onichols-pivotal commented on a change in pull request #5018:
URL: https://github.com/apache/geode/pull/5018#discussion_r418414125
##########
File path: gradle/java.gradle
##########
@@ -73,7 +73,7 @@ gradle.taskGraph.whenReady({ graph ->
}
}
jar.metaInf {
- from("$rootDir/LICENSE")
+ from("$rootDir/geode-assembly/src/main/dist/LICENSE")
Review comment:
> 1. Why do we have two copies of the `LICENSE` file?
> 2. Why are they different!?
Thanks for asking, it's not totally intuitive at first.
`LICENSE` is intended to cover Geode's license plus any 3rd party products
we redistribute in source form (such as javascript libraries). This LICENSE
file is added to the apache-geode-x.y.z-src.tgz release artifact.
`geode-assembly/src/main/dist/LICENSE` includes everything in LICENSE, and
also covers any 3rd party libraries redistributed in apache-geode-x.y.z.tgz
(binary) releases. This license file is added to apache-geode-x.y.z.tgz and
also placed in every Geode .jar and .war file.
It turns out, for several releases now we had been accidentally putting the
source license instead of the binary license into .jar and .war files, which
added further confusion to which license was for which purpose and which one
things should be added to. This PR straightens out all of those issues.
The reason we need separate source and binary licenses might have to do with
Apache rules. Only the source release is an official act of the Apache
Foundation. Geode also provides a compiled binary release as a courtesy only.
Please ask a PMC member for more details on Apache release governance.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
