do.

In short, licenses in legal dir.

Best Regards,

Antonio Gallardo.

Re: [QVote] Where to put licenses?

[Joerg Heinicke <jo...@gmx.de>]

On 03.03.2004 22:51, Carsten Ziegeler wrote:

> Anyways, it seems noone is really against moving all licenses
> back to the legal directory and if someone comes up with a script
> we will see if it helps or not.

The script (or the adding of <license> to gump, this is what I would 
prefer much more) is just for seeing if a license file exists for the 
jar. Whether it's the correct one must still be done by hand of course. 
Maybe additional functionality like license content checking will be 
added to gump, but we should not do this with a proprietary script.

Joerg

RE: [QVote] Where to put licenses?

[Carsten Ziegeler <cz...@s-und-n.de>]

Joerg Heinicke wrote:
> 
> On 03.03.2004 14:42, Carsten Ziegeler wrote:
> 
> >>But what I absolutely don't like is the adding of the 
> package version 
> >>to the license file. What's it for? A comparison between 
> >>package-xyz-1.23.45.jar and package-xyz.license.txt can 
> also be done 
> >>without any problem. It's useless remove and readd of files to CVS 
> >>IMO.
> > 
> > That's simple. As we learned recently, the license might change 
> > between versions! So having the version number in the license name 
> > will more clearly show that updating a jar has to go in combination 
> > with (perhaps) updating the license.
> > If e.g. someone of us had updated Jisp to 3.0 I bet that 
> noone would 
> > ever have noticed that we actually couldn't use that version as the 
> > jisp.license we had in our CVS was still compatible.
> 
> A valid point as it attracts attention
> 
> >>Adding this logic to the test script/check-jars.xsl/gump or 
> what ever 
> >>is much more clever.
> >>
> > 
> > As soon as there is a script we *could* remove the version number.
> > But I think not any sooner.
> 
> The script would not help with the above point. Or do you 
> want to check the content of the license file?? This would 
> mean an "either or", not an "it depends".
> 
Exactly my point (although I might not have made it that clear), a
script can't test the contents of the license, that's why I wrote
we "*could*" remove the version number. I still think, having the
version numbers helps more than any script can do.
If you're using scripts you tend to rely on the scripts without
assuring that the scripts really do what you want.

Anyways, it seems noone is really against moving all licenses
back to the legal directory and if someone comes up with a script
we will see if it helps or not.

Carsten

Re: [QVote] Where to put licenses?

[Joerg Heinicke <jo...@gmx.de>]

On 03.03.2004 14:42, Carsten Ziegeler wrote:

>>But what I absolutely don't like is the adding of the package 
>>version to the license file. What's it for? A comparison 
>>between package-xyz-1.23.45.jar and package-xyz.license.txt 
>>can also be done without any problem. It's useless remove and 
>>readd of files to CVS IMO.
> 
> That's simple. As we learned recently, the license might change
> between versions! So having the version number in the license name
> will more clearly show that updating a jar has to go in combination
> with (perhaps) updating the license. 
> If e.g. someone of us had updated Jisp to 3.0 I bet that noone
> would ever have noticed that we actually couldn't use that version
> as the jisp.license we had in our CVS was still compatible.

A valid point as it attracts attention

>>Adding this logic to the test script/check-jars.xsl/gump or 
>>what ever is much more clever.
>>
> 
> As soon as there is a script we *could* remove the version number.
> But I think not any sooner.

The script would not help with the above point. Or do you want to check 
the content of the license file?? This would mean an "either or", not an 
"it depends".

Joerg

RE: [QVote] Where to put licenses?

[Carsten Ziegeler <cz...@s-und-n.de>]

Joerg Heinicke wrote:
> But what I absolutely don't like is the adding of the package 
> version to the license file. What's it for? A comparison 
> between package-xyz-1.23.45.jar and package-xyz.license.txt 
> can also be done without any problem. It's useless remove and 
> readd of files to CVS IMO.
That's simple. As we learned recently, the license might change
between versions! So having the version number in the license name
will more clearly show that updating a jar has to go in combination
with (perhaps) updating the license. 
If e.g. someone of us had updated Jisp to 3.0 I bet that noone
would ever have noticed that we actually couldn't use that version
as the jisp.license we had in our CVS was still compatible.

> Adding this logic to the test script/check-jars.xsl/gump or 
> what ever is much more clever.
> 
As soon as there is a script we *could* remove the version number.
But I think not any sooner.

Carsten

Re: [QVote] Where to put licenses?

[Joerg Heinicke <jo...@gmx.de>]

Carsten Ziegeler <cziegeler <at> s-und-n.de> writes:

> Actually we have more important things to do than discussing
> where the licenses should be stored.
> But as it shouldn't be *just me* deciding this, just a quick 
> vote about it.
> 
> From a users POV putting all in the legal directory makes
> more sense than to put it next to each jar file.
> 
> So, if noone is against it, I will move all of them into
> the legal directory again.
> 
> Please respond only if you're against it.

Sorry, in the last days I only read the most mails without any
participating in discussions. Maybe I should not add my comment
to a vote thread but here it is:

IMO it's not that important where the licenses are stored though
it might be a help for the users, but who checks all the licenses
before using a package? The Apache brand and Apache's license
policies almost assure that I can use the package without "any"
restrictions. I only have to stay compatible to the Apache license
itself.

So the developer's part remain: Important is the file ending. It
should at least be one for all as it is .license at the moment,
.license.txt might be even better.

I'm ok with having a license for every jar, the possible different
release times for subpackages like Avalon Excalibur even seem to
make this necessary.

But what I absolutely don't like is the adding of the package version
to the license file. What's it for? A comparison between
package-xyz-1.23.45.jar and package-xyz.license.txt can also be done
without any problem. It's useless remove and readd of files to CVS IMO.
Adding this logic to the test script/check-jars.xsl/gump or what ever
is much more clever.

Joerg