Hi, Thanks Justin and Willem.
I have used the maven plugin to check all license once again. I have finished the above modifications, you can have a check: [1] License: https://github.com/apache/incubator-iotdb/blob/2561a3b397fb6fedd99a0afddc4e665f253c5e22/License [2] License-binary: https://github.com/apache/incubator-iotdb/blob/2561a3b397fb6fedd99a0afddc4e665f253c5e22/License-binary [3] Notice: https://github.com/apache/incubator-iotdb/blob/2561a3b397fb6fedd99a0afddc4e665f253c5e22/NOTICE [4] Notice-binary: https://github.com/apache/incubator-iotdb/blob/2561a3b397fb6fedd99a0afddc4e665f253c5e22/NOTICE-binary Best, ----------------------------------- Xiangdong Huang School of Software, Tsinghua University 黄向东 清华大学 软件学院 Willem Jiang <[email protected]> 于2019年7月24日周三 下午2:16写道: > If you have the binary release, you need to list all the third party > jars in the License file. > BTW, you can use maven license plugin[1] to list those jars in your > distribution directory. > You can find the plugin setting example here[2]. The only missing part > is you still need to copy the generated file into License file > yourself. > > [1]https://www.mojohaus.org/license-maven-plugin/ > [2]https://github.com/apache/servicecomb-pack/blob/master/pom.xml#L643 > > Willem Jiang > > Twitter: willemjiang > Weibo: 姜宁willem > > On Wed, Jul 24, 2019 at 10:00 AM Xiangdong Huang <[email protected]> > wrote: > > > > Hi Justin, > > > > How about the following modifications: > > > > > 1. Why is license information being mentioned in NOTICE? All license > > information should go in LICENSE. > > > > Remove all license information out of NOTICE, and copy all content of > > NOTICEs from all bundled dependencies to our NOTICE? > > > > > 2. Why is the General Public License (GPL) license mentioned? (It’s a > > Category X license) > > > > I check the content and find that we use `javax.annotation`, which uses > > CDDL and GPL double license. > > I think it is ok that we use the dependence according to CDDL. So just > > removing the content about GPL is ok, I think. > > > > > 3. Why are dependancies (JUnit / Hamscrest) which I assume are not > > bundled mentioned? > > > > I think we can remove them out of the NOTICE and LICENSE. > > > > > 4. Why are the binaries mentioned in the source release? Please make > > seperate LICENSE and NOTICE for the source and binary releases. > > > > Do we need to maintain 4 files: LICENSE, NOTICE, LICENSE-binary, and > > NOTICE-binary? > > > > > In LICENSE it also seem you are listing dependancies rather than what > is > > bundled in the source release? > > > > According to [1] (BUNDLED VS. NON-BUNDLED DEPENDENCIES), only the > (binary) > > jars and java (source) files that written by the third part are bundled. > > > > The dependencies that claimed in pom.xml will be downloaded > automatically > > from the Maven Repository when the user compile the source code, so they > > can be considered as non-bundled. Are these dependencies can be removed > > from the LICENSE? > > > > [1] http://www.apache.org/dev/licensing-howto.html#mod-notice > > > > Best, > > ----------------------------------- > > Xiangdong Huang > > School of Software, Tsinghua University > > > > 黄向东 > > 清华大学 软件学院 > > > > > > Justin Mclean <[email protected]> 于2019年7月24日周三 上午6:47写道: > > > > > HI, > > > > > > I took a quick look at NOTICE and something is not right: > > > 1. Why is license information being mentioned in NOTICE? All license > > > information should go in LICENSE. > > > 2. Why is the General Public License (GPL) license mentioned? (It’s a > > > Category X license) > > > 3. Why are dependancies (JUnit / Hamscrest) which I assume are not > bundled > > > mentioned? > > > 4. Why are the binaries mentioned in the source release? Please make > > > seperate LICENSE and NOTICE for the source and binary releases. > > > > > > In LICENSE it also seem you are listing dependancies rather than what > is > > > bundled in the source release? > > > > > > Thanks, > > > Justin >
