 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
14 messages in org.apache.legal-discussRe: Maven repository issues [Was: Cre...| From | Sent On | Attachments |
|---|---|---|
| Henri Yandell | May 29, 2008 1:06 am | |
| Stefano Bagnara | May 29, 2008 1:17 am | |
| Assaf Arkin | May 29, 2008 10:53 am | |
| Henri Yandell | May 29, 2008 12:10 pm | |
| Stefano Bagnara | May 29, 2008 12:35 pm | |
| David Jencks | May 29, 2008 12:47 pm | |
| Craig L Russell | May 29, 2008 2:38 pm | |
| Gilles Scokart | May 30, 2008 1:04 am | |
| Stefano Bagnara | May 30, 2008 1:47 am | |
| Assaf Arkin | May 30, 2008 2:50 am | |
| sebb | May 30, 2008 2:51 am | |
| Stefano Bagnara | May 30, 2008 3:33 am | |
| Assaf Arkin | May 30, 2008 4:33 am | |
| Gilles Scokart | May 30, 2008 4:35 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: Maven repository issues [Was: Creative Commons Attribution License] | Actions... |
|---|---|---|
| From: | Stefano Bagnara (apa...@bago.org) | |
| Date: | May 30, 2008 3:33:44 am | |
| List: | org.apache.legal-discuss | |
Gilles Scokart ha scritto:
2008/5/29 Assaf Arkin <ark...@intalio.com>:
Except, not everything is copyrightable, it has to have some creativity in it.
This particular case is not copyrightable, and slapping a copyright statement on it won't change that.
I can't disagree more. Writing a pom requires a lot of creativity. You have to carrefully choose the libraries with sometimes multiple possibilities, you need to choose the right versions, you have to put a scope on each one, you have to choose which one you want to inherit transitevely and which one you want to specify at first level dependencies, you will have to choose if you want to use a dependencyManagment block or not, if you want to use a prent pom or not, and I didn't talked about the profiles...
Why do you think that there is so many bad designed pom on the maven repositories ? It simply because to write a good pom you must be an artist ;-) !
Anyway, it requires creativity. For quiet a lot of project, 2 persons would probably produce 2 different pom.
I agree. Can't we identify a set of "tags" that do not imply creativity so to be able to paint a line?
IMHO (IANAL) the simplest pom having only a groupId/artifactId/version (so the one automatically generated by maven is not a creative work: does anyone disagree on this?
The name, url, issueManagement, inceptionYear, organization and license tags are "facts" about the described artifact, IMHO there is nothing creative there, do you agree?
I agree that dependencyManagement/build/reporting are the result of a creative process, but we have to notice that most poms do not include this tags, so it would be fine for me to say "this is on the other side of the line".
What about "description" ? Often it is a copy&paste from the project webpage, but this is probably a creative work, sadly.
Like the "description" also the "dependency" tag is sometimes (*some times*) simple to guess, but this involve a creative process to choose the right versions. (Choosing the scope is not a creative work, IMHO).
About pratical examples (some artifact I use):
dnsjava pom, IMHO, is *not* the result of a creative work: http://repo1.maven.org/maven2/dnsjava/dnsjava/2.0.1/dnsjava-2.0.1.pom
javamail can be found in 2 repositories: https://maven-repository.dev.java.net/nonav/repository/javax.mail/poms/mail-1.4.pom http://repo1.maven.org/maven2/javax/mail/mail/1.4/mail-1.4.pom both of them includes the javax.activation dependency, so it is questionable. What do you think?
what about junit.pom? Is that descriptor the result of something creative? http://repo1.maven.org/maven2/junit/junit/3.8.1/junit-3.8.1.pom
My main issue is that junit is used by almost any project around, this pom does not include a license header and we cannot guess it is redistributed under the same license of the junit itself (because it is not part of the junit redistributable). So someone wrote it or copied it somewhere and uploaded to central. For what we know it could be something written by someone else and having all right reserved to the original author (that we don't know). For what we know we don't even have the right to automatically let maven download it to build a single project, right? "Central" is used by default by maven. Maven should warn the user that simply running "mvn" against any project could make him violate the copyright for some file automatically downloaded without his consensus?
Stefano
--------------------------------------------------------------------- DISCLAIMER: Discussions on this list are informational and educational only. Statements made on this list are not privileged, do not constitute legal advice, and do not necessarily reflect the opinions and policies of the ASF. See <http://www.apache.org/licenses/> for official ASF policies and documents.