[
https://issues.apache.org/jira/browse/SOLR-15465?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17360311#comment-17360311
]
Dawid Weiss commented on SOLR-15465:
------------------------------------
Well, maybe. But I like the consistency of having those license/ notice files.
One advantage I see is that this forces folks to actually dig up the license
for a dependency... so that you know it's not conflicting with Apache policies,
for example. I don't mind if you wish to change it but I think conscious manual
update has benefits in this case.
> Do not require LICENSE and NOTICE files for test-dependencies
> -------------------------------------------------------------
>
> Key: SOLR-15465
> URL: https://issues.apache.org/jira/browse/SOLR-15465
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Build
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
>
> Our current build (and the ant build before it) checks that every single jar,
> even test dependencies, have a .sha1 file in licenses/ folder along with a
> LICENSE file and optinally a NOTICE file.
> However, according to [https://infra.apache.org/licensing-howto.html] we only
> need to supply LICENSE/NOTICE files for bits we ship, either as copy/pasted
> source code in the source dist or jar deps in the binary dist.
> Thus, I think we can stop shipping those LICENSE/NOTICE files for deps that
> we never distribute. Perhaps the sha1 files should remain for extra
> validation of binaries pulled from mvn, I don't know.
> [~dsmiley] [~dweiss]
> This probably goes for the Lucene build too.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
