On general principal I agree with you. I have no problem with having certain blocks require that you download software from wherever under whatever license. The problem comes about when you start having other blocks require the first block as a prereq and the prereq has an unacceptable license.
In other words, I don't believe an Apache project should ever rely on other software with an incompatible license for its core functionality. In some sense, the way Cocoon is organized can help this. One would expect that the core of Cocoon itself would be free of ANY licensing issues. Blocks, on the other hand, might not be. In fact, blocks.properties as well as the blocks description web pages could clearly identify what components they require and what the licenses for them are. However, one would expect that blocks such as cocoon forms, the authentication framework, session framework, etc. would also be free of issues. Ralph -----Original Message----- From: Stefano Mazzocchi [mailto:[EMAIL PROTECTED] Sent: Friday, March 12, 2004 2:26 PM To: [EMAIL PROTECTED] Subject: Re: Using Maven (or something similar) for dependencies? (Was: Cocoon's Rhino+continuations fork) wait! let's keep reasonable here, ok? We are distributing cocoon today and it's *already* a legal hell to go thru to find out how to package cocoon in a commercial product and redistribute it. The cocoon *code* is licensed under the apache license, the libraries are licensed according to the /legal directory, as we specify in the README file. Brian thinks that this is not enough and yields the false impression that *everything* is licensed under the apache license. Not everybody agrees with him. But due to the nature of cocoon, installations are just that: installations. 99% of our users do not redistribute cocoon as part of their system. They use it to provide a service. And, if they do redistribute cocoon as a part of their software, they will need to comply to *ALL* the licenses that we ship. [but since we did the job for them to screen the compatibilities, they have to make sure that they comply to the other things, like IP and patent rights] If we do not redistribute, say, Rhino, this makes it more obvious that they have to comply to the license because they have to download it themselves... but if we do it thru a package manager, well, it's the same thing. IMHO, stopping distributing libraries under the MPL doesn't buy us nothing, the legal issues are all already there, we should just make it more obvious when the user downloads our distribution. NOTE: legal issues are nasty with IP and patents anyway. Open source is not freeing you from living in the real world, unfortunately. -- Stefano.
