[CELEBORN-1003] Correct the LICENSE and NOTICE for shaded client jars #1933
Conversation
pan3793
force-pushed
the
CELEBORN-1003
branch
from
6deac67
to
aa5e40f
Compare
| <exclude>META-INF/LICENSE.txt</exclude> | ||
| <exclude>META-INF/NOTICE.txt</exclude> | ||
| <exclude>LICENSE.txt</exclude> | ||
| <exclude>NOTICE.txt</exclude> |
There was a problem hiding this comment.
@Apache9 the suggested ApacheLicenseResourceTransformer and ApacheNoticeResourceTransformer in [1] seem not to work as expected, I finally chose to filter those files out by rules.
[1] https://lists.apache.org/thread/8v4wy5o132rpsjync6465zztgjlf6h5p
There was a problem hiding this comment.
If there are conflict LICENSE file then the ApacheLicenseResourceTransformer will ignore them, but I think ApacheNoticeResourceTransformer will aggregate all the NOTICE files into one. Anyway, you can do it manually but the problem is once you add new dependencies, you still need to manually modify the NOTICE file.
|
@pjfanning I would appreciate it if you could take a look at this license issue fix |
pan3793
requested review from
FMX and
waitinfuture
and removed request for
FMX
|
LGTM, thanks! @FMX could you also TAL? |
| <exclude>META-INF/LICENSE.txt</exclude> | ||
| <exclude>META-INF/NOTICE.txt</exclude> | ||
| <exclude>LICENSE.txt</exclude> | ||
| <exclude>NOTICE.txt</exclude> |
There was a problem hiding this comment.
If there are conflict LICENSE file then the ApacheLicenseResourceTransformer will ignore them, but I think ApacheNoticeResourceTransformer will aggregate all the NOTICE files into one. Anyway, you can do it manually but the problem is once you add new dependencies, you still need to manually modify the NOTICE file.
| This project bundles the following dependencies under the Apache Software License 2.0 (http://www.apache.org/licenses/LICENSE-2.0.txt): | ||
|
|
||
|
|
||
| Apache Software Foundation License 2.0 |
There was a problem hiding this comment.
Is this the correct name of this license?
There was a problem hiding this comment.
Emm... seems not right, should be
- "Apache Software Foundation License 2.0"
+ "Apache License 2.0"?
There was a problem hiding this comment.
BTW, it was copied from Apache Spark...
| The Apache Software Foundation (https://www.apache.org/). | ||
|
|
||
| ============================================================================= | ||
| = NOTICE file corresponding to section 4d of the Apache License Version 2.0 = |
There was a problem hiding this comment.
What about netty and guava? And I think we also need a section about protobuf?
There was a problem hiding this comment.
there is no NOTICE.* inside netty and guava jars, how should we write in such cases?
client-spark/spark-3-shaded/src/main/resources/META-INF/LICENSE
Outdated
Show resolved
Hide resolved
client-spark/spark-3-shaded/src/main/resources/META-INF/LICENSE
Outdated
Show resolved
Hide resolved
Definitely looks to be on the right track. When this is complete and merged, I can have a look at the jars. |
pan3793
force-pushed
the
CELEBORN-1003
branch
from
aa5e40f
to
ccfbc67
Compare
Codecov Report
@@ Coverage Diff @@
## main #1933 +/- ##
==========================================
- Coverage 46.54% 46.36% -0.17%
==========================================
Files 164 164
Lines 10337 10337
Branches 953 953
==========================================
- Hits 4810 4792 -18
- Misses 5213 5227 +14
- Partials 314 318 +4 see 2 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
|
All comments are addressed, I'm going to merge it and backport to branch-0.3, then start the next RC of 0.3.1 |
Correct the `LICENSE` and `NOTICE` for the following shaded client jars - `celeborn-client-flink-1.14-shaded_2.12-<version>.jar` - `celeborn-client-flink-1.15-shaded_2.12-<version>.jar` - `celeborn-client-flink-1.17-shaded_2.12-<version>.jar` - `celeborn-client-mr-shaded_2.12-<version>.jar` - `celeborn-client-spark-2-shaded_2.11-<version>.jar` - `celeborn-client-spark-3-shaded_2.12-<version>.jar` The `LICENSE` and `NOTICE` shipped in a jar should match the content of the jar, for shaded jars, it should acknowledge all the third-party classes that are bundled. See more discussion at https://lists.apache.org/thread/8v4wy5o132rpsjync6465zztgjlf6h5p For how to determine which third-party jars are bundled, take `celeborn-client-spark-3-shaded_2.12-<version>.jar` as an example, the following command performs the packaging, and we can find them out by looking at logs like `Including ... in the shaded jar` ``` build/mvn clean package -DskipTests -pl :celeborn-client-spark-3-shaded_2.12 -am -Pspark-3.3 ``` ``` [INFO] --- maven-shade-plugin:3.4.0:shade (default) celeborn-client-spark-3-shaded_2.12 --- [INFO] Including org.apache.celeborn:celeborn-client-spark-3_2.12:jar:0.4.0-SNAPSHOT in the shaded jar. [INFO] Including org.apache.celeborn:celeborn-common_2.12:jar:0.4.0-SNAPSHOT in the shaded jar. [INFO] Including org.apache.commons:commons-lang3:jar:3.12.0 in the shaded jar. [INFO] Including io.netty:netty-all:jar:4.1.93.Final in the shaded jar. [INFO] Including io.netty:netty-buffer:jar:4.1.93.Final in the shaded jar. ... [INFO] Excluding org.apache.ratis:ratis-common:jar:2.5.1 from the shaded jar. [INFO] Excluding org.apache.ratis:ratis-thirdparty-misc:jar:1.0.4 from the shaded jar. [INFO] Excluding org.apache.ratis:ratis-proto:jar:2.5.1 from the shaded jar. ... ``` No. Manually. Closes #1933 from pan3793/CELEBORN-1003. Authored-by: Cheng Pan <[email protected]> Signed-off-by: Cheng Pan <[email protected]> (cherry picked from commit 78553f1) Signed-off-by: Cheng Pan <[email protected]>
Correct the `LICENSE` and `NOTICE` for the following shaded client jars - `celeborn-client-flink-1.14-shaded_2.12-<version>.jar` - `celeborn-client-flink-1.15-shaded_2.12-<version>.jar` - `celeborn-client-flink-1.17-shaded_2.12-<version>.jar` - `celeborn-client-mr-shaded_2.12-<version>.jar` - `celeborn-client-spark-2-shaded_2.11-<version>.jar` - `celeborn-client-spark-3-shaded_2.12-<version>.jar` The `LICENSE` and `NOTICE` shipped in a jar should match the content of the jar, for shaded jars, it should acknowledge all the third-party classes that are bundled. See more discussion at https://lists.apache.org/thread/8v4wy5o132rpsjync6465zztgjlf6h5p For how to determine which third-party jars are bundled, take `celeborn-client-spark-3-shaded_2.12-<version>.jar` as an example, the following command performs the packaging, and we can find them out by looking at logs like `Including ... in the shaded jar` ``` build/mvn clean package -DskipTests -pl :celeborn-client-spark-3-shaded_2.12 -am -Pspark-3.3 ``` ``` [INFO] --- maven-shade-plugin:3.4.0:shade (default) celeborn-client-spark-3-shaded_2.12 --- [INFO] Including org.apache.celeborn:celeborn-client-spark-3_2.12:jar:0.4.0-SNAPSHOT in the shaded jar. [INFO] Including org.apache.celeborn:celeborn-common_2.12:jar:0.4.0-SNAPSHOT in the shaded jar. [INFO] Including org.apache.commons:commons-lang3:jar:3.12.0 in the shaded jar. [INFO] Including io.netty:netty-all:jar:4.1.93.Final in the shaded jar. [INFO] Including io.netty:netty-buffer:jar:4.1.93.Final in the shaded jar. ... [INFO] Excluding org.apache.ratis:ratis-common:jar:2.5.1 from the shaded jar. [INFO] Excluding org.apache.ratis:ratis-thirdparty-misc:jar:1.0.4 from the shaded jar. [INFO] Excluding org.apache.ratis:ratis-proto:jar:2.5.1 from the shaded jar. ... ``` No. Manually. Closes #1933 from pan3793/CELEBORN-1003. Authored-by: Cheng Pan <[email protected]> Signed-off-by: Cheng Pan <[email protected]> (cherry picked from commit 78553f1) Signed-off-by: Cheng Pan <[email protected]>
What changes were proposed in this pull request?
Correct the
LICENSEandNOTICEfor the following shaded client jarsceleborn-client-flink-1.14-shaded_2.12-<version>.jarceleborn-client-flink-1.15-shaded_2.12-<version>.jarceleborn-client-flink-1.17-shaded_2.12-<version>.jarceleborn-client-mr-shaded_2.12-<version>.jarceleborn-client-spark-2-shaded_2.11-<version>.jarceleborn-client-spark-3-shaded_2.12-<version>.jarWhy are the changes needed?
The
LICENSEandNOTICEshipped in a jar should match the content of the jar, for shaded jars, it should acknowledge all the third-party classes that are bundled.See more discussion at https://lists.apache.org/thread/8v4wy5o132rpsjync6465zztgjlf6h5p
For how to determine which third-party jars are bundled, take
celeborn-client-spark-3-shaded_2.12-<version>.jaras an example, the following command performs the packaging, and we can find them out by looking at logs likeIncluding ... in the shaded jarDoes this PR introduce any user-facing change?
No.
How was this patch tested?
Manually.