Hi Matt, I just have different idea about your your explanation.
If my code has the compile dependency of the JSON library, as the JSON library code is not bundled in the source code. I don't think we should add the License of JSON library into my License file. If we use the LGPL license jar library in the test. As this LGPL jar is not bundled in our source or binary release. we don't need to update our License and Notice file for it. Please correct me if I'm wrong about it. Willem Jiang Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On Fri, Apr 13, 2018 at 1:09 PM, Matt Sicker <boa...@gmail.com> wrote: > On 12 April 2018 at 22:43, Lionel Liu <lionel...@apache.org> wrote: > > > > 2. Only things that are actually bundled in the release should be > mentioned > > in LICENSE. [3][4] > > > > To my understanding, as a source release, all the dependencies are > bundled > > when it is built. > > The dependencies are not bundled in the source code, so we don't need to > > announce any dependencies' licenses in source release? > > > > The idea here is that the LICENSE file only needs to include licenses for > anything that is included in that archive file. So for instance, if you > have source files that are all developed at Apache and have dependencies > that aren't included in the source zip, then you have the most simple > distribution possible here. If you have source files that are licensed > differently (e.g., copied code from an MIT licensed library), then things > start to get complicated. As it is, your source license and notice should > be relatively minimal right now since you're not bundling external > dependencies in said source distribution. > > As for the JSON licensing issue, just take a look at the license. It says > it can't be used for evil. While amusing, that's a terrible restriction to > place on end users because it's extremely vague and violates the tenants of > free software. > > -- > Matt Sicker <boa...@gmail.com> >
