incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <>
Subject Re: [VOTE] Release Apache ServiceComb Service-Center (incubating) version 1.0.0-m1
Date Fri, 02 Mar 2018 15:47:40 GMT
Hi Justin

Thanks for the vote,  here is some thing that I want to clear about the
NOTICE file.

I just checked some projects Notice file, it looks like some projects[1][2]
list the License information about the third party dependencies in the
Notice file, and some of them[3] just list bundled NOTICE files.
 I guess spark and hadoop are trying they best to list all the legal
statements of third party dependencies in the NOTICE file to avoid the
violation of the Open Source License.
Could you give us some guide about how to keep the NOTICE file simple and
without introducing any legal issues?

As you may know the Service Center project is developed with Go language.
Go language need to compile the source code to build whole exe binary. So
we list all the third party dependencies code copyrights in the Notice
file.  I just found there are some guideline about the copyright
notification here[4].

"However, elements such as the copyright notifications embedded within BSD
and MIT licenses need <> not
<> be duplicated in NOTICE --
it suffices to leave those notices in their original locations."

As the lot of Go codes just put the License in the root directory, the
source code doesn't have the License header, it could be a challenge for us
to do the explicit statement without adding the copyright to NOTICE file.

Finally We will add the src postfix to the source zip for user to find out
it easily.


Willem Jiang

Blog: (English)
Twitter: willemjiang
Weibo: 姜宁willem

On Fri, Mar 2, 2018 at 4:26 PM, Justin Mclean <> wrote:

> Hi,
> -1 (binding) as there is incorrect and far too much information in NOTICE.
> License information goes in LICENSE not NOTICE. [1] Also only things that
> are actually bundled need to be mentioned not dependancies. [2]
> BTW it's not entirely clear which of the releases artefacts are source
> release and what aren’t without carefully looking at them.
> I checked:
> - signatures and hash correct
> - disclaimer exists
> - LICENSE is missing things
> - NOTICE is not correct
> - no unexpected binaries
> - source code have ASF headers
> Thanks,
> Justin
> 1.
> 2.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message