Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update NOTICE #492

Merged
merged 2 commits into from
Sep 12, 2023
Merged

Update NOTICE #492

merged 2 commits into from
Sep 12, 2023

Conversation

imsudiproy
Copy link
Contributor

Update Notice
@xerial xerial self-assigned this Aug 22, 2023
NOTICE Outdated
Comment on lines 19 to 44
== Export Control Notice ==
This distribution includes cryptographic software. The country in
which you currently reside may have restrictions on the import,
possession, use, and/or re-export to another country, of
encryption software. BEFORE using any encryption software, please
check your country's laws, regulations and policies concerning the
import, possession, or use, and re-export of encryption software, to
see if this is permitted. See <http://www.wassenaar.org/> for more
information.

The U.S. Government Department of Commerce, Bureau of Industry and
Security (BIS), has classified this software as Export Commodity
Control Number (ECCN) 5D002.C.1, which includes information security
software using or performing cryptographic functions with asymmetric
algorithms. The form and manner of this Apache Software Foundation
distribution makes it eligible for export under the License Exception
ENC Technology Software Unrestricted (TSU) exception (see the BIS
Export Administration Regulations, Section 740.13) for both object
code and source code.

The following provides more details on the included cryptographic software:

This software uses the SSL libraries from the Jetty project written
by mortbay.org.
Hadoop Yarn Server Web Proxy uses the BouncyCastle Java
cryptography APIs written by the Legion of the Bouncy Castle Inc.
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a copy from Hadoop's notice file, but snappy-java's jar itself doesn't contain any of Hadoop products as a dependency, so this statement unnecessarily scares jar-only users of snappy-java.

This notice applied only to the source/test code, not to the published jar files. I think adding a pointer to the Hadoop's NOTICE file is more appropriate here than copying everyt sentence.

@xerial xerial merged commit 9f29b5c into xerial:master Sep 12, 2023
@xerial
Copy link
Owner

xerial commented Sep 12, 2023

@imsudiproy Thanks for the fix. Merged

@imsudiproy
Copy link
Contributor Author

@xerial you're welcome. Sorry for the late response.

@imsudiproy imsudiproy deleted the notice branch September 12, 2023 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants