Images in source code.

classic Classic list List threaded Threaded
23 messages Options
12
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Images in source code.

James Bognar-2
I just added several png files to the source tree of our podling.  I
created them myself.  Are there any best-practices on how to mark these as
Apache licensed?
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Josh Elser
On 6/2/17 1:15 PM, James Bognar wrote:
> I just added several png files to the source tree of our podling.  I
> created them myself.  Are there any best-practices on how to mark these as
> Apache licensed?
>

I'm not sure of a good way to track this. I'm not sure if png supports
arbitrary metadata which could be edited. Some ways I've seen used
elsewhere to try to better propagate license/ownership:

* Comments on the issue-tracker issue that introduced them citing
origin/source (typically for images that are copied, not created)
* Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
* A README in the same directory with relevant info

If the images are of the podling's creation, I wouldn't be particularly
worried. The copyright notice on your source-release and LICENSE are
sufficient to inform downstream consumers.

Probably not the answer you're looking for, but hope it helps :)

- Josh

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

James Bognar
Thanks!

I haven't found a metadata editor that works yet, so I'll just add a
LICENSE.txt file to the directory.  Hopefully that's enough.

On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:

> On 6/2/17 1:15 PM, James Bognar wrote:
>
>> I just added several png files to the source tree of our podling.  I
>> created them myself.  Are there any best-practices on how to mark these as
>> Apache licensed?
>>
>>
> I'm not sure of a good way to track this. I'm not sure if png supports
> arbitrary metadata which could be edited. Some ways I've seen used
> elsewhere to try to better propagate license/ownership:
>
> * Comments on the issue-tracker issue that introduced them citing
> origin/source (typically for images that are copied, not created)
> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> * A README in the same directory with relevant info
>
> If the images are of the podling's creation, I wouldn't be particularly
> worried. The copyright notice on your source-release and LICENSE are
> sufficient to inform downstream consumers.
>
> Probably not the answer you're looking for, but hope it helps :)
>
> - Josh
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>


--
James Bognar
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Mark Thomas
On 02/06/2017 22:20, James Bognar wrote:
> Thanks!
>
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.

That is more than is necessary. It might even cause confusion at some
point in the future. I would recommend against doing that. The concern
is that folks have a tendency to attempt to reverse engineer ASF policy
from what they see other projects do which leads them to assume all
sorts of things are required when they are not. That in turn can consume
effort that could have been better spent on other things.

Any file in the project's source tree is ALv2 licensed unless explicitly
called out otherwise in the LICENSE file at the root of the source tree.

Where we can add a header to a file we do, but if we can't (easily),
then we don't and that is fine.

Mark


>
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
>
>> On 6/2/17 1:15 PM, James Bognar wrote:
>>
>>> I just added several png files to the source tree of our podling.  I
>>> created them myself.  Are there any best-practices on how to mark these as
>>> Apache licensed?
>>>
>>>
>> I'm not sure of a good way to track this. I'm not sure if png supports
>> arbitrary metadata which could be edited. Some ways I've seen used
>> elsewhere to try to better propagate license/ownership:
>>
>> * Comments on the issue-tracker issue that introduced them citing
>> origin/source (typically for images that are copied, not created)
>> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
>> * A README in the same directory with relevant info
>>
>> If the images are of the podling's creation, I wouldn't be particularly
>> worried. The copyright notice on your source-release and LICENSE are
>> sufficient to inform downstream consumers.
>>
>> Probably not the answer you're looking for, but hope it helps :)
>>
>> - Josh
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Ted Dunning
In reply to this post by James Bognar
I think a README would be a better name for the explanatory file.



On Fri, Jun 2, 2017 at 11:20 PM, James Bognar <[hidden email]>
wrote:

> Thanks!
>
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.
>
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
>
> > On 6/2/17 1:15 PM, James Bognar wrote:
> >
> >> I just added several png files to the source tree of our podling.  I
> >> created them myself.  Are there any best-practices on how to mark these
> as
> >> Apache licensed?
> >>
> >>
> > I'm not sure of a good way to track this. I'm not sure if png supports
> > arbitrary metadata which could be edited. Some ways I've seen used
> > elsewhere to try to better propagate license/ownership:
> >
> > * Comments on the issue-tracker issue that introduced them citing
> > origin/source (typically for images that are copied, not created)
> > * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > * A README in the same directory with relevant info
> >
> > If the images are of the podling's creation, I wouldn't be particularly
> > worried. The copyright notice on your source-release and LICENSE are
> > sufficient to inform downstream consumers.
> >
> > Probably not the answer you're looking for, but hope it helps :)
> >
> > - Josh
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >
>
>
> --
> James Bognar
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Josh Elser
Agreed. If I wasn't clear the first time, I did not mean to suggest to
add a file named LICENSE* in the same directory as the images.

This would be confusing for the reason Ted also mentioned. I concur with
his suggestion of "README" :)

On 6/2/17 6:16 PM, Ted Dunning wrote:

> I think a README would be a better name for the explanatory file.
>
>
>
> On Fri, Jun 2, 2017 at 11:20 PM, James Bognar <[hidden email]>
> wrote:
>
>> Thanks!
>>
>> I haven't found a metadata editor that works yet, so I'll just add a
>> LICENSE.txt file to the directory.  Hopefully that's enough.
>>
>> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
>>
>>> On 6/2/17 1:15 PM, James Bognar wrote:
>>>
>>>> I just added several png files to the source tree of our podling.  I
>>>> created them myself.  Are there any best-practices on how to mark these
>> as
>>>> Apache licensed?
>>>>
>>>>
>>> I'm not sure of a good way to track this. I'm not sure if png supports
>>> arbitrary metadata which could be edited. Some ways I've seen used
>>> elsewhere to try to better propagate license/ownership:
>>>
>>> * Comments on the issue-tracker issue that introduced them citing
>>> origin/source (typically for images that are copied, not created)
>>> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
>>> * A README in the same directory with relevant info
>>>
>>> If the images are of the podling's creation, I wouldn't be particularly
>>> worried. The copyright notice on your source-release and LICENSE are
>>> sufficient to inform downstream consumers.
>>>
>>> Probably not the answer you're looking for, but hope it helps :)
>>>
>>> - Josh
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>>
>>
>>
>> --
>> James Bognar
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Craig Russell-3
In reply to this post by James Bognar
Hi James,

Everything that is not explicitly called out in the top level NOTICE and LICENSE files are licensed under the Apache 2.0 license.

Adding a file to this directory might mislead people into thinking that they need to perform more due diligence with other files in other directories.

My advice is to *not* add anything. Let the images be licensed per the terms the top level LICENSE file.

Craig

> On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]> wrote:
>
> Thanks!
>
> I haven't found a metadata editor that works yet, so I'll just add a
> LICENSE.txt file to the directory.  Hopefully that's enough.
>
> On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
>
>> On 6/2/17 1:15 PM, James Bognar wrote:
>>
>>> I just added several png files to the source tree of our podling.  I
>>> created them myself.  Are there any best-practices on how to mark these as
>>> Apache licensed?
>>>
>>>
>> I'm not sure of a good way to track this. I'm not sure if png supports
>> arbitrary metadata which could be edited. Some ways I've seen used
>> elsewhere to try to better propagate license/ownership:
>>
>> * Comments on the issue-tracker issue that introduced them citing
>> origin/source (typically for images that are copied, not created)
>> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
>> * A README in the same directory with relevant info
>>
>> If the images are of the podling's creation, I wouldn't be particularly
>> worried. The copyright notice on your source-release and LICENSE are
>> sufficient to inform downstream consumers.
>>
>> Probably not the answer you're looking for, but hope it helps :)
>>
>> - Josh
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
>
> --
> James Bognar

Craig L Russell
[hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

John D. Ament-2
On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]
> >> For additional commands, e-mail: [hidden email]
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> [hidden email]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

James Bognar
Thanks everyone who replied.

The reason I asked is because we've previously been asked about ownership
of image files during release votes, so I wasn't sure if we were supposed
to mark them somehow.

On Sat, Jun 3, 2017 at 9:46 AM John D. Ament <[hidden email]> wrote:

> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: [hidden email]
> > >> For additional commands, e-mail: [hidden email]
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > [hidden email]
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >
>
--
James Bognar
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Martin Gainty
In reply to this post by John D. Ament-2
is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <[hidden email]>
Sent: Saturday, June 3, 2017 9:46 AM
To: [hidden email]
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]
> >> For additional commands, e-mail: [hidden email]
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> [hidden email]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

James Bognar
That's a good question.  I've discovered that images CAN contain metadata
that includes ownership information.  Rat could check for these.  In
practice though, these comment fields don't seem to be often used.

If I could add a simple "Copyright Apache" message to the metadata, I
would, but the tooling is suprisingly lacking.

On Sun, Jun 4, 2017 at 8:49 AM, Martin Gainty <[hidden email]> wrote:

> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <[hidden email]>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: [hidden email]
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: [hidden email]
> > >> For additional commands, e-mail: [hidden email]
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > [hidden email]
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >
>



--
James Bognar
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Ted Dunning
In reply to this post by Martin Gainty
What does subverted by Salesforce even mean here?

Any Apache licensed material can be "subverted" by pretty much anybody if
subverted means use for any purpose they feel like.

On Jun 4, 2017 14:49, "Martin Gainty" <[hidden email]> wrote:

> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <[hidden email]>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: [hidden email]
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: [hidden email]
> > >> For additional commands, e-mail: [hidden email]
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > [hidden email]
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Mike Drob
Project logos are Apache Licensed, but cannot be used for "any purpose" I
thought? They're specifically called out and most uses of trademark logos
need to be approved by VP Brand.

https://www.apache.org/foundation/marks/

On Sun, Jun 4, 2017 at 9:09 AM, Ted Dunning <[hidden email]> wrote:

> What does subverted by Salesforce even mean here?
>
> Any Apache licensed material can be "subverted" by pretty much anybody if
> subverted means use for any purpose they feel like.
>
> On Jun 4, 2017 14:49, "Martin Gainty" <[hidden email]> wrote:
>
> > is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> > are *not* being subverted by salesforce
> >
> >
> > http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
> >
> >
> > Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> > apache.org/rat/apache-rat-plugin/rat-mojo.html>
> > creadur.apache.org
> > apache-rat:rat. Note:This goal should be used as a Maven report. Full
> > name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
> >
> > ?
> >
> > Martin
> > ______________________________________________
> >
> >
> >
> > ________________________________
> > From: John D. Ament <[hidden email]>
> > Sent: Saturday, June 3, 2017 9:46 AM
> > To: [hidden email]
> > Subject: Re: Images in source code.
> >
> > On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]>
> wrote:
> >
> > > Hi James,
> > >
> > > Everything that is not explicitly called out in the top level NOTICE
> and
> > > LICENSE files are licensed under the Apache 2.0 license.
> > >
> > > Adding a file to this directory might mislead people into thinking that
> > > they need to perform more due diligence with other files in other
> > > directories.
> > >
> > > My advice is to *not* add anything. Let the images be licensed per the
> > > terms the top level LICENSE file.
> > >
> >
> > Agreed.  What we do like to make sure is called out is if there is
> > provenance that these images came from somewhere else.  If these images
> > were not created by you and were not already under apache license, then
> we
> > would have a concern.
> >
> >
> > >
> > > Craig
> > >
> > > > On Jun 2, 2017, at 2:20 PM, James Bognar <
> [hidden email]>
> > > wrote:
> > > >
> > > > Thanks!
> > > >
> > > > I haven't found a metadata editor that works yet, so I'll just add a
> > > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > > >
> > > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]>
> wrote:
> > > >
> > > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > > >>
> > > >>> I just added several png files to the source tree of our podling.
> I
> > > >>> created them myself.  Are there any best-practices on how to mark
> > > these as
> > > >>> Apache licensed?
> > > >>>
> > > >>>
> > > >> I'm not sure of a good way to track this. I'm not sure if png
> supports
> > > >> arbitrary metadata which could be edited. Some ways I've seen used
> > > >> elsewhere to try to better propagate license/ownership:
> > > >>
> > > >> * Comments on the issue-tracker issue that introduced them citing
> > > >> origin/source (typically for images that are copied, not created)
> > > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of
> course)
> > > >> * A README in the same directory with relevant info
> > > >>
> > > >> If the images are of the podling's creation, I wouldn't be
> > particularly
> > > >> worried. The copyright notice on your source-release and LICENSE are
> > > >> sufficient to inform downstream consumers.
> > > >>
> > > >> Probably not the answer you're looking for, but hope it helps :)
> > > >>
> > > >> - Josh
> > > >>
> > > >> ------------------------------------------------------------
> ---------
> > > >> To unsubscribe, e-mail: [hidden email]
> > > >> For additional commands, e-mail: [hidden email]
> > > >>
> > > >>
> > > >
> > > >
> > > > --
> > > > James Bognar
> > >
> > > Craig L Russell
> > > [hidden email]
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [hidden email]
> > > For additional commands, e-mail: [hidden email]
> > >
> > >
> >
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Martin Gainty
In reply to this post by James Bognar




________________________________
From: James Bognar <[hidden email]>
Sent: Sunday, June 4, 2017 9:13 AM
To: [hidden email]
Subject: Re: Images in source code.

That's a good question.  I've discovered that images CAN contain metadata
that includes ownership information.  Rat could check for these.  In
practice though, these comment fields don't seem to be often used.

If I could add a simple "Copyright Apache" message to the metadata, I
would, but the tooling is suprisingly lacking.

MG>To answer the second question
MG>entities who purchase a product (salesforce) would not necessarily know:
MG>who created the code (especially when license information is stripped out and there is no attribution in META-INF readme/licenses)
MG>who generated the images..(assuming designers have the legal right to trademark/copyright their work)

MG>apologies for picking on salesforce ..ive seen other organisations grab OpenSource Assets/Code, stripout licenses & call it their own

MG>James if you can show me where the Copyright Apache is in metadata .. I'll get maven-rat-plugin to read metadata and throw BuildException
MG>and fail the rat check

MG>thanks for your help

On Sun, Jun 4, 2017 at 8:49 AM, Martin Gainty <[hidden email]> wrote:

> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:



>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.
> apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
>
> ?
>
> Martin
> ______________________________________________
>
>
>
> ________________________________
> From: John D. Ament <[hidden email]>
> Sent: Saturday, June 3, 2017 9:46 AM
> To: [hidden email]
> Subject: Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: [hidden email]
> > >> For additional commands, e-mail: [hidden email]
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > [hidden email]
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >
>



--
James Bognar
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Ted Dunning
In reply to this post by Mike Drob
Mike,

Is that what Martin was talking about? Doesn't that seem pretty far off of
this thread which is about how to label images created for testing purposes?


On Sun, Jun 4, 2017 at 9:12 PM, Mike Drob <[hidden email]> wrote:

> Project logos are Apache Licensed, but cannot be used for "any purpose" I
> thought? They're specifically called out and most uses of trademark logos
> need to be approved by VP Brand.
>
> https://www.apache.org/foundation/marks/
>
>
> On Sun, Jun 4, 2017 at 9:09 AM, Ted Dunning <[hidden email]> wrote:
>
> > What does subverted by Salesforce even mean here?
> >
> > Any Apache licensed material can be "subverted" by pretty much anybody if
> > subverted means use for any purpose they feel like.
> >
> > On Jun 4, 2017 14:49, "Martin Gainty" <[hidden email]> wrote:
> >
> > > is there anyway to run maven-rat-plugin to make sure ASF licensed
> assets
> > > are *not* being subverted by salesforce
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Shane Curcuru-2
In reply to this post by Mike Drob
Mike Drob wrote on 6/4/17 3:12 PM:
> Project logos are Apache Licensed, but cannot be used for "any purpose" I
> thought? They're specifically called out and most uses of trademark logos
> need to be approved by VP Brand.

Correct, although not quite exact.  The Apache license itself explicitly
*excludes* trademark rights [1]:

  https://www.apache.org/licenses/LICENSE-2.0.html#trademarks

So users are free to reuse our icons and logos and what-not almost
anyway they like, but *not* in ways that would infringe on our existing
trademarks for software products.

Users can take the nutty Apache Flink squirrel logo and use it to refer
to Apache Flink itself.  They could also use it as part of an art
collage, or in a presentation about squirrels, or mash it up with logos
of dogs or any other sort of non-trademark uses.  They can't use it (in
general cases) to refer to a different software product than Flink.

The reporting guide has some steps for thinking about "Is this
$somebody's use of an Apache logo OK or not?"

  https://www.apache.org/foundation/marks/reporting#kinds

--

- Shane
  https://www.apache.org/foundation/marks/resources

[1] Protip: no OSI-approved software license gives users any trademark
rights - even if "trademarks" never appears in the license.  FOSS
licenses are only *copyright* licenses, not trademark licenses.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Bertrand Delacretaz
In reply to this post by James Bognar
On Sat, Jun 3, 2017 at 6:12 PM, James Bognar
<[hidden email]> wrote:
> ...The reason I asked is because we've previously been asked about ownership
> of image files during release votes, so I wasn't sure if we were supposed
> to mark them somehow...

You could create a ticket in your issue tracker to indicate the
provenance of those images, and mention the ticket ID in the commit
messages when adding those images. Or maybe just add "created by
myself" to the commit messages for clarity.

-Bertrand

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Martin Gainty
In reply to this post by Martin Gainty
James and Team


quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)

i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled

Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image

Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated


Thanks,

Martin
______________________________________________



________________________________
From: Martin Gainty <[hidden email]>
Sent: Sunday, June 4, 2017 8:49 AM
To: [hidden email]
Subject: Re: Images in source code.


is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <[hidden email]>
Sent: Saturday, June 3, 2017 9:46 AM
To: [hidden email]
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:

> Hi James,
>
> Everything that is not explicitly called out in the top level NOTICE and
> LICENSE files are licensed under the Apache 2.0 license.
>
> Adding a file to this directory might mislead people into thinking that
> they need to perform more due diligence with other files in other
> directories.
>
> My advice is to *not* add anything. Let the images be licensed per the
> terms the top level LICENSE file.
>

Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.


>
> Craig
>
> > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> wrote:
> >
> > Thanks!
> >
> > I haven't found a metadata editor that works yet, so I'll just add a
> > LICENSE.txt file to the directory.  Hopefully that's enough.
> >
> > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> >
> >> On 6/2/17 1:15 PM, James Bognar wrote:
> >>
> >>> I just added several png files to the source tree of our podling.  I
> >>> created them myself.  Are there any best-practices on how to mark
> these as
> >>> Apache licensed?
> >>>
> >>>
> >> I'm not sure of a good way to track this. I'm not sure if png supports
> >> arbitrary metadata which could be edited. Some ways I've seen used
> >> elsewhere to try to better propagate license/ownership:
> >>
> >> * Comments on the issue-tracker issue that introduced them citing
> >> origin/source (typically for images that are copied, not created)
> >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> >> * A README in the same directory with relevant info
> >>
> >> If the images are of the podling's creation, I wouldn't be particularly
> >> worried. The copyright notice on your source-release and LICENSE are
> >> sufficient to inform downstream consumers.
> >>
> >> Probably not the answer you're looking for, but hope it helps :)
> >>
> >> - Josh
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]
> >> For additional commands, e-mail: [hidden email]
> >>
> >>
> >
> >
> > --
> > James Bognar
>
> Craig L Russell
> [hidden email]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

James Bognar
I was unsuccessful finding a tool as well.

On Thu, Jun 15, 2017 at 7:46 PM, Martin Gainty <[hidden email]> wrote:

> James and Team
>
>
> quick update I have factored rat-plugin to read XMP (an XML
> metadata-tagged file with embedded Image)
>
> i have tried adding metadata tags using the crippled freebie photoshop and
> could not find any way to add metadata tags to PNG, JPG or PSD as the
> File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled
>
>
> Im reading some blogs that exiftool<sp?> can add metadata tags to any
> existing image
>
> Any clues as to where to locate any tool that can add metadata tag to an
> Image would be appreciated
>
>
> Thanks,
> Martin
> ______________________________________________
>
>
>
>
> ------------------------------
> *From:* Martin Gainty <[hidden email]>
> *Sent:* Sunday, June 4, 2017 8:49 AM
> *To:* [hidden email]
> *Subject:* Re: Images in source code.
>
>
> is there anyway to run maven-rat-plugin to make sure ASF licensed assets
> are *not* being subverted by salesforce
>
>
> http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html
>
>
> Apache Rat™ Plugin for Apache Maven – apache-rat:rat
> <http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
> creadur.apache.org
> apache-rat:rat. Note:This goal should be used as a Maven report. Full
> name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:
> ?
>
> Martin
> ______________________________________________
>
>
>
>
> ------------------------------
> *From:* John D. Ament <[hidden email]>
> *Sent:* Saturday, June 3, 2017 9:46 AM
> *To:* [hidden email]
> *Subject:* Re: Images in source code.
>
> On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:
>
> > Hi James,
> >
> > Everything that is not explicitly called out in the top level NOTICE and
> > LICENSE files are licensed under the Apache 2.0 license.
> >
> > Adding a file to this directory might mislead people into thinking that
> > they need to perform more due diligence with other files in other
> > directories.
> >
> > My advice is to *not* add anything. Let the images be licensed per the
> > terms the top level LICENSE file.
> >
>
> Agreed.  What we do like to make sure is called out is if there is
> provenance that these images came from somewhere else.  If these images
> were not created by you and were not already under apache license, then we
> would have a concern.
>
>
> >
> > Craig
> >
> > > On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
> > wrote:
> > >
> > > Thanks!
> > >
> > > I haven't found a metadata editor that works yet, so I'll just add a
> > > LICENSE.txt file to the directory.  Hopefully that's enough.
> > >
> > > On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:
> > >
> > >> On 6/2/17 1:15 PM, James Bognar wrote:
> > >>
> > >>> I just added several png files to the source tree of our podling.  I
> > >>> created them myself.  Are there any best-practices on how to mark
> > these as
> > >>> Apache licensed?
> > >>>
> > >>>
> > >> I'm not sure of a good way to track this. I'm not sure if png supports
> > >> arbitrary metadata which could be edited. Some ways I've seen used
> > >> elsewhere to try to better propagate license/ownership:
> > >>
> > >> * Comments on the issue-tracker issue that introduced them citing
> > >> origin/source (typically for images that are copied, not created)
> > >> * Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
> > >> * A README in the same directory with relevant info
> > >>
> > >> If the images are of the podling's creation, I wouldn't be
> particularly
> > >> worried. The copyright notice on your source-release and LICENSE are
> > >> sufficient to inform downstream consumers.
> > >>
> > >> Probably not the answer you're looking for, but hope it helps :)
> > >>
> > >> - Josh
> > >>
> > >> ---------------------------------------------------------------------
> > >> To unsubscribe, e-mail: [hidden email]
> > >> For additional commands, e-mail: [hidden email]
> > >>
> > >>
> > >
> > >
> > > --
> > > James Bognar
> >
> > Craig L Russell
> > [hidden email]
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
> >
>



--
James Bognar
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Images in source code.

Felix Meschberger-4
In reply to this post by Martin Gainty
Here: http://www.sno.phy.queensu.ca/~phil/exiftool/ ?

and http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/XMP.html

(Thanks Google ;-) )

Regards
Felix

Am 15.06.2017 um 16:46 schrieb Martin Gainty <[hidden email]<mailto:[hidden email]>>:

James and Team


quick update I have factored rat-plugin to read XMP (an XML metadata-tagged file with embedded Image)

i have tried adding metadata tags using the crippled freebie photoshop and could not find any way to add metadata tags to PNG, JPG or PSD as the File/FileInfo menu in freebie photoshop is hopelessly greyed out/disabled

Im reading some blogs that exiftool<sp?> can add metadata tags to any existing image

Any clues as to where to locate any tool that can add metadata tag to an Image would be appreciated


Thanks,

Martin
______________________________________________



________________________________
From: Martin Gainty <[hidden email]<mailto:[hidden email]>>
Sent: Sunday, June 4, 2017 8:49 AM
To: [hidden email]<mailto:[hidden email]>
Subject: Re: Images in source code.


is there anyway to run maven-rat-plugin to make sure ASF licensed assets are *not* being subverted by salesforce


http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html


Apache Rat™ Plugin for Apache Maven – apache-rat:rat<http://creadur.apache.org/rat/apache-rat-plugin/rat-mojo.html>
creadur.apache.org<http://creadur.apache.org>
apache-rat:rat. Note:This goal should be used as a Maven report. Full name: org.apache.rat:apache-rat-plugin:0.13-SNAPSHOT:rat. Description:

?

Martin
______________________________________________



________________________________
From: John D. Ament <[hidden email]>
Sent: Saturday, June 3, 2017 9:46 AM
To: [hidden email]
Subject: Re: Images in source code.

On Fri, Jun 2, 2017 at 8:20 PM Craig Russell <[hidden email]> wrote:

Hi James,

Everything that is not explicitly called out in the top level NOTICE and
LICENSE files are licensed under the Apache 2.0 license.

Adding a file to this directory might mislead people into thinking that
they need to perform more due diligence with other files in other
directories.

My advice is to *not* add anything. Let the images be licensed per the
terms the top level LICENSE file.


Agreed.  What we do like to make sure is called out is if there is
provenance that these images came from somewhere else.  If these images
were not created by you and were not already under apache license, then we
would have a concern.



Craig

On Jun 2, 2017, at 2:20 PM, James Bognar <[hidden email]>
wrote:

Thanks!

I haven't found a metadata editor that works yet, so I'll just add a
LICENSE.txt file to the directory.  Hopefully that's enough.

On Fri, Jun 2, 2017 at 4:48 PM, Josh Elser <[hidden email]> wrote:

On 6/2/17 1:15 PM, James Bognar wrote:

I just added several png files to the source tree of our podling.  I
created them myself.  Are there any best-practices on how to mark
these as
Apache licensed?


I'm not sure of a good way to track this. I'm not sure if png supports
arbitrary metadata which could be edited. Some ways I've seen used
elsewhere to try to better propagate license/ownership:

* Comments on the issue-tracker issue that introduced them citing
origin/source (typically for images that are copied, not created)
* Entry in LICENSE/NOTICE (shouldn't be done unnecessarily, of course)
* A README in the same directory with relevant info

If the images are of the podling's creation, I wouldn't be particularly
worried. The copyright notice on your source-release and LICENSE are
sufficient to inform downstream consumers.

Probably not the answer you're looking for, but hope it helps :)

- Josh

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]




--
James Bognar

Craig L Russell
[hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]



12
Loading...