Re: LGPL-2.1 in beam-vendor-grpc

As I sent in the separate email about https://github.com/apache/beam/pull/14833, now the Beam's master branch depends on the newer version of the vendored gRPC, which does not include the problematic jboss artifacts. On Tue, May 11, 2021 at 12:39 PM Kenneth Knowles wrote: > +1 > > It seems we

Re: LGPL-2.1 in beam-vendor-grpc

+1 It seems we are pretty close on the upgrade. The same tricky problem as before, but it seems to be narrowed down. Kenn On Mon, May 10, 2021 at 8:26 AM Jean-Baptiste Onofre wrote: > +1 fully agree. > > Regards > JB > > Le 10 mai 2021 à 16:02, Jan Lukavský a écrit : > > +1 for blocking the r

Re: LGPL-2.1 in beam-vendor-grpc

+1 fully agree. Regards JB > Le 10 mai 2021 à 16:02, Jan Lukavský a écrit : > > +1 for blocking the release - I think we should not release something about > which we _know_ that it might be legally problematic. And we should > definitely create a check in the build process that will warn abo

Re: LGPL-2.1 in beam-vendor-grpc

+1 to bock a release because of this. Agree with Jan’s arguments. — Alexey > On 10 May 2021, at 16:02, Jan Lukavský wrote: > > +1 for blocking the release - I think we should not release something about > which we _know_ that it might be legally problematic. And we should > definitely create

Re: LGPL-2.1 in beam-vendor-grpc

+1 for blocking the release - I think we should not release something about which we _know_ that it might be legally problematic. And we should definitely create a check in the build process that will warn about such issues in the future.  Jan On 5/10/21 3:44 PM, Ismaël Mejía wrote: Tomo just

Re: LGPL-2.1 in beam-vendor-grpc

Tomo just confirmed in the ticket that if we update the gRPC vendored version we won't need the JBoss dependency anymore so we should be good to go with the upgrade. The open question is if this should be blocking for the upcoming Beam 2.31.0 release or we can fix it afterwards. On Mon, May 10, 2

Re: LGPL-2.1 in beam-vendor-grpc

We have been discussing about updating the vendored dependency in BEAM-11227 , if I remember correctly the newer version of gRPC does not require the jboss dependency, so probably is the best upgrade path, can you confirm Tomo Suzuki

Re: LGPL-2.1 in beam-vendor-grpc

Also we have very similar discussion about it in https://issues.apache.org/jira/browse/LEGAL-572 Just to be clear about the context of it, it's not a legal requirement of Apache Licence, it's Apache Software Foundation policy, that we should not limit our users in using our software. If the LGPL de

Re: LGPL-2.1 in beam-vendor-grpc

Hi You can take a look on https://www.apache.org/legal/resolved.html Regards JB > Le 10 mai 2021 à 12:56, Elliotte Rusty Harold a écrit : > > Anyone have a link to the official Apache policy about this? Thanks. > >> On Mon, May 10, 2021 at 10:07 AM Jan Lukavský wrote: >> >> Hi, >> >> we

Re: LGPL-2.1 in beam-vendor-grpc

Anyone have a link to the official Apache policy about this? Thanks. On Mon, May 10, 2021 at 10:07 AM Jan Lukavský wrote: > > Hi, > > we are bundling dependencies with LGPL-2.1, according to license header > in META-INF/maven/org.jboss.modules/jboss-modules/pom.xml. I think is > might be an issue

Re: LGPL-2.1 in beam-vendor-grpc

Yeah LGPL is cat X license. So it should not be embedded and distributed. Regards JB > Le 10 mai 2021 à 12:07, Jan Lukavský a écrit : > > Hi, > > we are bundling dependencies with LGPL-2.1, according to license header in > META-INF/maven/org.jboss.modules/jboss-modules/pom.xml. I think is