Thanks for approving me to be a committer to Orbit. As I’m new here and came across this discussion, I thought I’d double check before I do anything. To be clear, we don’t need to open a new CQ to add libraries that have already been approved? If so, I would recommend updating the FAQ , the “Before you do anything”  and checklist  to reflect this, since they contradict what has been discussed in this thread.
On Mon, Apr 6, 2020 at 10:13 AM Wayne Beaton
> I've developed a prototype tool that can be used to vet the license of content based on identifiers (e.g. Maven GAV). I'm moving this to Eclipse Dash. One of the things that the tool does now is cite the source of the vetted license information ("CQ999", "clearlydefined", or "projectcode"). I've been thinking of extending this to include a URL pointer to the source.
> For this new regime to work, we depend on regular IP Log checks. We do IP Log checks when projects engage in release reviews. Per the EDP, a project needs to engage in a release review only once every year.
> Since I believe that Eclipse Orbit engages in what could be considered releases, I believe that it is reasonable to require that the project engage in an annual review like every other open source project at the Eclipse Foundation. Feel free to argue with me.
Seems reasonable. As long as this tool can be automated somehow through our
CI builds, I think it should be painless. I'll try out the tool at
least to start
embedding the data into the builds.
orbit-dev mailing list
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/orbit-dev