Fix sub-package LICENSE files + add build-from-source docs#1634
Open
skrawcz wants to merge 3 commits into
Open
Fix sub-package LICENSE files + add build-from-source docs#1634skrawcz wants to merge 3 commits into
skrawcz wants to merge 3 commits into
Conversation
The sub-package LICENSE files were copied verbatim from the main apache-hamilton package, carrying a bundled-code notice for hamilton/experimental/databackend.py. That file only ships in the main package, not in any sub-package, so the notice was inaccurate. - sdk, contrib, lsp: remove the databackend.py MIT notice - lsp: fix the pygls/ls_setup.py reference to use the archive-relative path (tests/ls_setup.py) instead of the monorepo path Addresses ASF mentor -1 on apache-hamilton-lsp 0.2.0-RC1.
The apache-hamilton-ui wheel bundles a compiled frontend (hamilton_ui/build/) containing third-party JavaScript dependencies (React, Redux, Chart.js, React Flow, etc.), but the wheel's LICENSE did not account for them. - ui/backend/LICENSE: remove the inaccurate databackend.py notice (that file ships only in the main apache-hamilton package) and document that the wheel bundles a compiled frontend whose per-dependency license texts live in hamilton_ui/build/THIRD-PARTY-LICENSES.txt - ui/frontend/package.json: add a 'licenses' script that generates THIRD-PARTY-LICENSES.txt for production deps via license-checker-rseidelsohn - apache_release_helper.py: run 'npm run licenses' after the frontend build so the attribution file is bundled into the wheel All bundled frontend deps are permissive (MIT, Apache-2.0, BSD, ISC, etc.). Addresses ASF release-policy requirement for binary artifacts that bundle third-party code.
The ASF mentor noted the source releases did not explain how to build the wheel from the source distribution. Add a 'Building from source' section to each sub-package README: - sdk, lsp, contrib: flit build --no-use-vcs - ui: backend-only sdist builds directly; the wheel requires building the frontend (npm install/build/licenses), copying it into the package, then building the wheel — matching what apache_release_helper.py does
jernejfrank
reviewed
Jun 16, 2026
jernejfrank
left a comment
jernejfrank
left a comment
Contributor
There was a problem hiding this comment.
I just have that one thing with the license file link, happy to resolve if it is not an issue
|
|
||
| # License | ||
|
|
||
| The code here is licensed under the Apache 2.0 license. See the main repository [LICENSE](../../LICENSE) for details. |
Contributor
There was a problem hiding this comment.
Quick Q: when we make a release, we only have artefacts of this folder in the tarball, will the License link not break?
|
|
||
| ## License | ||
|
|
||
| Apache 2.0. See the main repository [LICENSE](../../LICENSE) for details. |
Contributor
There was a problem hiding this comment.
same here with the relative link to repo root
| git, which is what you want when building from an unpacked source release. | ||
|
|
||
| # License | ||
| The code here is licensed under the Apache 2.0 license. See the main repository [LICENSE](../../LICENSE) for details. |
pjfanning
reviewed
Jun 16, 2026
| LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
| OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
| SOFTWARE. | ||
| This package is distributed in two forms: |
Member
There was a problem hiding this comment.
I don't think this should be in the license - can it go in the readme?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Addresses the ASF mentor -1 on apache-hamilton-lsp 0.2.0-RC1 (and the same latent issues in the other sub-packages).
1. LICENSE: stale
databackend.pynotice (all sub-packages)Each sub-package's LICENSE was copied verbatim from the main
apache-hamiltonpackage, carrying a bundled-code notice forhamilton/experimental/databackend.py— a file that ships only in the main package, not in any sub-package. Removed from sdk, contrib, lsp, and ui.2. LICENSE: lsp pygls path
The pygls/
ls_setup.pynotice used the monorepo pathdev_tools/language_server/tests/ls_setup.py, which doesn't resolve inside the re-rooted archive. Fixed to the archive-relative pathtests/ls_setup.py.3. LICENSE: UI bundled frontend attribution
The
apache-hamilton-uiwheel bundles a compiled frontend (hamilton_ui/build/) containing third-party JavaScript dependencies (React, Redux, Chart.js, React Flow, etc.) with no attribution.ui/frontend/package.json: newlicensesscript generatingTHIRD-PARTY-LICENSES.txtfor production deps (license-checker-rseidelsohn)scripts/apache_release_helper.py: runsnpm run licensesafter the frontend build so the file is bundled into the wheelui/backend/LICENSE: documents the bundled frontend and points tohamilton_ui/build/THIRD-PARTY-LICENSES.txtAll bundled frontend deps are permissive (MIT, Apache-2.0, BSD, ISC, etc.). Verified the rebuilt wheel contains
hamilton_ui/build/THIRD-PARTY-LICENSES.txtand the corrected LICENSE.4. Build-from-source docs
The mentor couldn't tell how to build the wheel from the source distribution. Added a "Building from source" section to all four READMEs:
flit build --no-use-vcsapache_release_helper.pydoes.Follow-up
Requires re-cutting RC2 for all four sub-packages after merge.