incubator-cassandra-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ant elder <ant.el...@gmail.com>
Subject Re: Cassandra 0.3 RC is out
Date Thu, 14 May 2009 15:06:27 GMT
On Thu, May 14, 2009 at 3:39 PM, Matthieu Riou <matthieu.riou@gmail.com> wrote:
>  On Thu, May 14, 2009 at 3:48 AM, Jonathan Ellis <jbellis@gmail.com> wrote:
>
>> On Thu, May 14, 2009 at 5:24 AM, ant elder <ant.elder@gmail.com> wrot
>> > "Do not include any links on the project website that might encourage
>> > non-developers to download and use nightly builds, snapshots, release
>> > candidates, or any other similar package. The only people who are
>> > supposed to know about such packages are the people following the dev
>> > list (or searching its archives) and thus aware of the conditions
>> > placed on the package. If you find that the general public are
>> > downloading such test packages, then remove them.
>>
>> What problem is this policy supposed to solve?  The days of someone
>> downloading a nightly build and being surprised it's not release
>> quality are long gone, if they ever existed.
>>
>> In my mind the point of having nightly builds available is so that
>> someone can check to see if a bug he ran into is fixed in the latest
>> code before filing a bug report, or try out new features before an
>> official release.
>>
>> I guess you could argue that such people are ipso facto "developers"
>> but in that case we come back again to ... what problem does this
>> solve?
>>
>
> A lot of the policies at the ASF are rooted in Intellectual Property land,
> which is probably why they can sound so backwards sometimes :) Basically the
> ASF is liable for any tarball that you release as long as it's blessed by
> the ASF stamp. How the blessing takes place and limiting the liabilities are
> both strong motivations for the policies to exist. Heck, the foundation has
> been created just to protect developers against those liabilities.
>
> Placing a tarball under your own account is a somewhat clear indicator that
> it's just a snapshot and as such is pretty much "use at your own risk", from
> both a code quality and an IP standpoint (i.e. does it contain GPL'd code?).
> Placing it under a project URL usually indicates that it's been properly
> voted and is therefore "clean".
>
>

AIUI this is also for _your_ benefit, so just to make that point
really clear imagine some IP belonging to some other company slipped
in somehow without their permission and that company sues then if you
have it available on your own personal space somewhere its you they
sue but if its done as an official release by an ASF PMC then its the
ASF that gets dragged to court and the individual project developers
are protected.

   ...ant

Mime
View raw message