flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christofer Dutz <christofer.d...@c-ware.de>
Subject AW: [DRAFT] Apache FlexJS 0.7.0 and Apache Flex FalconJX 0.7.0 Released
Date Thu, 15 Sep 2016 07:34:22 GMT
Just to add my 50ct to this discussion.

Justin did bring up the issue. He even brought it when we were first discussing starting a
release. The discussion sort of dried out without a resolution, then when it came to the release,
he mentioned it again. But again no action was taken. So I too see a complaint about PMCs
coming up with such stuff in the last minute as not valid.

ASF is community over code, but the one thing the ASF deals with is protecting us as developers
as well as our users from licensing issues. It's this extra protection and care that distinguishes
Apache releases from the typical Github projects. This is why in every bank or insurance company
I was working in, there never was a discussion about using ASF software, if it's not ASF however
you have to jump quite a lot of obstacles in order to use a library. I remember quite some
rounds with legal and quality assurance people.

The ASF has earned that trust because we have people in our communities that care about this
sort of stuff. Having some legal caretaker is one of the coolest thing a project can have,
cause it lets us coding-monkeys do what we like to do and we can somehow be lazy and trust
that someone is taking care of this. I hate legal stuff. To me it's just getting in my way
... sort of as others think working on build-, code-quality or writing documentation should
be done by others.

We have a pretty heterogenous community. I know I'm definitely the build-monkey, Justin's
the legal-monkey, we have a lot of code-monkeys. Why not use the specialities of each other
instead of complaining about it? I know I have to work on my side about not ranting about
code-quality, for example, but I'm trying ... hope you guys didn't notice any recent rants
from my side ;-)

If we hadn't let the discussion about Justin's findings die when he brought it up and had
resolved the problem instead, the problem would have been solved. So how about us addressing
the issues Justin has and in case of a "I think this way, you think that way", let's involve
legal and have these things settled once and for all?


Von: Alex Harui <aharui@adobe.com>
Gesendet: Donnerstag, 15. September 2016 06:15
An: dev@flex.apache.org
Betreff: Re: [DRAFT] Apache FlexJS 0.7.0 and Apache Flex FalconJX 0.7.0 Released

On 9/14/16, 4:27 PM, "Justin Mclean" <justin@classsoftware.com> wrote:

>Perhaps the question we should be asking is why are other PMC members are
>not finding these issues earlier as well?

Well, I can only speak for myself, but I have learned over the years that,
while we can't say "Community over Policy" since policy is important,
community is still more important than trying to nail every last detail of
the licensing.  For sure, early on, I thought we had to nail every last
detail, but senior Apache members have advised us that we can use "trust"
and "intent" in approving releases.  So I look at harder at what we are
saying is our source, take a trusting, high-level look at what
third-parties say we can do and go from there.  Because if we do make a
mistake in the details, it isn't the end of the world, we can fix it in
the next release, and the best way to guarantee there will be a next
release is to make sure the release process is quick and more like a
celebration of work completed than a grind through fine print.  If we can
do that, we might find more folks will want to be release managers,
releases will take less energy so they can happen more often, and the
community will grow as a result.  IOW, I am always looking for reasons to
ship, not reasons not too, especially late in the game.

Now also for sure, there is nobody in the entire foundation (not just this
project) who is better than you at finding licensing issues, and if you
want to help other PMC members find more of these issues, it would be
great if you could share your processes with us and the ASF in general.

Another way to look at it is that if the ASF truly cared about nailing
every last detail, the policy would be that you could use a licensing
issue to veto a release.  It puzzled me for a while that it wasn't that
way, but I've come to think that the real goal is to build communities and
share source code without involving lawyers and tons of time.  I think the
ASF realizes that these communities are almost all non-lawyers trying to
make the world better through shared code and they may (as we know) have
not nailed their documentation down to the last detail.  And thus, we
don't have to look too hard, especially at third-party bundles.  If
something comes up, we can deal with it in the next release.  We can trust
that third-parties are not trying to lay some trap or sneak in a trojan

I personally don't enjoy grinding through the details of license and
notice stuff.  My sense is that there are several others in our community
who feel the same way and wonder if others have left us and what other
code we could have done, and contributors we could have attracted if we
didn't spend as much time grinding on it.  As long as the right
attribution is there at a high-level, I think we are good to go and
volunteers can improve it, just like we improve our code, over time.

Now let's push the NPM bits, get the announcement out, and get going on
the building the future of Flex.


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message