Hi Andy, 2013/3/28 Andy Seaborne <a...@apache.org>
> > >> Sergio, can you please re-check all 3rd party source files whether they >> have been updated by the plugin incorrectly? >> > > Looks like every case can be different (very) :-( > > How about we draw up a list of modules and split the task of checking each > one. A discussion and process on dev@ for the community. > The NOTICE file in the source root *should* contain the complete list of 3rd party works at the moment, so it should suffice to check there. In any case, it is always worthwhile synchronizing the NOTICE file again with all the modules. Javascript libraries will only be contained in the modules under the platform/ reactor. > > We're suffering because of the various levels and interpretation of how > 3rd parties apply license info. > > (I am wondering about putting a NOTICE/LICENCE in every included > dependency then no need to put in top level N&L. Other mentors - thoughts?) > This was my original thought as well - in this case it might even not be necessary to have all the NOTICEs in the binary distributions (the jar files retrieved via Maven contain that info). On the other hand, if I follow the 4th guiding principle in http://www.apache.org/legal/3party.html#principles then I'd say we should make it as easy as possible for users of our software to see what they are getting into. I am now listing even the BSD and MIT licensed dependencies there also, because it simply might be a relevant information for the user, even if (s)he is not restricted any more by these licenses than by the Apache License. In this, I am mostly following the SOLR example: http://svn.apache.org/repos/asf/lucene/dev/trunk/solr/NOTICE.txt They also include jQuery, D3, ... in the NOTICE file, even though they are MIT licensed. Greetings, Sebastian
