james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Bagnara <apa...@bago.org>
Subject Re: [jSPF] poms, copyright, license, again... (Was: [VOTE] jSPF-0.9.6)
Date Sun, 30 Mar 2008 23:43:40 GMT
Robert Burrell Donkin ha scritto:
> On Sun, Mar 30, 2008 at 4:56 PM, Robert Burrell Donkin
> <robertburrelldonkin@gmail.com> wrote:
>> On Sun, Mar 30, 2008 at 4:09 PM, Stefano Bagnara <apache@bago.org> wrote:
>>  >
>>  > Robert Burrell Donkin ha scritto:
>>  >  > On Sat, Mar 29, 2008 at 5:25 PM, Stefano Bagnara <apache@bago.org>
wrote:
>>  >  >> Robert Burrell Donkin ha scritto:
>>  >  >>  > On Sat, Mar 29, 2008 at 1:40 PM, Stefano Bagnara <apache@bago.org>
wrote:
>>  >  >>  >> Robert Burrell Donkin ha scritto:
>>  >  >>  >>  > On Fri, Mar 28, 2008 at 11:07 AM, Stefano Bagnara
<apache@bago.org> wrote:
>>  >  >>  >>
>>  >  >>  >>>>  I checked MAVENUPLOAD and the first reference
about junit is:
>>  >  >>  >>  >>  http://jira.codehaus.org/browse/MAVENUPLOAD-1168
>>  >  >>  >>  >>  And it is about junit 4.1: the submitter say
he took the pom from 4.0
>>  >  >>  >>  >>  and updated it.. so this doesn't help for now.
IF the original junit pom
>>  >  >>  >>  >>  was under the CPL then probably that user was
not entitled in altering
>>  >  >>  >>  >>  the content and submit it to the ASF and the
ASF should not have
>>  >  >>  >>  >>  uploaded it to central (is this right?).
>>  >  >>  >>  >
>>  >  >>  >>  > codehaus is not apache. any source use from codehaus
needs to come in
>>  >  >>  >>  > via the incubator IP clearance.
>>  >  >>  >>  >
>>  >  >>  >>  > - robert
>>  >  >>  >>
>>  >  >>  >>  Hey... MAVENUPLOAD at codehaus is *THE* *WAY* artifacts
use to be placed
>>  >  >>  >>  in central by the ASF ;-) . Or at least this is what maven
tells to the
>>  >  >>  >>  world:
>>  >  >>  >>  http://maven.apache.org/guides/mini/guide-central-repository-upload.html
>>  >  >>  >>
>>  >  >>  >>  I can also confirm that I have successfully created a
pom for dnsjava,
>>  >  >>  >>  uploaded it to codehaus MAVENUPLOAD JIRA and someone published
it to the
>>  >  >>  >>  maven central repository.
>>  >  >>  >>
>>  >  >>  >>  I just repeat that MOST projects in ASF are using the
poms included in
>>  >  >>  >>  central and this is a big issue that is being mostly ignored,
>>  >  >>  >>  unfortunately. That is why I think the PPMC are not being
diligent and
>>  >  >>  >>  the board should help spreading this issue and coordinate
all the PPMCs
>>  >  >>  >>  to find a common solution to this issue.
>>  >  >>  >
>>  >  >>  > using artifacts from the maven repository does not worry me:
>>  >  >>  > distributing artifacts does
>>  >  >>  >
>>  >  >>  > - robert
>>  >  >>
>>  >  >>  I understand this, but I didn't understand why.
>>  >  >>  If that file is under an acceptable license then we can use and
>>  >  >>  redistribute it, otherwise we can't use and redistribute it IMO.
>>  >  >
>>  >  > you can opinion all you like but you're wrong
>>  >  >
>>  >  > use and distribution are two distinct and different concepts and
>>  >  > rights under copyright law. it is perfectly possible to create
>>  >  > licenses which allow use but not distribution and vice versa.
>>  >  >
>>  >  > - robert
>>  >
>>  >  Sorry. I can accept your opinion but I don't think I'm wrong and you're
>>  >  right ;-)
>>
>>  if you're interested in open source and the law then you really should
>>  try to get to more conferences: you might learn something
>>
>>
>>  >  What I say is that if you DON'T KNOW THE LICENSE the ALL RIGHTS ARE
>>  >  RESERVED. This means you can't redistribute it and you can't
>>  >  automatically download it as part of an automated process.
>>
>>  no: you're wrong
>>
>>  if you don't knowingly possess an explicit license then this means
>>  exactly and only that: you don't knowingly possess an explicit
>>  license. you may still have rights to use or distribute that artifact:
>>  you may have an implied license, the artifact might contain an
>>  embedded license, a public license may be available (which you don't
>>  know about or that you haven't bothered to download) or your legal
>>  system may grant fair use rights. AIUI there are some jurisdictions
>>  (for example, the UK) which may in theory imply that you need to
>>  possess an actual license but in practice this is unenforcable.
> 
> apologies, re-reading this thread i see that i've become a little
> personal. i just find it very frustrating and this is a very long
> thread that seems to be going nowhere. i've tried to explain where
> there are big differences between distribution and use under copyright
> law and in apache policy but i haven't really succeeded.
> 
> - robert

ops, sorry.. I read this message after the previous reply.

I understood that we are not understanding each other, too!

I'm sorry for the long messages, my poor english bring me to write the 
same thing multiple time with the hope the message is transmitted.

I clearly understand that downloading an artifact from a website as part 
of an automated process is DIFFERENT (for the US law, for many other 
jurisdictions, for the ASF policies, and for everything else) from 
redistributing the same artifact as part of another product.

My point is that if you don't know what the license is I don't see why 
downloading automatically is *THE* right choice. I understand that the 
legal complications of redistributing are bigger than the one of 
automatically download, but the fact is that we don't know the license, 
so there are even minimal possibilities that also the automatic download 
is not allowed by the license we don't know.

The funny thing is that all of this thread is about a "stupid" pom that 
even my father could write as is if I explain him the pom 
semantic+syntax and I tell him to describe junit-3.8.1.jar. This is what 
scare me: the fact that we don't have a clear way to rewrite this 
f***ing xml from scratch and release jSPF-0.9.7.

For the record the other funny thing is that I don't need a jSPF release 
and I don't use jSPF in any of my projects. My involvement in jSPF 
started mainly because I had problems releasing JAMES Server and need a 
way to work together Norman to better understand his skills and try to 
help him joining the JAMES project.

I thank you for everything you wrote in reply to my messages: it is 
always interesting to me to discuss corner cases. What I find 
frustrating is that my english is not as good as my italian otherwise we 
could have written much less and have a conclusion about what to do with 
jSPF, now.

Stefano


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message