Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Understand dependencies on GPL elements #123

Open
peterwebster opened this issue May 23, 2014 · 4 comments
Open

Understand dependencies on GPL elements #123

peterwebster opened this issue May 23, 2014 · 4 comments
Assignees
@peterwebster

Comments

@peterwebster
Copy link

After Paris, a medium-term need to detect and possible dependencies on GPL elements @anjackson
@peterwebster peterwebster added this to the 2.0.0 Release milestone May 23, 2014
@peterwebster peterwebster self-assigned this May 23, 2014
@kris-sigur
Copy link
Member

Ran Maven's dependency reporting tool on all Wayback sub-projects. No GPL reported, only some LGPL (which should be fine).

Also a number of 'Unknown license', most of which were for Spring (which is Apache 2 at is therefor OK), but the others need to be looked at.

There are also a few non-standard licenses that probably should be vetted.

Full report follows:

Core:

(Apache 2) EasyMock (org.easymock:easymock:2.5.1 - http://www.easymock.org)
(Apache 2) Joda time (joda-time:joda-time:1.6 - http://joda-time.sourceforge.net)
(Apache License) Apache HttpCore (org.apache.httpcomponents:httpcore:4.3 - http://hc.apache.org/httpcomponents-core-ga)
(Apache License) HttpClient (commons-httpclient:commons-httpclient:3.1 - http://jakarta.apache.org/httpcomponents/httpclient-3.x/)
(Apache License, Version 2.0) An open source Java toolkit for Amazon S3 (net.java.dev.jets3t:jets3t:0.6.1 - http://jets3t.s3.amazonaws.com/index.html)
(Apache License, Version 2.0) Wayback CDX Server (org.netpreserve.openwayback:openwayback-cdx-server:2.0.0.BETA.3-SNAPSHOT - http://github.com/iipc/openwayback/openwayback-cdx-server)
(Apache License, Version 2.0) fastutil (it.unimi.dsi:fastutil:6.5.2 - http://fasutil.dsi.unimi.it/)
(Apache License, Version 2.0) jwat-arc (org.jwat:jwat-arc:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-arc)
(Apache License, Version 2.0) jwat-archive-common (org.jwat:jwat-archive-common:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-archive-common)
(Apache License, Version 2.0) jwat-common (org.jwat:jwat-common:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-common)
(Apache License, Version 2.0) jwat-gzip (org.jwat:jwat-gzip:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-gzip)
(Apache License, Version 2.0) jwat-warc (org.jwat:jwat-warc:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-warc)
(BSD style) XStream Core (com.thoughtworks.xstream:xstream:1.2.2 - no url defined)
(BSD) transform (com.flagstone:transform:3.0.2 - http://www.flagstonesoftware.com/transform/)
(Common Public License Version 1.0) JUnit (junit:junit:3.8.1 - http://junit.org)
(Common Public License) HTML Parser (org.htmlparser:htmlparser:1.6 - http://htmlparser.org)
(Eclipse Public License - v 1.0) (GNU Lesser General Public License) Logback Classic Module (ch.qos.logback:logback-classic:1.0.9 - http://logback.qos.ch)
(Eclipse Public License - v 1.0) (GNU Lesser General Public License) Logback Core Module (ch.qos.logback:logback-core:1.0.9 - http://logback.qos.ch)
(Eclipse Public License v1.0) Eclipse JDT Core (org.eclipse.jdt:core:3.1.1 - http://www.eclipse.org/jdt/)
(GNU LESSER GENERAL PUBLIC LICENSE) BeanShell (org.beanshell:bsh:2.0b4 - no url defined)
(GNU Lesser General Public License Version 3+) DSI Utilities (it.unimi.dsi:dsiutils:2.0.12 - http://dsiutils.dsi.unimi.it/)
(GNU Lesser General Public License version 2.1 or later) GNU IDN Library (org.gnu.inet:libidn:1.15 - http://www.gnu.org/software/libidn/)
(GNU Lesser General Public License) fastutil (fastutil:fastutil:5.0.7 - http://fastutil.dsi.unimi.it/)
(Jedis License) Jedis (redis.clients:jedis:2.0.0 - http://code.google.com/p/jedis/)
(LGPL) JSAP (com.martiansoftware:jsap:2.1 - http://www.martiansoftware.com/jsap/)
(MIT License) SLF4J API Module (org.slf4j:slf4j-api:1.7.2 - http://www.slf4j.org)
(Mozilla Public License 1.1 (MPL 1.1)) juniversalchardet (com.googlecode.juniversalchardet:juniversalchardet:1.0.3 - http://juniversalchardet.googlecode.com/)
(Public Domain) AOP alliance (aopalliance:aopalliance:1.0 - http://aopalliance.sourceforge.net)
(Sleepycat License) je (com.sleepycat:je:4.1.6 - no url defined)
(The Apache Software License, Version 2.0) Access-Control: core library and client (org.netpreserve.openwayback:openwayback-access-control-core:1.0.2 - https://github.com/iipc/openwayback/openwayback-access-control-core)
(The Apache Software License, Version 2.0) Apache Log4j (log4j:log4j:1.2.17 - http://logging.apache.org/log4j/1.2/)
(The Apache Software License, Version 2.0) CDH Hadoop Maven Wrapper (com.cloudera.cdh:hadoop-ant:0.20.2-cdh3u4 - no url defined)
(The Apache Software License, Version 2.0) Commons CLI (commons-cli:commons-cli:1.2 - http://commons.apache.org/cli/)
(The Apache Software License, Version 2.0) Commons Collections (commons-collections:commons-collections:3.2.1 - http://commons.apache.org/collections/)
(The Apache Software License, Version 2.0) Commons Configuration (commons-configuration:commons-configuration:1.8 - http://commons.apache.org/configuration/)
(The Apache Software License, Version 2.0) Commons DBCP (commons-dbcp:commons-dbcp:1.2.2 - http://jakarta.apache.org/commons/${pom.artifactId.substring(8)}/)
(The Apache Software License, Version 2.0) Commons IO (commons-io:commons-io:2.4 - http://commons.apache.org/io/)
(The Apache Software License, Version 2.0) Commons Lang (commons-lang:commons-lang:2.5 - http://commons.apache.org/lang/)
(The Apache Software License, Version 2.0) Commons Logging (commons-logging:commons-logging:1.1.1 - http://commons.apache.org/logging)
(The Apache Software License, Version 2.0) Commons Math (org.apache.commons:commons-math3:3.1.1 - http://commons.apache.org/math/)
(The Apache Software License, Version 2.0) Commons Pool (commons-pool:commons-pool:1.5.5 - http://commons.apache.org/pool/)
(The Apache Software License, Version 2.0) Data Mapper for Jackson (org.codehaus.jackson:jackson-mapper-asl:1.5.2 - http://jackson.codehaus.org)
(The Apache Software License, Version 2.0) EL (commons-el:commons-el:1.0 - http://jakarta.apache.org/commons/el/)
(The Apache Software License, Version 2.0) Guava (Google Common Libraries) (org.apache.hadoop.thirdparty.guava:guava:r09-jarjar - http://code.google.com/p/guava-libraries)
(The Apache Software License, Version 2.0) Guava: Google Core Libraries for Java (com.google.guava:guava:14.0.1 - http://code.google.com/p/guava-libraries/guava)
(The Apache Software License, Version 2.0) Jackson (org.codehaus.jackson:jackson-core-asl:1.5.2 - http://jackson.codehaus.org)
(The Apache Software License, Version 2.0) Jakarta Commons Net (commons-net:commons-net:1.4.1 - http://jakarta.apache.org/commons/${pom.artifactId.substring(8)}/)
(The Apache Software License, Version 2.0) StAX API (stax:stax-api:1.0.1 - http://stax.codehaus.org/)
(The Apache Software License, Version 2.0) hadoop-core (org.apache.hadoop:hadoop-core:0.20.2-cdh3u4 - no url defined)
(The Apache Software License, Version 2.0) webarchive-commons (org.netpreserve.commons:webarchive-commons:1.1.2 - https://github.com/iipc/webarchive-commons)
(The BSD License) xmlenc Library (xmlenc:xmlenc:0.52 - http://xmlenc.sourceforge.net)
(The JSON License) JSON in Java (org.json:json:20131018 - https://github.com/douglascrockford/JSON-java)
(Unknown license) Codec (commons-codec:commons-codec:1.2 - no url defined)
(Unknown license) Jettison (org.codehaus.jettison:jettison:1.0-beta-1 - no url defined)
(Unknown license) jstl (javax.servlet:jstl:1.2 - no url defined)
(Unknown license) oro (oro:oro:2.0.8 - no url defined)
(Unknown license) servlet-api (javax.servlet:servlet-api:2.5 - no url defined)
(Unknown license) spring-aop (org.springframework:spring-aop:3.0.6.RELEASE - no url defined)
(Unknown license) spring-asm (org.springframework:spring-asm:3.0.6.RELEASE - no url defined)
(Unknown license) spring-beans (org.springframework:spring-beans:3.0.6.RELEASE - no url defined)
(Unknown license) spring-context (org.springframework:spring-context:3.0.6.RELEASE - no url defined)
(Unknown license) spring-context-support (org.springframework:spring-context-support:3.0.6.RELEASE - no url defined)
(Unknown license) spring-core (org.springframework:spring-core:3.0.6.RELEASE - no url defined)
(Unknown license) spring-expression (org.springframework:spring-expression:3.0.6.RELEASE - no url defined)
(Unknown license) spring-web (org.springframework:spring-web:3.0.6.RELEASE - no url defined)
(Unknown license) spring-webmvc (org.springframework:spring-webmvc:3.0.6.RELEASE - no url defined)
(Unknown license) xpp3_min (xpp3:xpp3_min:1.1.3.4.O - http://www.extreme.indiana.edu/xgws/xsoap/xpp/mxp1/)

Webapp:

(Apache 2) Joda time (joda-time:joda-time:1.6 - http://joda-time.sourceforge.net)
(Apache 2) Lucene Core (org.apache.lucene:lucene-core:2.2.0 - http://lucene.apache.org/java/lucene-core)
(Apache License) Apache HttpCore (org.apache.httpcomponents:httpcore:4.3 - http://hc.apache.org/httpcomponents-core-ga)
(Apache License) HttpClient (commons-httpclient:commons-httpclient:3.1 - http://jakarta.apache.org/httpcomponents/httpclient-3.x/)
(Apache License, Version 2.0) An open source Java toolkit for Amazon S3 (net.java.dev.jets3t:jets3t:0.6.1 - http://jets3t.s3.amazonaws.com/index.html)
(Apache License, Version 2.0) OpenWayback Core Java Classes (org.netpreserve.openwayback:openwayback-core:2.0.0.BETA.3-SNAPSHOT - http://github.com/iipc/openwayback/openwayback-core)
(Apache License, Version 2.0) Wayback CDX Server (org.netpreserve.openwayback:openwayback-cdx-server:2.0.0.BETA.3-SNAPSHOT - http://github.com/iipc/openwayback/openwayback-cdx-server)
(Apache License, Version 2.0) fastutil (it.unimi.dsi:fastutil:6.5.2 - http://fasutil.dsi.unimi.it/)
(Apache License, Version 2.0) jwat-arc (org.jwat:jwat-arc:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-arc)
(Apache License, Version 2.0) jwat-archive-common (org.jwat:jwat-archive-common:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-archive-common)
(Apache License, Version 2.0) jwat-common (org.jwat:jwat-common:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-common)
(Apache License, Version 2.0) jwat-gzip (org.jwat:jwat-gzip:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-gzip)
(Apache License, Version 2.0) jwat-warc (org.jwat:jwat-warc:1.0.1 - https://sbforge.org/display/JWAT/JWAT/jwat-warc)
(BSD style) XStream Core (com.thoughtworks.xstream:xstream:1.2.2 - no url defined)
(BSD) ARQ (com.hp.hpl.jena:arq:2.2 - http://jena.sourceforge.net/ARQ/)
(BSD) ARQ Extra (com.hp.hpl.jena:arq-extra:2.2 - http://jena.sourceforge.net/ARQ/)
(BSD) IRI (com.hp.hpl.jena:iri:0.5 - http://jena.sourceforge.net/)
(BSD) Jena (com.hp.hpl.jena:jena:2.5.5 - http://jena.sourceforge.net/)
(BSD) Jena Tests (com.hp.hpl.jena:jenatest:2.5.5 - http://jena.sourceforge.net/)
(BSD) transform (com.flagstone:transform:3.0.2 - http://www.flagstonesoftware.com/transform/)
(Common Public License Version 1.0) JUnit (junit:junit:3.8.1 - http://junit.org)
(Common Public License) HTML Parser (org.htmlparser:htmlparser:1.6 - http://htmlparser.org)
(Eclipse Public License - v 1.0) (GNU Lesser General Public License) Logback Classic Module (ch.qos.logback:logback-classic:1.0.9 - http://logback.qos.ch)
(Eclipse Public License - v 1.0) (GNU Lesser General Public License) Logback Core Module (ch.qos.logback:logback-core:1.0.9 - http://logback.qos.ch)
(Eclipse Public License v1.0) Eclipse JDT Core (org.eclipse.jdt:core:3.1.1 - http://www.eclipse.org/jdt/)
(GNU LESSER GENERAL PUBLIC LICENSE) BeanShell (org.beanshell:bsh:2.0b4 - no url defined)
(GNU Lesser General Public License Version 3+) DSI Utilities (it.unimi.dsi:dsiutils:2.0.12 - http://dsiutils.dsi.unimi.it/)
(GNU Lesser General Public License version 2.1 or later) GNU IDN Library (org.gnu.inet:libidn:1.15 - http://www.gnu.org/software/libidn/)
(GNU Lesser General Public License) fastutil (fastutil:fastutil:5.0.7 - http://fastutil.dsi.unimi.it/)
(ICU License) ICU4J (com.ibm.icu:icu4j:3.4.4 - http://www-306.ibm.com/software/globalization/icu/)
(Jedis License) Jedis (redis.clients:jedis:2.0.0 - http://code.google.com/p/jedis/)
(LGPL) JSAP (com.martiansoftware:jsap:2.1 - http://www.martiansoftware.com/jsap/)
(MIT License) SLF4J API Module (org.slf4j:slf4j-api:1.7.2 - http://www.slf4j.org)
(Mozilla Public License 1.1 (MPL 1.1)) juniversalchardet (com.googlecode.juniversalchardet:juniversalchardet:1.0.3 - http://juniversalchardet.googlecode.com/)
(Public Domain) AOP alliance (aopalliance:aopalliance:1.0 - http://aopalliance.sourceforge.net)
(Sleepycat License) je (com.sleepycat:je:4.1.6 - no url defined)
(The Apache Software License, Version 2.0) Access-Control: core library and client (org.netpreserve.openwayback:openwayback-access-control-core:1.0.2 - https://github.com/iipc/openwayback/openwayback-access-control-core)
(The Apache Software License, Version 2.0) CDH Hadoop Maven Wrapper (com.cloudera.cdh:hadoop-ant:0.20.2-cdh3u4 - no url defined)
(The Apache Software License, Version 2.0) Commons Collections (commons-collections:commons-collections:3.2.1 - http://commons.apache.org/collections/)
(The Apache Software License, Version 2.0) Commons Configuration (commons-configuration:commons-configuration:1.8 - http://commons.apache.org/configuration/)
(The Apache Software License, Version 2.0) Commons DBCP (commons-dbcp:commons-dbcp:1.2.2 - http://jakarta.apache.org/commons/${pom.artifactId.substring(8)}/)
(The Apache Software License, Version 2.0) Commons IO (commons-io:commons-io:2.4 - http://commons.apache.org/io/)
(The Apache Software License, Version 2.0) Commons Lang (commons-lang:commons-lang:2.5 - http://commons.apache.org/lang/)
(The Apache Software License, Version 2.0) Commons Logging (commons-logging:commons-logging:1.1.1 - http://commons.apache.org/logging)
(The Apache Software License, Version 2.0) Commons Math (org.apache.commons:commons-math3:3.1.1 - http://commons.apache.org/math/)
(The Apache Software License, Version 2.0) Commons Pool (commons-pool:commons-pool:1.5.5 - http://commons.apache.org/pool/)
(The Apache Software License, Version 2.0) Data Mapper for Jackson (org.codehaus.jackson:jackson-mapper-asl:1.5.2 - http://jackson.codehaus.org)
(The Apache Software License, Version 2.0) EL (commons-el:commons-el:1.0 - http://jakarta.apache.org/commons/el/)
(The Apache Software License, Version 2.0) FORESITE :: Object Reuse and Exchange library (com.googlecode.foresite-toolkit:foresite:0.9 - http://www.openarchives.org/ore)
(The Apache Software License, Version 2.0) Guava (Google Common Libraries) (org.apache.hadoop.thirdparty.guava:guava:r09-jarjar - http://code.google.com/p/guava-libraries)
(The Apache Software License, Version 2.0) Guava: Google Core Libraries for Java (com.google.guava:guava:14.0.1 - http://code.google.com/p/guava-libraries/guava)
(The Apache Software License, Version 2.0) Jackson (org.codehaus.jackson:jackson-core-asl:1.5.2 - http://jackson.codehaus.org)
(The Apache Software License, Version 2.0) Jakarta Commons Net (commons-net:commons-net:1.4.1 - http://jakarta.apache.org/commons/${pom.artifactId.substring(8)}/)
(The Apache Software License, Version 2.0) ROME, RSS and atOM utilitiEs for Java (rome:rome:0.9 - https://rome.dev.java.net/)
(The Apache Software License, Version 2.0) XML Commons External Components XML APIs (xml-apis:xml-apis:1.0.b2 - http://xml.apache.org/commons/#external)
(The Apache Software License, Version 2.0) hadoop-core (org.apache.hadoop:hadoop-core:0.20.2-cdh3u4 - no url defined)
(The Apache Software License, Version 2.0) webarchive-commons (org.netpreserve.commons:webarchive-commons:1.1.2 - https://github.com/iipc/webarchive-commons)
(The BSD License) xmlenc Library (xmlenc:xmlenc:0.52 - http://xmlenc.sourceforge.net)
(The JSON License) JSON in Java (org.json:json:20131018 - https://github.com/douglascrockford/JSON-java)
(Unknown license) CLI (commons-cli:commons-cli:1.0 - no url defined)
(Unknown license) Codec (commons-codec:commons-codec:1.2 - no url defined)
(Unknown license) Jettison (org.codehaus.jettison:jettison:1.0-beta-1 - no url defined)
(Unknown license) antlr (antlr:antlr:2.7.5 - no url defined)
(Unknown license) concurrent-jena (com.hp.hpl.jena:concurrent-jena:1.3.2 - no url defined)
(Unknown license) jdom (jdom:jdom:1.0 - no url defined)
(Unknown license) json-jena (com.hp.hpl.jena:json-jena:1.0 - no url defined)
(Unknown license) jstl (javax.servlet:jstl:1.2 - no url defined)
(Unknown license) log4j (log4j:log4j:1.2.12 - no url defined)
(Unknown license) oro (oro:oro:2.0.8 - no url defined)
(Unknown license) spring-aop (org.springframework:spring-aop:3.0.6.RELEASE - no url defined)
(Unknown license) spring-asm (org.springframework:spring-asm:3.0.6.RELEASE - no url defined)
(Unknown license) spring-beans (org.springframework:spring-beans:3.0.6.RELEASE - no url defined)
(Unknown license) spring-context (org.springframework:spring-context:3.0.6.RELEASE - no url defined)
(Unknown license) spring-context-support (org.springframework:spring-context-support:3.0.6.RELEASE - no url defined)
(Unknown license) spring-core (org.springframework:spring-core:3.0.6.RELEASE - no url defined)
(Unknown license) spring-expression (org.springframework:spring-expression:3.0.6.RELEASE - no url defined)
(Unknown license) spring-web (org.springframework:spring-web:3.0.6.RELEASE - no url defined)
(Unknown license) spring-webmvc (org.springframework:spring-webmvc:3.0.6.RELEASE - no url defined)
(Unknown license) stax-api (stax:stax-api:1.0 - no url defined)
(Unknown license) wstx-asl (org.codehaus.woodstox:wstx-asl:3.0.0 - no url defined)
(Unknown license) xalan (xalan:xalan:2.7.0 - no url defined)
(Unknown license) xercesImpl (xerces:xercesImpl:2.7.1 - no url defined)
(Unknown license) xmlParserAPIs (xerces:xmlParserAPIs:2.0.2 - no url defined)
(Unknown license) xpp3_min (xpp3:xpp3_min:1.1.3.4.O - http://www.extreme.indiana.edu/xgws/xsoap/xpp/mxp1/)

CDX Server:

(Apache 2) Joda time (joda-time:joda-time:1.6 - http://joda-time.sourceforge.net)
(Apache License) Apache HttpCore (org.apache.httpcomponents:httpcore:4.3 - http://hc.apache.org/httpcomponents-core-ga)
(Apache License) HttpClient (commons-httpclient:commons-httpclient:3.1 - http://jakarta.apache.org/httpcomponents/httpclient-3.x/)
(Apache License, Version 2.0) An open source Java toolkit for Amazon S3 (net.java.dev.jets3t:jets3t:0.6.1 - http://jets3t.s3.amazonaws.com/index.html)
(Apache License, Version 2.0) fastutil (it.unimi.dsi:fastutil:6.5.2 - http://fasutil.dsi.unimi.it/)
(Common Public License) HTML Parser (org.htmlparser:htmlparser:1.6 - http://htmlparser.org)
(Eclipse Public License - v 1.0) (GNU Lesser General Public License) Logback Classic Module (ch.qos.logback:logback-classic:1.0.9 - http://logback.qos.ch)
(Eclipse Public License - v 1.0) (GNU Lesser General Public License) Logback Core Module (ch.qos.logback:logback-core:1.0.9 - http://logback.qos.ch)
(Eclipse Public License v1.0) Eclipse JDT Core (org.eclipse.jdt:core:3.1.1 - http://www.eclipse.org/jdt/)
(GNU Lesser General Public License Version 3+) DSI Utilities (it.unimi.dsi:dsiutils:2.0.12 - http://dsiutils.dsi.unimi.it/)
(GNU Lesser General Public License version 2.1 or later) GNU IDN Library (org.gnu.inet:libidn:1.15 - http://www.gnu.org/software/libidn/)
(GNU Lesser General Public License) fastutil (fastutil:fastutil:5.0.7 - http://fastutil.dsi.unimi.it/)
(LGPL) JSAP (com.martiansoftware:jsap:2.1 - http://www.martiansoftware.com/jsap/)
(MIT License) SLF4J API Module (org.slf4j:slf4j-api:1.7.2 - http://www.slf4j.org)
(Mozilla Public License 1.1 (MPL 1.1)) juniversalchardet (com.googlecode.juniversalchardet:juniversalchardet:1.0.3 - http://juniversalchardet.googlecode.com/)
(Public Domain) AOP alliance (aopalliance:aopalliance:1.0 - http://aopalliance.sourceforge.net)
(The Apache Software License, Version 2.0) Apache Log4j (log4j:log4j:1.2.17 - http://logging.apache.org/log4j/1.2/)
(The Apache Software License, Version 2.0) CDH Hadoop Maven Wrapper (com.cloudera.cdh:hadoop-ant:0.20.2-cdh3u4 - no url defined)
(The Apache Software License, Version 2.0) Commons CLI (commons-cli:commons-cli:1.2 - http://commons.apache.org/cli/)
(The Apache Software License, Version 2.0) Commons Collections (commons-collections:commons-collections:3.2.1 - http://commons.apache.org/collections/)
(The Apache Software License, Version 2.0) Commons Configuration (commons-configuration:commons-configuration:1.8 - http://commons.apache.org/configuration/)
(The Apache Software License, Version 2.0) Commons IO (commons-io:commons-io:2.4 - http://commons.apache.org/io/)
(The Apache Software License, Version 2.0) Commons Lang (commons-lang:commons-lang:2.5 - http://commons.apache.org/lang/)
(The Apache Software License, Version 2.0) Commons Logging (commons-logging:commons-logging:1.1.1 - http://commons.apache.org/logging)
(The Apache Software License, Version 2.0) Commons Math (org.apache.commons:commons-math3:3.1.1 - http://commons.apache.org/math/)
(The Apache Software License, Version 2.0) Data Mapper for Jackson (org.codehaus.jackson:jackson-mapper-asl:1.5.2 - http://jackson.codehaus.org)
(The Apache Software License, Version 2.0) EL (commons-el:commons-el:1.0 - http://jakarta.apache.org/commons/el/)
(The Apache Software License, Version 2.0) Guava (Google Common Libraries) (org.apache.hadoop.thirdparty.guava:guava:r09-jarjar - http://code.google.com/p/guava-libraries)
(The Apache Software License, Version 2.0) Guava: Google Core Libraries for Java (com.google.guava:guava:14.0.1 - http://code.google.com/p/guava-libraries/guava)
(The Apache Software License, Version 2.0) Jackson (org.codehaus.jackson:jackson-core-asl:1.5.2 - http://jackson.codehaus.org)
(The Apache Software License, Version 2.0) Jakarta Commons Net (commons-net:commons-net:1.4.1 - http://jakarta.apache.org/commons/${pom.artifactId.substring(8)}/)
(The Apache Software License, Version 2.0) hadoop-core (org.apache.hadoop:hadoop-core:0.20.2-cdh3u4 - no url defined)
(The Apache Software License, Version 2.0) webarchive-commons (org.netpreserve.commons:webarchive-commons:1.1.2 - https://github.com/iipc/webarchive-commons)
(The BSD License) xmlenc Library (xmlenc:xmlenc:0.52 - http://xmlenc.sourceforge.net)
(The JSON License) JSON in Java (org.json:json:20131018 - https://github.com/douglascrockford/JSON-java)
(Unknown license) Codec (commons-codec:commons-codec:1.2 - no url defined)
(Unknown license) jstl (javax.servlet:jstl:1.2 - no url defined)
(Unknown license) oro (oro:oro:2.0.8 - no url defined)
(Unknown license) servlet-api (javax.servlet:servlet-api:2.5 - no url defined)
(Unknown license) spring-aop (org.springframework:spring-aop:3.0.6.RELEASE - no url defined)
(Unknown license) spring-asm (org.springframework:spring-asm:3.0.6.RELEASE - no url defined)
(Unknown license) spring-beans (org.springframework:spring-beans:3.0.6.RELEASE - no url defined)
(Unknown license) spring-context (org.springframework:spring-context:3.0.6.RELEASE - no url defined)
(Unknown license) spring-context-support (org.springframework:spring-context-support:3.0.6.RELEASE - no url defined)
(Unknown license) spring-core (org.springframework:spring-core:3.0.6.RELEASE - no url defined)
(Unknown license) spring-expression (org.springframework:spring-expression:3.0.6.RELEASE - no url defined)
(Unknown license) spring-web (org.springframework:spring-web:3.0.6.RELEASE - no url defined)
(Unknown license) spring-webmvc (org.springframework:spring-webmvc:3.0.6.RELEASE - no url defined)

@kris-sigur kris-sigur removed this from the 2.0.0 Release milestone Aug 7, 2014
@kris-sigur
Copy link
Member

See also use of GPL v2 code in webarchive-commons

@kris-sigur
Copy link
Member

I went through the list of dependencies for the core project.

Anything with an Apache license (and this includes all the spring modules that showed up with 'unknown license') is OK.

Furthermore, anything with an LGPL, BSD, JSON, MIT or Mozilla Public License should be OK as those licenses do not place any additional burden on the project or downstream consumers.

The Common Public License and Eclipse Public License seem to be OK but need to be looked at a bit closer.

The Sleepycat license is slightly problematic. Technically we are in compliance, but anyone building on the BDB modules (which the license covers) is going to be bound by it and not just the Apache license that OpenWayback is under. See further: http://techlawgarden.com/blog/?p=1252

I couldn't find anything about:
(Jedis License) Jedis (redis.clients:jedis:2.0.0 - http://code.google.com/p/jedis/)

Of the 'unknown license' list, I could not resolve for the following:
(Unknown license) Jettison (org.codehaus.jettison:jettison:1.0-beta-1 - no url defined) -- I couldn't find any license info
(Unknown license) jstl (javax.servlet:jstl:1.2 - no url defined)
(Unknown license) xpp3_min (xpp3:xpp3_min:1.1.3.4.O - http://www.extreme.indiana.edu/xgws/xsoap/xpp/mxp1/)

The others were Apache except for:
(Unknown license) servlet-api (javax.servlet:servlet-api:2.5 - no url defined) -> Common Development and Distribution License (CDDL) Version 1.0 1.
This license should be compatible with our Apache 2 license but I'm not 100% certain. Can someone verify?

@johnerikhalse
Copy link
Contributor

According to https://jstl.java.net/license.html, JSTL is dual licensed under CDDL and GPL.

@kris-sigur kris-sigur mentioned this issue Aug 29, 2014
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@peterwebster peterwebster

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kris-sigur @johnerikhalse @peterwebster