Uploaded image for project: 'Legal Discuss'
  1. Legal Discuss
  2. LEGAL-515

Requesting guidance on MXNet's compliance with Apache Legal requirements



    • Question
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • None


      Hi Apache Legal,

      MXNet project is well aware that no Apache project is allowed to redistribute closed source components. However, third parties have started to distribute Apache MXNet binaries with closed-source components provided by various hardware manufacturers (eg. Intel MKL or NVidia Cuda), enabling optimized performance on these platforms.

      Can such a third-party distribution result from a continuous delivery pipeline (operated by the third-party) whose source is managed by the project? Or would the source code of such continuous delivery pipeline need to be managed by the third-party outside the ASF source code?

      For example, https://github.com/apache/incubator-mxnet/tree/master/cd contains code currently run on machines sponsored by Amazon Web Services that builds various variants of MXNet (including some with closed source components) and places the resulting binaries in a S3 bucket sponsored by Amazon Web Services, exposed as https://dist.mxnet.io/python/cu102. Some of binaries (corresponding to RC and release versions commits) are also uploaded to Pypi, for example at https://pypi.org/project/mxnet-cu102/

      Further, from a brand management and trademark perspective: Such third-party distributions contain references to Apache MXNet. Could you clarify how and if third-party distributions may mention that they redistribute Apache MXNet (eg. with a disclaimer that they contain closed-source components)?

      An example is https://pypi.org/project/mxnet-cu102/. I do find a reference on legal-discuss where Marvin Humphrey suggests that anyone using the Apache trademark must not redistribute closed-source components, but I'm not sure if that reference is the conclusion on the issue and how it relates to "fair use" of the Apache trademarks.

      Finally, I believe the MXNet project website would need to be updated to clarify that such binaries are provided by third parties and not associated with the ASF. Is that correct? It is currently not done: https://mxnet.apache.org/get_started/?platform=linux&language=python&processor=gpu&environ=pip&

      Thank you for your time and help clarifying these questions.





            Unassigned Unassigned
            l33zu Leonard Lausen
            1 Vote for this issue
            12 Start watching this issue