corinthia-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: Release_0.1
Date Thu, 13 Aug 2015 22:37:59 GMT
Responses in-line

-----Original Message-----
From: jan i [mailto:jani@apache.org] 
Sent: Thursday, August 13, 2015 11:49
To: dev@corinthia.incubator.apache.org; Dennis Hamilton <dennis.hamilton@acm.org>
Subject: Re: Release_0.1

On 13 August 2015 at 20:32, Dennis E. Hamilton <dennis.hamilton@acm.org>
wrote:

> With regard to the question asked below,
>
> My only wish about the voting process is that there be enough time for
> anyone to vet the release candidate.  Also, votes should not be based on
> sentiment but by actually checking the release candidate in some way
> (verifying digital signatures and hashes, verifying the code installs in a
> fresh machine, verifying that whatever builds and tests by following the
> instructions works without incident other than limitations described in any
> README, etc.).  This is a [P]PMC responsibility, although it will be nice
> if others on this list also did so.
>
would 7 days be sufficient ?
<orcmid>
Yes
</orcmid>

[ ... ]
> Possible Clarification
> ----------------------
>
> I think that if binaries are provided, the LICENSE and NOTICE files that
> install with the binaries must reflect the license conditions on everything
> (and only that) included in the binary distribution.  A README or related
> file and to acknowledge contributions and dependencies is useful for
> information that is not legally required in NOTICE.
>
We do not provide binaries. If you think of a compiled version of corinthia
it is not part of the release but made available e.g. by PPMC members.
<orcmid>
Understood.  There is no need to consider the different LICENSE and NOTICE files that might
apply to binaries.
</orcmid>

>
> I don't understand "- If we only link to a third party library and do not
> include it in the license, we do not need to mention it anywhere (as is
> this is no legal issue)."  Do you mean "If we only link to a third party
> library and do not include it in the [source] code ..."?
>
I did did mean "LICENSE" file, but your wording is better. Justin made me
aware that if you only link to a library, and do not include it in the
source zip, it does not belong in LICENSE. We do not supply any third party
libraries in binary form (we supply a single in source form, and that is
mentioned in LICENSE)

>
> Also, if it is a mandatory dependency in order to build the released
> source into a functional result, license of the third party library still
> matters with regard to ASF policy (which goes beyond what is legally
> required).
>
Well is Justin tells me it has no legal effect and should not be mentioned
in LICENSE; then I do believe him (he wets 5-6 releases every month, so he
surely have more experience).
<orcmid>
  I was not clear.  I was not talking about LICENSE but the fact of a 
  license on an external dependency necessary to build usable source.
</orcmid>
>
> It would be very useful if Justin communicated here directly and we could
> resolve any nuances of understanding with him.
>
MIght be, but we will not take a license discussion in here. We discuss
whether or not the release will pass and when Justin tells me he is
prepared to vote +1 for the source zip then I am satisfied.

 I have not been discussing at all with Justin, but simply made the changes
he asked for, and I suggest we as podling do not question that judgement.
Whether or not link dependencies should be included in the LICENSE in
general is outside our scope.
<orcmid>
  I think it would be good to have such discussions/requests recorded on our public list,
whatever their nature.  
</orcmid>

rgds
jan i.


Mime
View raw message