Apache
/
druid
mirror of https://github.com/apache/druid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

remove licenses of removed libraries, update the license checker (#15446) 

- Licenses file contains several licenses for outdated libraries. In this PR we remove licenses for no longer used components. 
  This change is purely cosmetic / cleans up the license database. 
  The candidates were designated by reviewing the output of the license check script and comparing it against the depdency tree.

 - Minor fix to license check tool to fail more gracefully when the license of used dependency is not listed as known, as well as fix not to fail on multi licensed components when at least one of the licenses is accepted. 

---------

Co-authored-by: Xavier Léauté <xl+github@xvrl.net>
This commit is contained in:
Jan Werner 2023-12-04 16:20:40 -05:00 committed by GitHub
parent 8cc256b079
commit b66d995e6f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 631 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
distribution/bin/check-licenses.py
View File

@ -202,8 +202,19 @@ class DependencyReportParser(HTMLParser):
def set_license(self, data):
if data.upper().find("GPL") < 0:
if self.license != 'Apache License version 2.0':
self.license = self.compatible_license_names[data]
# Check if the license assosciated with the component is acccepted
# set_license() will pick the first acceptable license
# this fixes issue where a multi-licensed component
# could override accepted license with not accepted one
# e.g., EPL / GPL for logback-core
if self.license not in self.compatible_license_names:
try:
self.license = self.compatible_license_names[data]
except KeyError:
print("Unsupported license: " + data)
print("For:" + self.group_id + " " + self.artifact_id + " in: "+ self.druid_module_name)
else:
print(self.group_id + " " + self.artifact_id + " in: " + self.druid_module_name + " with: " + self.license + " ignoring " + data)
def print_log_to_stderr(string):

635
licenses.yaml
View File

@ -15,6 +15,8 @@
# specific language governing permissions and limitations
# under the License.
---
name: conjunctive normal form conversion code, a variance aggregator algorithm, and Bloom filter adapted from Apache Hive
version:
license_category: source
@ -217,33 +219,6 @@ notice: |
---
name: Esri Geometry API for Java
license_category: binary
module: java-core
license_name: Apache License version 2.0
version: 2.2.0
libraries:
- com.esri.geometry: esri-geometry-api
---
name: ClassMate
license_category: binary
module: java-core
license_name: Apache License version 2.0
version: 1.1.0
libraries:
- com.fasterxml: classmate
notices:
- classmate: |
Java ClassMate library was originally written by Tatu Saloranta (tatu.saloranta@iki.fi)
Other developers who have contributed code are:
* Brian Langel
---
name: Jackson
license_category: binary
module: java-core
@ -817,15 +792,6 @@ libraries:
---
name: org.objenesis objenesis
license_category: binary
module: extensions/druid-pac4j
license_name: Apache License version 2.0
version: 3.0.1
libraries:
- org.objenesis: objenesis
---
name: com.nimbusds lang-tag
license_category: binary
@ -937,16 +903,6 @@ libraries:
---
name: io.sundr builder-annotations
license_category: binary
module: extensions/druid-kubernetes-extensions
license_name: Apache License version 2.0
version: 0.22.0
libraries:
- io.sundr: builder-annotations
---
name: com.squareup.okio okio
license_category: binary
module: extensions/druid-kubernetes-extensions
@ -1067,25 +1023,6 @@ libraries:
---
name: io.sundr resourcecify-annotations
license_category: binary
module: extensions/druid-kubernetes-extensions
license_name: Apache License version 2.0
version: 0.22.0
libraries:
- io.sundr: resourcecify-annotations
---
name: io.sundr sundr-codegen
license_category: binary
module: extensions/druid-kubernetes-extensions
license_name: Apache License version 2.0
version: 0.22.0
libraries:
- io.sundr: sundr-codegen
---
name: org.bouncycastle bcprov-jdk15on
license_category: binary
@ -1127,16 +1064,6 @@ libraries:
---
name: io.sundr sundr-core
license_category: binary
module: extensions/druid-kubernetes-extensions
license_name: Apache License version 2.0
version: 0.22.0
libraries:
- io.sundr: sundr-core
---
name: com.squareup.okhttp3 logging-interceptor
license_category: binary
module: extensions/druid-kubernetes-extensions
@ -1617,16 +1544,6 @@ libraries:
---
name: ASM Based Accessors Helper Used By JSON Smart
license_category: binary
module: java-core
license_name: Apache License version 2.0
version: 1.2
libraries:
- net.minidev: accessors-smart
---
name: JSON Small and Fast Parser
license_category: binary
module: java-core
@ -1775,7 +1692,6 @@ notice: |
http://www.itl.nist.gov/div897/ctg/sql_form.htm
=========================================================================
@ -1815,20 +1731,6 @@ notice: |
---
name: Apache HttpClient
license_category: binary
module: java-core
license_name: Apache License version 2.0
version: 4.5.10
libraries:
- org.apache.httpcomponents: httpclient
notices:
- httpclient: |
Apache HttpClient
Copyright 1999-2017 The Apache Software Foundation
---
name: Apache HttpClient
license_category: binary
module: java-core
@ -1843,20 +1745,6 @@ notices:
---
name: Apache HttpClient
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 4.5.2
libraries:
- org.apache.httpcomponents: httpclient
notices:
- httpclient: |
Apache HttpClient
Copyright 1999-2016 The Apache Software Foundation
---
name: Apache HttpCore
license_category: binary
module: java-core
@ -2198,16 +2086,6 @@ notice: |
---
name: Hibernate Validator Engine
license_category: binary
module: java-core
license_name: Apache License version 2.0
version: 5.2.5.Final
libraries:
- org.hibernate: hibernate-validator
---
name: Kerby
license_category: binary
module: java-core
@ -2422,7 +2300,7 @@ name: Objenesis
license_category: binary
module: java-core
license_name: Apache License version 2.0
version: 2.6
version: 3.3
libraries:
- org.objenesis: objenesis
@ -2506,74 +2384,6 @@ libraries:
---
name: Guava
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 11.0.2
libraries:
- com.google.guava: guava
---
name: Nimbus JOSE+JWT
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 4.41.1
libraries:
- com.nimbusds: nimbus-jose-jwt
---
name: OkHttp
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 2.4.0
libraries:
- com.squareup.okhttp: okhttp
---
name: Okio
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.4.0
libraries:
- com.squareup.okio: okio
---
name: Apache Commons BeanUtils
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.7.0
libraries:
- commons-beanutils: commons-beanutils
notices:
- commons-beanutils: |
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
---
name: Apache Commons BeanUtils
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.8.0
libraries:
- commons-beanutils: commons-beanutils-core
notices:
- common-beanutils-core: |
Apache Commons BeanUtils
Copyright 2000-2008 The Apache Software Foundation
---
name: Apache Commons Codec
license_category: binary
module: hadoop-client
@ -2594,20 +2404,6 @@ notices:
---
name: Apache Commons Configuration
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.6
libraries:
- commons-configuration: commons-configuration
notices:
- commons-configuration: |
Apache Commons Configuration
Copyright 2001-2008 The Apache Software Foundation
---
name: Apache Commons Digester
license_category: binary
module: hadoop-client
@ -2733,138 +2529,6 @@ notices:
file.
---
name: Netty
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 3.6.2.Final
libraries:
- io.netty: netty
notices:
- netty: |
==
The Netty Project
=================
Please visit the Netty web site for more information:
* http://netty.io/
Copyright 2011 The Netty Project
The Netty Project licenses this file to you under the Apache License,
version 2.0 (the "License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
Also, please refer to each LICENSE.<component>.txt file, which is located in
the 'license' directory of the distribution file, for the license terms of the
components that this product depends on.
-------------------------------------------------------------------------------
This product contains the extensions to Java Collections Framework which has
been derived from the works by JSR-166 EG, Doug Lea, and Jason T. Greene:
* LICENSE:
* license/LICENSE.jsr166y.txt (Public Domain)
* HOMEPAGE:
* http://gee.cs.oswego.edu/cgi-bin/viewcvs.cgi/jsr166/
* http://viewvc.jboss.org/cgi-bin/viewvc.cgi/jbosscache/experimental/jsr166/
This product contains a modified version of Robert Harder's Public Domain
Base64 Encoder and Decoder, which can be obtained at:
* LICENSE:
* license/LICENSE.base64.txt (Public Domain)
* HOMEPAGE:
* http://iharder.sourceforge.net/current/java/base64/
This product contains a modified version of 'JZlib', a re-implementation of
zlib in pure Java, which can be obtained at:
* LICENSE:
* license/LICENSE.jzlib.txt (BSD Style License)
* HOMEPAGE:
* http://www.jcraft.com/jzlib/
This product optionally depends on 'Protocol Buffers', Google's data
interchange format, which can be obtained at:
* LICENSE:
* license/LICENSE.protobuf.txt (New BSD License)
* HOMEPAGE:
* http://code.google.com/p/protobuf/
This product optionally depends on 'SLF4J', a simple logging facade for Java,
which can be obtained at:
* LICENSE:
* license/LICENSE.slf4j.txt (MIT License)
* HOMEPAGE:
* http://www.slf4j.org/
This product optionally depends on 'Apache Commons Logging', a logging
framework, which can be obtained at:
* LICENSE:
* license/LICENSE.commons-logging.txt (Apache License 2.0)
* HOMEPAGE:
* http://commons.apache.org/logging/
This product optionally depends on 'Apache Log4J', a logging framework,
which can be obtained at:
* LICENSE:
* license/LICENSE.log4j.txt (Apache License 2.0)
* HOMEPAGE:
* http://logging.apache.org/log4j/
This product optionally depends on 'JBoss Logging', a logging framework,
which can be obtained at:
* LICENSE:
* license/LICENSE.jboss-logging.txt (GNU LGPL 2.1)
* HOMEPAGE:
* http://anonsvn.jboss.org/repos/common/common-logging-spi/
This product optionally depends on 'Apache Felix', an open source OSGi
framework implementation, which can be obtained at:
* LICENSE:
* license/LICENSE.felix.txt (Apache License 2.0)
* HOMEPAGE:
* http://felix.apache.org/
This product optionally depends on 'Webbit', a Java event based
WebSocket and HTTP server:
* LICENSE:
* license/LICENSE.webbit.txt (BSD License)
* HOMEPAGE:
* https://github.com/joewalnes/webbit
---
name: Apache Log4j
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.2.17
libraries:
- log4j: log4j
notices:
- log4j: |
Apache log4j
Copyright 2007 The Apache Software Foundation
---
name: JSON Small and Fast Parser
license_category: binary
module: druid-pac4j
@ -2949,7 +2613,7 @@ notices:
name: JTS
license_category: binary
module: java-core
license_name: Eclipse Distribution License 1.0
license_name: Eclipse Public License 2.0
version: 1.19.0
libraries:
- org.locationtech.jts: jts-core
@ -2957,33 +2621,11 @@ libraries:
notices:
- jts-core: |
The JTS Topology Suite is a Java library for creating and manipulating vector geometry.
Eclipse Distribution License 1.0
Eclipse Distribution License 1.0 / Eclipse Public License 2.0
- jts-io-common: |
Eclipse Distribution License 1.0
Eclipse Distribution License 1.0 / Eclipse Public License 2.0
---
name: Apache Avro
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.7.4
libraries:
- org.apache.avro: avro
notices:
- avro: |
Apache Avro
Copyright 2009-2013 The Apache Software Foundation
---
name: Apache Directory
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.0.0-M20
libraries:
- org.apache.directory.api: api-asn1-api
---
name: Apache Directory
license_category: binary
@ -2999,73 +2641,6 @@ notices:
---
name: Apache Directory Server
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 2.0.0-M15
libraries:
- org.apache.directory.server: apacheds-i18n
- org.apache.directory.server: apacheds-kerberos-codec
notices:
- apacheds-i18n: |
ApacheDS I18n
Copyright 2003-2013 The Apache Software Foundation
- apacheds-kerberos-codec: |
ApacheDS Protocol Kerberos Codec
Copyright 2003-2013 The Apache Software Foundation
---
name: Apache HTrace
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 4.0.1-incubating
libraries:
- org.apache.htrace: htrace-core4
notices:
- htrace-core4: |
htrace-core4
Copyright 2015 The Apache Software Foundation
---
name: Apache Zookeeper
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 3.4.6
libraries:
- org.apache.zookeeper: zookeeper
notices:
- zookeeper: |
Apache ZooKeeper
Copyright 2009-2012 The Apache Software Foundation
---
name: Apache Curator
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 2.7.1
libraries:
- org.apache.curator: curator-client
- org.apache.curator: curator-framework
- org.apache.curator: curator-recipes
notices:
- curator-client: |
Curator Client
Copyright 2011-2015 The Apache Software Foundation
- curator-framework: |
Curator Framework
Copyright 2011-2015 The Apache Software Foundation
- curator-recipes: |
Curator Recipes
Copyright 2011-2015 The Apache Software Foundation
---
name: components from Jackson
license_category: binary
@ -3084,55 +2659,6 @@ notice: |
For additional credits (generally to people who reported problems)
see CREDITS file.
---
name: Jetty
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 6.1.26
libraries:
- org.mortbay.jetty: jetty-sslengine
- org.mortbay.jetty: jetty-util
notice: |
==============================================================
Jetty Web Container
Copyright 1995-2009 Mort Bay Consulting Pty Ltd
==============================================================
The Jetty Web Container is Copyright Mort Bay Consulting Pty Ltd
unless otherwise noted. It is dual licensed under the apache 2.0
license and eclipse 1.0 license. Jetty may be distributed under
either license.
The javax.servlet package used was sourced from the Apache
Software Foundation and is distributed under the apache 2.0
license.
---
name: snappy-java
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
version: 1.0.4.1
libraries:
- org.xerial.snappy: snappy-java
notices:
- snappy-java: |
This product includes software developed by Google
Snappy: http://code.google.com/p/snappy/ (New BSD License)
This library containd statically linked libstdc++. This inclusion is allowed by
"GCC RUntime Library Exception"
http://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html
== Contributors ==
* Tatu Saloranta
* Providing benchmark suite
* Alec Wysoker
* Performance and memory usage improvement
---
@ -3163,16 +2689,6 @@ libraries:
---
name: com.github.pjfanning jersey-json
license_category: binary
module: druid-kerberos
license_name: CDDL 1.1
version: 1.20
libraries:
- com.github.pjfanning: jersey-json
---
name: org.codehaus.woodstox stax2-api
license_category: binary
version: 4.2.1
@ -3462,16 +2978,6 @@ libraries:
---
name: Jersey
license_category: binary
module: extensions/druid-avro-extensions
license_name: CDDL 1.1
version: 1.19.4
libraries:
- com.sun.jersey: jersey-json
---
name: jaxb
license_category: binary
module: extensions/druid-avro-extensions
@ -3547,18 +3053,6 @@ libraries:
---
name: xmlenc
license_category: binary
module: extensions/druid-hdfs-storage
license_name: BSD-3-Clause License
version: 0.52
copyright: Ernst de Haan
license_file_path: licenses/bin/xmlenc.BSD3
libraries:
- xmlenc: xmlenc
---
name: Apache Kafka
version: 3.6.0
license_category: binary
@ -3594,15 +3088,6 @@ notices:
---
name: snappy-java
license_category: binary
module: extensions/druid-kafka-indexing-service
license_name: Apache License version 2.0
version: 1.1.8.4
libraries:
- org.xerial.snappy: snappy-java
---
name: Apache Parquet
license_category: binary
@ -3744,19 +3229,6 @@ libraries:
---
name: SLF4J API
version: 1.7.10
license_category: binary
module: hadoop-client
license_name: MIT License
copyright: QOS.ch
license_file_path: licenses/bin/slf4j.MIT
libraries:
- org.slf4j: slf4j-api
- org.slf4j: slf4j-log4j12
---
name: JNI binding for Zstd
license_category: binary
module: java-core
@ -3808,18 +3280,6 @@ additional_license_statement: except src/google/protobuf/stubs/atomicops_interna
---
name: JLine
license_category: binary
module: java-core
license_name: BSD-3-Clause License
version: 0.9.94
copyright: Marc Prud'hommeaux
license_file_path: licenses/bin/jline.BSD3
libraries:
- jline: jline
---
name: ANTLR 4 Runtime
license_category: binary
module: java-core
@ -3897,17 +3357,6 @@ libraries:
---
name: LevelDB JNI
license_category: binary
module: hadoop-client
license_name: BSD-3-Clause License
version: 1.8
copyright: FuseSource Corp.
license_file_path: licenses/bin/leveldb-jni.BSD3
libraries:
- org.fusesource.leveldbjni: leveldbjni-all
---
name: Paranamer
license_category: binary
@ -4070,18 +3519,6 @@ libraries:
---
name: Expression Language 3.0
license_category: binary
module: java-core
license_name: CDDL 1.1
version: 3.0.0
copyright: Oracle and/or its affiliates.
license_file_path: licenses/bin/javax.CDDL11
libraries:
- org.glassfish: javax.el
---
name: JAXB Runtime
license_category: binary
module: java-core
@ -4200,18 +3637,6 @@ libraries:
---
name: stax-api
license_category: binary
module: hadoop-client
license_name: CDDL 1.1
version: 1.0-2
copyright: Oracle and/or its affiliates.
license_file_path: licenses/bin/javax.CDDL11
libraries:
- javax.xml.stream: stax-api
---
name: jsp-api
license_category: binary
module: hadoop-client
@ -4350,16 +3775,6 @@ libraries:
---
name: XZ
license_category: binary
module: hadoop-client
license_name: Public Domain
version: 1.0
libraries:
- org.tukaani: xz
---
name: Apache ORC libraries
license_category: binary
module: extensions/druid-orc-extensions
@ -4528,33 +3943,6 @@ notices:
---
name: Metrics Core Library
license_category: binary
module: extensions/kafka-extraction-namespace
license_name: Apache License version 2.0
version: 2.2.0
libraries:
- com.yammer.metrics: metrics-core
notices:
- metrics-core: |
Metrics
Copyright 2010-2013 Coda Hale and Yammer, Inc., 2014-2017 Dropwizard Team
This product includes software developed by Coda Hale and Yammer, Inc.
---
name: JOpt Simple
license_category: binary
module: extensions/kafka-extraction-namespace
license_name: MIT License
copyright: Paul R. Holser, Jr.
version: 3.2
license_file_path: licenses/bin/jopt-simple.MIT
libraries:
- net.sf.jopt-simple: jopt-simple
---
name: Scala Library
license_category: binary
module: extensions/kafka-extraction-namespace
@ -4829,17 +4217,6 @@ libraries:
---
name: Scala Library
license_category: binary
version: 2.11.12
module: druid-ranger-security
license_name: BSD-3-Clause License
libraries:
- org.scala-lang: scala-library
copyright: LAMP/EPFL and Lightbend, Inc.
---
name: snappy-java
license_category: binary
version: 1.1.10.4