We have been discussing about updating the vendored dependency in BEAM-11227 <https://issues.apache.org/jira/browse/BEAM-11227>, if I remember correctly the newer version of gRPC does not require the jboss dependency, so probably is the best upgrade path, can you confirm Tomo Suzuki <https://issues.apache.org/jira/secure/ViewProfile.jspa?name=suztomo> ?
On Mon, May 10, 2021 at 2:33 PM Jarek Potiuk <ja...@potiuk.com> wrote: > Also we have very similar discussion about it in > https://issues.apache.org/jira/browse/LEGAL-572 > Just to be clear about the context of it, it's not a legal requirement of > Apache Licence, it's Apache Software Foundation policy, that we should not > limit our users in using our software. If the LGPL dependency is > "optional", it's fine to add such optional dependency. If it is "required" > to run your software, then it is not allowed as it limits the users of ASF > software in further redistributing the software in the way they want (this > is at least my understanding of it). > > On Mon, May 10, 2021 at 12:58 PM JB Onofré <j...@nanthrax.net> wrote: > >> Hi >> >> You can take a look on >> >> https://www.apache.org/legal/resolved.html >> >> Regards >> JB >> >> Le 10 mai 2021 à 12:56, Elliotte Rusty Harold <elh...@ibiblio.org> a >> écrit : >> >> Anyone have a link to the official Apache policy about this? Thanks. >> >> On Mon, May 10, 2021 at 10:07 AM Jan Lukavský <je...@seznam.cz> wrote: >> >> >> Hi, >> >> >> we are bundling dependencies with LGPL-2.1, according to license header >> >> in META-INF/maven/org.jboss.modules/jboss-modules/pom.xml. I think is >> >> might be an issue, already reported here: [1]. I created [2] to track it >> >> on our side. >> >> >> Jan >> >> >> [1] https://issues.apache.org/jira/browse/FLINK-22555 >> >> >> [2] https://issues.apache.org/jira/browse/BEAM-12316 >> >> >> >> >> -- >> Elliotte Rusty Harold >> elh...@ibiblio.org >> >> > > -- > +48 660 796 129 >
