I have a project which uses a large number of LGPL, Artistic and other open-source licensed libraries. What's the canonical (i.e. the "standard") way of acknowledging multiple sources in a single project download?
Also, some of the sources I've used are from sites where using the code is okay, but publishing the source isn't. What's the usual manner of attribution in that case, and the usual manner of making the source available in an open-source project?
Disclaimer:
If you want a real advice, you probably have to ask a lawyer (which I'm not).
This is how I do it, but I didn't consult a lawyer either.
To everybody who reads this: feel free to tell me what I'm doing wrong :-)
What I do:
I always put an "Acknowledgements" section in the readme file of my OSS projects:
### Acknowledgements
MyCoolTool makes use of the following open source projects:
- [Json.NET](http://json.codeplex.com/)
- [Mercurial.Net](http://mercurialnet.codeplex.com/)
- [MSBuild Community Tasks](http://msbuildtasks.tigris.org/)
- [WiX](http://wix.codeplex.com/)
(it's in Markdown, because Github/Bitbucket display that nicely formatted on the project's main page - this is an actual example from on of my projects on Bitbucket)
Plus, I check in the license files together with the libraries.
I'm not sure if this is really necessary - but most of the licenses say something like "you must distribute the binaries together with this license".
When I started worrying about licensing stuff (what license do I use for my own code? Do the licenses of the OSS projects that I want to use comply with my license?), I looked at a lot of other OSS projects to see how other people do this.
Well, most of the OSS projects I looked at just had the libraries of their dependencies in source control, but not the license files.
Even better, lots of projects have a "you must distribute this license with the binaries" license, but still they don't even distribute their own license file with their own official binary download! :-)
