No reply... Should I take that back to legal-discuss? I would like to be sure that warnings about the Ruby license in the NOTICE file would be considered enough by the IPMC though.
Thanks, Matthieu On Nov 20, 2007 3:28 PM, Matthieu Riou <[EMAIL PROTECTED]> wrote: > Hi, > > The Buildr podling which entered incubation recently needs to address the > problem of releasing Ruby code under the ASF. There are basically two > questions that we'll need to answer before being able to do any release: > > 1. As most Ruby libraries reuse the Ruby license [1], in which category > (A, B or X) does the Ruby license fall according to the third-party licenses > draft policy [2]. > > 2. Does the license of third-party software matters for Ruby given that > they're only used as Gems (the Ruby packaging system, see later for more) > and never distributed. As an example, Buildr uses a LGPL library although > none of that code is ever distributed with Buildr. Would that dependency > need to be removed? > > For the first question, Sam seemed to think that the Ruby license would > fall in category B (see a thread I've posted some time ago on legal-discuss > [3]). That means we would just need to warn our users so that they don't > unknowingly create a derivative work. What would be an acceptable way to do > that in a Ruby distribution? Would the NOTICE file be enough? An additional > warning in the download section? Another idea? > > The packaging system for Ruby is called RubyGems, it's very similar to > what exists in the *nix world and installs eventual dependencies for you. A > standard Ruby software is bundled in this package called a gem that includes > a descriptor with all the dependencies. When you ask RubyGems to install a > gem for you, it will ask whether you want to download each of its > dependencies and download and install them locally. Or do nothing if you > happen to already have the dependencies installed. So when you distribute a > Gem, you're usually only distributing your own code and the rest could be > considered part of the environment. > > Apparently the problem would be in the fact that gems are exploded when > installed (see [3] again) but I fail to see how that would make a difference > with the licenses we're worried about (say GPL and LGPL, v2 and v3). Any > hint? > > To get back to Buildr's specific case, we only have one LGPL dependency > that wouldn't be too hard to remove. It would penalize performance a bit so > it would still be nice to be able to use it but we could make it an option > and do without it for the default setup. But we have quite a few Ruby > licensed dependencies that we wouldn't be able to do without. > > Thanks! > Matthieu > > [1] http://www.ruby-lang.org/en/LICENSE.txt > [2] http://people.apache.org/~rubys/3party.html > <http://people.apache.org/%7Erubys/3party.html> > [3] > http://mail-archives.apache.org/mod_mbox/www-legal-discuss/200708.mbox/[EMAIL > PROTECTED] > >
