Here is an attempt to summarize the issues raised in the "POM licensing" thread in the repository list [1]. I cross-post to legal-discuss and repository because this include both legal and procedural issues, each one better belongs to its own list, but the other add information to the context.

Here is the original message from Robert [1]:

And here is the list of legal issues and technical/procesural issues I collected in that thread:

"legal issues" summary is:

1) Are the "simplest" pom.xml (artifactId+groupId+license information+dependencies) copyrightable?

2) What licenses should we allow for pom.xml in order to make *legal* the current use of the central maven repository?

3) Can the license for the pom.xml be described in the xml itself or we need the whole license header like the one we would prepend to any other xml file? The pom.xml is often a redistributable "as is", without being included in a package: does this need a special "license header" ?

The technical/procedural issues for the repository management are:

A) How to tweak the current procedures to avoid publishing of new pom.xml without a license or without an acceptable license (BSD, MIT, ASL, W3C..., depending on answers about #2 above)

B) How to deal with the current poms not having a license.

C) What to do when a pom is already published in a 3rd party repository under an incompatible license: we cannot copy it, and probably is not a good practice to create another pom with the same artifactId/groupId but with different informations.

D) How to "evangelize" projects to make sure that future pom.xml (and other resources like site.xml) includes the license header (e.g: make sure maven plugins bugs are solved ASAP and high priority)

Stefano

[1]
http://mail-archives.apache.org/mod_mbox/www-repository/200709.mbox/<1191163773.5663.45.camel@localhost>