flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Harui <aha...@adobe.com>
Subject Re: [DRAFT] Apache FlexJS 0.7.0 and Apache Flex FalconJX 0.7.0 Released
Date Thu, 15 Sep 2016 04:15:45 GMT

On 9/14/16, 4:27 PM, "Justin Mclean" <justin@classsoftware.com> wrote:

>Perhaps the question we should be asking is why are other PMC members are
>not finding these issues earlier as well?

Well, I can only speak for myself, but I have learned over the years that,
while we can't say "Community over Policy" since policy is important,
community is still more important than trying to nail every last detail of
the licensing.  For sure, early on, I thought we had to nail every last
detail, but senior Apache members have advised us that we can use "trust"
and "intent" in approving releases.  So I look at harder at what we are
saying is our source, take a trusting, high-level look at what
third-parties say we can do and go from there.  Because if we do make a
mistake in the details, it isn't the end of the world, we can fix it in
the next release, and the best way to guarantee there will be a next
release is to make sure the release process is quick and more like a
celebration of work completed than a grind through fine print.  If we can
do that, we might find more folks will want to be release managers,
releases will take less energy so they can happen more often, and the
community will grow as a result.  IOW, I am always looking for reasons to
ship, not reasons not too, especially late in the game.

Now also for sure, there is nobody in the entire foundation (not just this
project) who is better than you at finding licensing issues, and if you
want to help other PMC members find more of these issues, it would be
great if you could share your processes with us and the ASF in general.

Another way to look at it is that if the ASF truly cared about nailing
every last detail, the policy would be that you could use a licensing
issue to veto a release.  It puzzled me for a while that it wasn't that
way, but I've come to think that the real goal is to build communities and
share source code without involving lawyers and tons of time.  I think the
ASF realizes that these communities are almost all non-lawyers trying to
make the world better through shared code and they may (as we know) have
not nailed their documentation down to the last detail.  And thus, we
don't have to look too hard, especially at third-party bundles.  If
something comes up, we can deal with it in the next release.  We can trust
that third-parties are not trying to lay some trap or sneak in a trojan

I personally don't enjoy grinding through the details of license and
notice stuff.  My sense is that there are several others in our community
who feel the same way and wonder if others have left us and what other
code we could have done, and contributors we could have attracted if we
didn't spend as much time grinding on it.  As long as the right
attribution is there at a high-level, I think we are good to go and
volunteers can improve it, just like we improve our code, over time.

Now let's push the NPM bits, get the announcement out, and get going on
the building the future of Flex.


View raw message