[HBASE-22286] License handling incorrectly lists CDDL/GPLv2+CE as safe to not aggregate - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 3.0.0-alpha-1, 2.3.0, 2.1.5, 2.2.1
Fix Version/s: 3.0.0-alpha-1, 2.2.0, 2.3.0, 2.1.5
Component/s: build, community
Labels:
None

Description

The template LICENSE/NOTICE stuff currently has cddl/gplv2+ce listed as an acceptable license for dependencies for individual listing.

LICENSE.vm

## Whitelist of lower-case licenses that it's safe to not aggregate as above.
## Note that this doesn't include ALv2 or the aforementioned aggregate
## license mentions.
##
## See this FAQ link for justifications: https://www.apache.org/legal/resolved.html
##
## NB: This list is later compared as lower-case. New entries must also be all lower-case
#set($non_aggregate_fine = [ 'public domain', 'new bsd license', 'bsd license', 'bsd', 'bsd 2-clause license', 'mozilla public license version 1.1', 'mozilla public license version 2.0', 'creative commons attribution license, version 2.5', 'cddl/gplv2+ce' ])

This is not correct. We have to expressly say we're using the CDDL license for those works because we can't provide downstream with the option of GPLv2+CE. Also we have aggregate licensing handling for CDDL licensed works and this is making us miss times when dependencies are supposed to show up under one of them.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-22286.0.patch
22/Apr/19 17:18
3 kB
Sean Busbey

Issue Links

is broken by

HBASE-22249 Rest Server throws NoClassDefFoundError with Java 11 (run-time)

Resolved

relates to

HBASE-22587 Add a REST server integration test that uses a cluster for simple operations

Open

Activity

People

Assignee:: Sean Busbey

Reporter:: Sean Busbey

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 22/Apr/19 16:01

Updated:: 14/Jun/19 15:50

Resolved:: 22/Apr/19 19:44