[PIO-69] Update LICENSE.txt and NOTICE.txt for binary distribution

[takezoe]

I added sbt-license-report plugin. It's possible to generate licences-notice.csv which contains only non-ASL libraries by following script.

sbt/sbt clean
sbt/sbt dumpLicenseReport

sbt/sbt storage/clean
sbt/sbt storage/dumpLicenseReport

find . -name "*-licenses.csv" -exec cat {} >> licences-concat.csv \;
cat licences-concat.csv | sort | uniq | grep -v Apache | grep -v ASL | grep -v "org.apache" | grep -v "commons-" | grep -v predictionio > licences-notice.csv

The result in the latest develop branch is:

BSD,BSD (LICENSE.txt),jline # jline # 0.9.94,
BSD,BSD (http://software.clapper.org/grizzled-slf4j/license.html),org.clapper # grizzled-slf4j_2.10 # 1.0.2,
BSD,BSD (http://www.jcraft.com/jsch/LICENSE.txt),com.jcraft # jsch # 0.1.42,
BSD,BSD-like (http://www.scala-lang.org/downloads/license.html          ),org.scala-lang # scala-library # 2.10.6,
BSD,BSD-like (http://www.scala-lang.org/downloads/license.html    ),org.scala-lang # scala-compiler # 2.10.6,
BSD,BSD-like (http://www.scala-lang.org/downloads/license.html    ),org.scala-lang # scala-reflect # 2.10.6,
BSD,BSD-like (http://www.scala-lang.org/downloads/license.html    ),org.scala-lang # scalap # 2.10.6,
BSD,New BSD License (http://www.opensource.org/licenses/bsd-license.php),com.esotericsoftware # kryo # 3.0.3,
BSD,New BSD License (http://www.opensource.org/licenses/bsd-license.php),com.esotericsoftware # minlog # 1.3.0,
BSD,New BSD License (http://www.opensource.org/licenses/bsd-license.php),com.esotericsoftware # reflectasm # 1.10.1,
BSD,New BSD License (http://www.opensource.org/licenses/bsd-license.php),com.esotericsoftware.kryo # kryo # 2.21,
BSD,New BSD License (http://www.opensource.org/licenses/bsd-license.php),com.esotericsoftware.minlog # minlog # 1.2,
BSD,New BSD License (http://www.opensource.org/licenses/bsd-license.php),com.esotericsoftware.reflectasm # reflectasm # 1.07,
BSD,New BSD license (http://www.opensource.org/licenses/bsd-license.php),com.google.protobuf # protobuf-java # 2.5.0,
BSD,New BSD license (http://www.opensource.org/licenses/bsd-license.php),com.google.protobuf # protobuf-java # 2.6.1,
BSD,The BSD License (http://www.opensource.org/licenses/bsd-license.php),xmlenc # xmlenc # 0.52,
CDDL,COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 (http://www.sun.com/cddl/cddl.html),javax.xml.stream # stax-api # 1.0-2,
CDDL,Common Development and Distribution License (CDDL) v1.0 (https://glassfish.dev.java.net/public/CDDLv1.0.html),javax.activation # activation # 1.1,
Category,License,Dependency,Notes
Common Public License,Common Public License Version 1.0 (http://www.opensource.org/licenses/cpl1.0.txt),junit # junit # 4.11,
GPL,GPL2 w/ CPE (http://glassfish.java.net/public/CDDL+GPL_1_1.html),com.sun.jersey # jersey-core # 1.8,
GPL,GPL2 w/ CPE (http://glassfish.java.net/public/CDDL+GPL_1_1.html),com.sun.jersey # jersey-json # 1.8,
GPL,GPL2 w/ CPE (http://glassfish.java.net/public/CDDL+GPL_1_1.html),com.sun.jersey # jersey-server # 1.8,
GPL,GPL2 w/ CPE (https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html),javax.xml.bind # jaxb-api # 2.2.2,
GPL,GPL2 w/ CPE (https://glassfish.java.net/public/CDDL+GPL_1_1.html),com.sun.xml.bind # jaxb-impl # 2.2.3-1,
GPL,GPL2 w/ CPE (https://glassfish.java.net/public/CDDL+GPL_1_1.html),org.jvnet.mimepull # mimepull # 1.9.5,
MIT,MIT (https://github.com/softprops/semverfi/blob/0.1.3/LICENSE),me.lessis # semverfi_2.10 # 0.1.3,
MIT,MIT License (http://www.opensource.org/licenses/mit-license.php),com.github.scopt # scopt_2.10 # 3.5.0,
MIT,MIT License (http://www.opensource.org/licenses/mit-license.php),org.slf4j # slf4j-api # 1.7.14,
MIT,MIT License (http://www.opensource.org/licenses/mit-license.php),org.slf4j # slf4j-log4j12 # 1.7.18,
MIT,MIT License (http://www.opensource.org/licenses/mit-license.php),org.slf4j # slf4j-log4j12 # 1.7.5,
Mozilla,Mozilla Public License Version 1.1 (http://www.mozilla.org/MPL/MPL-1.1.txt),org.jamon # jamon-runtime # 2.3.1,
Public Domain,Public Domain (http://creativecommons.org/licenses/publicdomain),com.github.stephenc.high-scale-lib # high-scale-lib # 1.1.1,
Public Domain,Public Domain,org.tukaani # xz # 1.0,
unrecognized,none specified (none specified),asm # asm # 3.1,
unrecognized,none specified (none specified),com.fasterxml.jackson.core # jackson-annotations # 2.6.0,
unrecognized,none specified (none specified),com.fasterxml.jackson.core # jackson-core # 2.6.6,
unrecognized,none specified (none specified),com.fasterxml.jackson.core # jackson-databind # 2.6.6,
unrecognized,none specified (none specified),com.fasterxml.jackson.dataformat # jackson-dataformat-cbor # 2.6.6,
unrecognized,none specified (none specified),com.google.guava # guava # 11.0.2,
unrecognized,none specified (none specified),com.sun.jersey # jersey-core # 1.9,
unrecognized,none specified (none specified),com.sun.jersey # jersey-json # 1.9,
unrecognized,none specified (none specified),com.sun.jersey # jersey-server # 1.9,
unrecognized,none specified (none specified),com.thoughtworks.paranamer # paranamer # 2.3,
unrecognized,none specified (none specified),com.thoughtworks.paranamer # paranamer # 2.6,
unrecognized,none specified (none specified),javax.servlet # servlet-api # 2.5,
unrecognized,none specified (none specified),javax.servlet.jsp # jsp-api # 2.1,
unrecognized,none specified (none specified),org.codehaus.jettison # jettison # 1.1,
unrecognized,none specified (none specified),org.hamcrest # hamcrest-core # 1.3,
unrecognized,none specified (none specified),org.mortbay.jetty # jetty # 6.1.26,
unrecognized,none specified (none specified),org.mortbay.jetty # jetty-util # 6.1.26,
unrecognized,none specified (none specified),org.objenesis # objenesis # 2.1,
unrecognized,none specified (none specified),org.ow2.asm # asm # 5.0.3,
unrecognized,none specified (none specified),org.slf4j # slf4j-api # 1.7.18,
unrecognized,none specified (none specified),org.slf4j # slf4j-api # 1.7.2,
unrecognized,none specified (none specified),org.slf4j # slf4j-api # 1.7.5,
unrecognized,none specified (none specified),org.slf4j # slf4j-api # 1.7.7,
unrecognized,none specified (none specified),tomcat # jasper-compiler # 5.5.23,
unrecognized,none specified (none specified),tomcat # jasper-runtime # 5.5.23,
unrecognized,none specified (none specified),xml-apis # xml-apis # 1.3.04,

I checked the license of all libraries in this report and all of them can be included in the binary distribution. Also I added their license text to LICENSE.txt and updated make-distribution.sh to include LICENSE.txt and NOTICE.txt in the binary distribution.

[takezoe]

I added license information for the binary distribution to LICENSE.txt and NOTICE.txt, but rather it might be nice to create separate files for the binary distribution.

[takezoe]

I checked the license of all non-ASL libraries and all them can be included as binary form in the distribution. I added their license text to LICENSE.txt and updated make-distribution.sh to include LICENSE.txt and NOTICE.txt in the binary distribution.

I think all tasks about 3rd party license is done. Let me know if I have to do something else.

[dszeto]

@takezoe Excellent work. Thanks! 🎉

I think the only concern left is to make sure whenever we add a new dependency that does not have clear indication of license compatibility, it will be caught automatically. We probably need to write a script and put in an exclusion file for those that we have manually verified, and put this check as part of our automated tests.

[takezoe]

@dszeto

We probably need to write a script and put in an exclusion file for those that we have manually verified, and put this check as part of our automated tests.

OK, I will include them in this pull request.

[takezoe]

@dszeto I added tests/check_libraries.sh to check library dependencies and it's also available on the Travis build. It would be failed when there are any changes in library dependencies. Then we can check the report and update LICENSE.txt.