On 02/02/15 11:33, Stian Soiland-Reyes wrote:
2/ There is a LGPL dependency (scope test) which needs investigation.
>(I would have appreciated that having been pointed out first)
Sorry, I didn't mention this outside the pom.xml as it was a
build/test dependency, which I thought would be OK - given:
https://www.apache.org/legal/resolved.html#prohibited
The eosgi-maven-plugin Maven plugin is also LGPL.
That's not what resolved.html#prohibited is referring to. That is
general principles, not java specific.
An Apache release must be reproducible; it's not just code.
The source-resource that is the formal release must be buildable by a
down-stream user. Jena ships our repo (the Apache parent does the work).
The down-stream user must be able to build the same artifacts; they may
wish to check against any binaries in maven, or to modify them. Just
maven -sources is not enough. maven central is not n Apache hardware.
As far as I know, we can not ship source-release that pulls in LGPL,
even to test, without the user making an explicit act to knowingly do
that and work without it.
How do other projects do testing?
Andy
