Details
-
Question
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Hello,
I'm working on the binary release packaging for the initial Apache release of Apache Druid (incubating) and have a question around best practices for distributing a library with a license not compatible with Apache. This library is the Java MySQL connector, a GPL-licensed dependency of a plugin which uses MySQL as Druid's metadata storage.
Historically, the way we have handled this is by separating the extension from the core distribution and providing a link to download the extension and instructions on how to install it. For reference, see Druid's download page:
As I understand, release artifacts are distributed through Apache's network of mirror servers, and I suspect it would not be appropriate to distribute this GPL-licensed library in this way. My question is if it would be appropriate to:
a) continue to do something similar to what we have done previously - that is, to package our compiled MySQL extension (built from Apache-licensed source code) + the Java connector library and to distribute it from a non-Apache controlled location (such as through S3 + CloudFront), or would we have to
b) separate our compiled code from the GPL library, distribute the non-functioning MySQL extension together with the rest of the binary release on Apache's servers, and then direct users to fetch the library (mysql-connector-java-5.1.38.jar) from elsewhere and drop it in the appropriate location?
If b) is the only legally acceptable option, would it be appropriate to include instructions and links to that library from the (Apache-hosted) Druid website?
For reference, Apache Hive has the same issue, and they use option b) - see: https://dzone.com/articles/how-configure-mysql-metastore
Thank you very much!
David