Presumably we want wiab to be independent from third party download
websites, so the "get-third-party-libs" script should point to our own
mirror of all those jars?
On Fri, Jun 21, 2013 at 11:58 AM, Angus Turner <angusisf...@gmail.com>wrote:
> +1 to adding all the third party .jars to an ant task. There's a tonne of
> them in there, and it's hard to keep track of what licence what library is
> under.
>
> Thanks
> Angus Turner
> angusisf...@gmail.com
>
>
> On Fri, Jun 21, 2013 at 7:27 PM, Upayavira <u...@odoko.co.uk> wrote:
>
> >
> >
> > On Fri, Jun 21, 2013, at 10:14 AM, Ali Lown wrote:
> > > It looks like RC3 will fail at the Incubator vote. (This is both fine
> > > and expected)
> >
> > Yep.
> >
> > > This also conveniently lets us merge some of the other fixes (for
> > > example the broken translations/eclipse) in for RC4.
> >
> > Okay, but don't absorb *too* many changes.
> >
> > > The main problem seems to (still) be the third_party/* files
> > > (particularly in the source release - I don't know if they are okay to
> > > be included in the 'binary' release).
> >
> > A *source* release must be source only. Third party jars aren't source,
> > so shouldn't be included. They are fine in a binary release.
> >
> > > It looks like the easiest way to handle this is to have them all
> > > downloaded during the get-third-party ant task.
> >
> > That would be a reasonable thing for the build script in the src
> > distribution to do, but so long as there is some way (even manual) for
> > that to happen, I don't see it as an issue.
> >
> > > Some comments were raised about the src/python/api files not being
> > > correctly licensed. Manually inspecting them it appears rat wasn't
> > > complaining because they are all Apache licensed, but we have
> > > 'Licensed under the Apache License' used for some, and (the correct?)
> > > 'Licensed to the Apache Software Foundation' in others.
> >
> > The first would be valid for code written elsewhere, and the latter for
> > code being maintained here. Which are they?
> >
> > > We (may) need to file for an ECCN given we use bouncy-castle. (Is this
> > > only an issue if we include it, if we have it fetched by a separate
> > > task (given the IPMC don't seem to like having the jars shipped with
> > > Wave) is it still a problem?)
> >
> > The ECCN stuff is for 'exporting encryption'. If we release a
> > convenience binary, then as far as the US govt is concerned, we need to
> > do the ECCN stuff.
> >
> > Upayavira
> >
>
--
Saludos,
Bruno González
_______________________________________________
Jabber: stenyak AT gmail.com
http://www.stenyak.com
