-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please clarify license for the published artifacts #40
Comments
Isn't
Would you have any reference that suggests
Actually in my opinion that's the first and minimum you should do 😀 Plus ideally an |
It does not work that way.
For instance, Apache Software Foundation has 20+ year history, and the rule there is
As you might guess, lots of Apache Maven plugins would follow that requirement by default.
Does it matter? That is a standard manifest name with a well-defined machine-readable value. |
Thank you. I've evaluated it as prepared build scripts for Apache JMeter, however, OSS Review Toolkit was hard to bend to produce the desired result. So I went with implementing license-gather-plugin for Gradle |
Correct. But that should be the rather uncommon case. At least it is in my experience.
Thanks for the reference.
It does matter if you want to convince people to use that standard, and esp. you need to convince people about the benefit of adding the SPDX license ID there instead of just in the POM's
Feel free to file an issue about your experiences in the ORT project. |
I'm afraid I fail to recognize now what was the motivation of the issue. Apparently, JMeter does not re-distribute native-platform yet. |
native-platform project publishes a lot of jar files, however they do not mention which license is in place.
Please add
Bundle-License: Apache-2.0
manifest entry (whereApache-2.0
is SPDX identifier, see https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license )Well, current
pom.xml
tags are quite obvious (even though you might want to replace<licence><name>
with SPDX id ofApache-2.0
), however adding explicitBundle-License
would simplify automatic analysis.Please add LICENSE file to the produced jar files.
The suggested file locations is
META-INF/LICENSE
You might want to mention the license in
pom.xml
via<license>
tag, however it is not that required.The text was updated successfully, but these errors were encountered: