felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Richard S. Hall" <he...@ungoverned.org>
Subject Re: [VOTE] Felix 1.0.0 subprojects release
Date Mon, 16 Jul 2007 01:55:23 GMT
Karl Pauls wrote:
> On 7/15/07, Niclas Hedhman <niclas@hedhman.org> wrote:
>> On Sunday 15 July 2007 07:56, Karl Pauls wrote:
>> > So how do we proceed from here? I'd personally like to pause the vote
>> > and update the source release artifacts to include the LICENSE and
>> > NOTICE files in the root. Would that be a way for you to change your
>> > vote?
>>
>> Yes, if the LICENSE and NOTICE is in root for the Source tarball, you 
>> have my
>> +1.
>
> Great. I'm working on the update. Expect the vote to continue soonish.

The updated releases with LICENSE/NOTICE files in the root of the main 
directory are now in place at the page below, but people.apache.org is 
apparently unhappy, so connectivity is spotty at best.

-> richard

>
> regards,
>
> Karl
>
>> For the Maven artifact; As I mentioned, it is still an open item on 
>> where this
>> should really be. On one side is the hard liners, which basically 
>> says that
>> Apache is about Open Source, and only source releases should be the 
>> ASF's
>> legal responsibility. Then the pragmatic bunch (majority) thinks that
>> binaries are absolutely a requirement, otherwise people won't use ASF's
>> projects, and we need a legal framework (procedures, recommendations,
>> archiving, ++) for binaries that is as good as the source ones. That is
>> essentially agreed upon for some time already. In this context, a binary
>> release refers to the produced artifacts wrapped in a tarball with
>> LICENSE/NOTICE and docs.
>>
>> Recently (a year or two) there are discussions on how should Maven 
>> artifacts
>> be handled. Now you can start splitting the binary bunch in smaller
>> undefinable camps.
>> There are three main issues; The license requirements, the archiving
>> requirements and the 'oversight' requirements.
>>
>> For long, Maven artifacts were not official, but recently there is
>> a /dist/maven-repository and according to "infrastructure team" 
>> everything
>> under /dist is official and archived. Not sure whether this is still 
>> true,
>> since /dist/maven-repository redirects to
>> http://people.apache.org/repo/m2-ibiblio-rsync-repository/, which is the
>> upload area, but I think infra is now archiving this.
>>
>> "Oversight" is slightly diffuse, but refers to the "many eyeballs" 
>> concept,
>> and is essentially a human process. Maven makes it very easy to make
>> the "release" if it wasn't for the oversight issue. And many people has
>> requested Maven community to directly support the ASF manual 
>> processes in the
>> release process in Maven, including call for VOTE, providing 
>> references to
>> the PMC vote, and so on. That is still far away.
>>
>> License requirements is mostly about the many licenses saying "prominent
>> place" to refer to where the license must be. IMHO, it should be root 
>> folder
>> of artifact. But I think people has objected due to the nature of 
>> Maven jars
>> are active artifacts, and should not be polluted by this. META-INF is
>> currently the minimum requirement, and I am still not sure whether Maven
>> artifacts are official release artifacts of ASF.
>>
>>
>> I hope that is enough preaching in one go.
>>
>>
>> Cheers
>> Niclas
>>
>
>

Mime
View raw message