Justin Thanks for looking into this. The MPL license was used by pnotify. We removed it as part of JIRA https://issues.apache.org/jira/browse/RANGER-316, but we didn¹t update the LICENSE.txt file. Is it okay to remove the license text from the file during our next release or is it a blocker for this release? I have created JIRA https://issues.apache.org/jira/browse/RANGER-542 to track it.
We will also address your rest of your concerns during our next release. I have created the following JIRA to track it https://issues.apache.org/jira/browse/RANGER-541. Thanks Bosco On 6/6/15, 6:35 PM, "Justin Mclean" <jus...@classsoftware.com> wrote: >Hi, > >+0 binding until MPL issue clarified, then I¹ll change my vote to +1. > >But there a few other things that need to be fixed for next release. > >I checked >- Release does¹t contain incubating in release name. >- Signatures and hash good (but could be improved) >- DISCLAIMER exists >- Year range in NOTICE file is incorrect >- NOTICE file has minor issues (see below) >- LICENSE file also have a few minor issues >- All source file have Apache headers >- No unexpected binaries in source release >- Can compile from source > >The LICENSE notes that you using JQuery Pine Notify which is triple >licensed under GPL, LGPL and MPL. MPL is a category B license and as such >needs to be handled with care [6]. However I¹m not sure that it is >actually bundled in the software - can you confirm this. If it is not it >can be removed from the LICENSE. > >Permissive licenses such as Apache and MIT do not normally get mentioned >in the NOTICE file [4] as the NOTICE file places a burden on downstream >projects can these please be removed. > >The following seem to be missing from the LICENSE >- font awesome (MIT + SIL) see >security-admin/src/main/webapp/fonts/fontawesome/fontawesome-webfont.svg >and >ranger-0.5.0/security-admin/src/main/webapp/fonts/fontawesome/FontAwesome. >* + >ranger-0.5.0/security-admin/src/main/webapp/fonts/fontopensans/open-sans* >- backbone forms (MIT) see >ranger-0.5.0/security-admin/src/main/webapp/libs/bower/backbone-forms/* >- select2 (MIT) see >security-admin/src/main/webapp/libs/bower/select2/select2.css >- bootstrap (MIT) see >ranger-0.5.0/security-admin/src/main/webapp/themejs/1.3.0/bootstrap.min.js >- QUnit (MIT) see >security-admin/src/main/webapp/libs/bower/globalize/test/qunit/qunit.js >- jsDump (BSD -part of QUnit) see >security-admin/src/main/webapp/libs/bower/globalize/test/qunit/qunit.js >- Sizzle.js (part of jQuery) see >security-admin/src/main/webapp/libs/bower/globalize/examples/browser/jquer >y-1.4.4.js > >Also VisualSearch.js could be placed with the other MIT licenses. > >There is also no need to list Apache licensed software in LICENSE, >however it¹s not an licensing error, and up to you if you want to leave >them there. > >For the next release can you please fix the following: >- Add incubating to the release name [1] >- Place the release in the correct place [2][3] >- Put the contents of hashes in a standard format (making it easier to >check) >- Consider adding apache to release artefact name >- Correct years in NOTICE file >- Remove unnecessary information from NOTICE >- Add missing licenses to LICENSE > >Note that the first two items are marked as MUST in the incubator policy. > >Thanks, >Justin > >1.http://incubator.apache.org/incubation/Incubation_Policy.html#Releases >2. http://www.apache.org/dist/incubator/ranger/ >3. http://incubator.apache.org/incubation/Incubation_Policy.html#Releases >4. http://www.apache.org/dev/licensing-howto.html#permissive-deps >5. http://www.apache.org/legal/resolved.html#category-b > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org >For additional commands, e-mail: general-h...@incubator.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
