incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matthieu Riou" <>
Subject Buildr, Ruby license and packaging
Date Tue, 20 Nov 2007 23:28:21 GMT

The Buildr podling which entered incubation recently needs to address the
problem of releasing Ruby code under the ASF. There are basically two
questions that we'll need to answer before being able to do any release:

   1. As most Ruby libraries reuse the Ruby license [1], in which category
(A, B or X) does the Ruby license fall according to the third-party licenses
draft policy [2].

   2. Does the license of third-party software matters for Ruby given that
they're only used as Gems (the Ruby packaging system, see later for more)
and never distributed. As an example, Buildr uses a LGPL library although
none of that code is ever distributed with Buildr. Would that dependency
need to be removed?

For the first question, Sam seemed to think that the Ruby license would fall
in category B (see a thread I've posted some time ago on legal-discuss [3]).
That means we would just need to warn our users so that they don't
unknowingly create a derivative work. What would be an acceptable way to do
that in a Ruby distribution? Would the NOTICE file be enough? An additional
warning in the download section? Another idea?

The packaging system for Ruby is called RubyGems, it's very similar to what
exists in the *nix world and installs eventual dependencies for you. A
standard Ruby software is bundled in this package called a gem that includes
a descriptor with all the dependencies. When you ask RubyGems to install a
gem for you, it will ask whether you want to download each of its
dependencies and download and install them locally. Or do nothing if you
happen to already have the dependencies installed. So when you distribute a
Gem, you're usually only distributing your own code and the rest could be
considered part of the environment.

Apparently the problem would be in the fact that gems are exploded when
installed (see [3] again) but I fail to see how that would make a difference
with the licenses we're worried about (say GPL and LGPL, v2 and v3). Any

To get back to Buildr's specific case, we only have one LGPL dependency that
wouldn't be too hard to remove. It would penalize performance a bit so it
would still be nice to be able to use it but we could make it an option and
do without it for the default setup. But we have quite a few Ruby licensed
dependencies that we wouldn't be able to do without.



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message