[Java] EPL Dependencies #40896
Description
Describe the bug, including details regarding any error messages, version, and platform.
Hi,
Please could I ask when and why the Eclipse Collections dependencies were introduced? This puts EPL dependencies into the dependency tree. Our clients are in the financial sector and these kind of licensing issues often cause a lot more pain that you might think they should!
We are a FINOS project and use their license classification scheme which is available here:
https://community.finos.org/docs/governance/software-projects/license-categories/
I see Apache has a similar policy:
https://apache.org/legal/resolved.html
The EPL is category B for both FINOS and Apache. We picked this up because it flagged with our license checks in CI. Although we can add an exception and start reproducing the license in NOTICE and LICENSE files, including it in our distribution packages etc., this doesn't help when clients have their own license scanning and acceptance process for getting software into the enterprise. For this reason, we generally try to stick to "Category A" licenses and count anything that pulls in category B dependencies as being category B. (We do use category B for testing, compliance checks and other non-shipped components).
Please can you share some info on the reasoning around this decision? Is there any appetite to reverse if the touch points are small and/or there are alternatives available, perhaps something from Apache Commons? More generally, do you have a view on your policy towards category B licenses going forward?
I'll be very interested to hear your thoughts on this subject!
Component(s)
Java