New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please consider providing expanded author information #3429
Comments
Also, I assume that the MIT license applies only to these files but it would be helpful if that were clarified as well. Thanks! |
The names in the POM files are merely the lead developers.
The contributors are listed at https://checkerframework.org/manual/#credits and also in a file
The MIT license applies to those files and a few more as explained in |
Hi @mernst and thanks for the quick reply!
Perfect, thanks for pointing out the location of that file!
Ok, so here's where I'm confused. Since it looks like the project has removed checker-compat-qual, I'll focus just on checker-qual. Regarding only files that are actually distributed in this repository, the LICENSE.txt specifies that the following are MIT-licensed:
Easy, the checker-qual build.gradle file has "include '**/org/checkerframework/**/qual/*.java'".
include "**/NullnessUtil.java"
include "**/RegexUtil.java"
include "**/SignednessUtil.java"
I assume this refers to the additional includes in the build.gradle file: So what are the additional MIT-licensed files in LICENSE.txt? Are you referring to the third-party files that are hosted in different repositories? For clarity, I'm the one who packaged this software for Debian and I used the include list in checker-qual/build.gradle to specify which files are MIT-licensed vs GPL in the 3.0.1 release. If that was not a correct interpretation of LICENSE.txt, please let me know what else should be included. I submit that something like the following might be a clearer way to state the licensing in LICENSE.txt:
|
Thanks for the clarifications. Your interpretation is correct. There are just a few more MIT-licensed files that don't appear in (Also, thanks for packaging the Checker Framework for Debian! Let us know if you need any help, or if we should add some text to https://checkerframework.org/manual/#installation with another installation possibility.) |
Overall, looks great! Thank you for adding the location of the third-party annotations, I did not realize that they were part of this repository. I made a couple comments on that PR. The most significant regards .astub licensing. Our license compliance checks will not allow that into Debian as-is. Please let me know if my recommended solution seems feasible.
Ok, good to know, thanks! I'll double-check the 3.0.1 location. Hopefully, if this all goes well, I can upgrade Debian to the newest version soon.
You're welcome! I will definitely take you up on that. Once we can get this licensing stuff resolved and the package enters Debian (and Ubuntu, as well as other downstreams) I'll make a new issue with recommended verbiage for installing on Debian-based systems. |
Downstream distributors (such as Debian) like to provide detailed information about the origin of software packages in order to recognize the work of people who contribute to the overall system. The only attribution in Checker Framework is currently "Checker Framework developers" in LICENSE.txt. I see that there are additional names listed in the POM files but it is unclear if those are all-inclusive or merely the lead developers.
If possible, if would be great to have an AUTHORS.txt file or similar to recognize all contributors.
The text was updated successfully, but these errors were encountered: