www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nathan Beyer <ndbe...@apache.org>
Subject Re: Clarification on the release requirements
Date Thu, 30 Apr 2009 02:08:50 GMT
On Wed, Apr 29, 2009 at 8:04 PM, Ralph Goers <ralph.goers@dslextreme.com> wrote:
>
> On Apr 29, 2009, at 5:06 PM, Nathan Beyer wrote:
>
>>>>
>>>
>>> If you want to consider your SCM unreliable then sure.
>>
>> It's a distributed/networked system, you have to assume it will be
>> unreliable.
>>>
>
> Huh?
> So if I do a checkout of trunk and someone does a commit while I am doing
> that I am going to get a screwed up checkout? I don't think so.

Huh?
I'm talking about the network - the network's not reliable. Jason
referred to a set of network transactions that must happen in "rapid
succession". Though it is unlikely for failures or errors to happen in
between, it's still possible and must be mitigated.

>
> If I checkout a tag and someone screws with the tag while I am checking out
> (highly unlikely) no matter what system you use this will be screwed up. If
> I don't get the change then what I "released", even if I tar it up first and
> build from the tar,  doesn't match the tag - which is unacceptable. While
> the source tar has to be buildable SVN has to be the system of record. If it
> can't be trusted to be then we should just call it a day.

I think within your statement here is a hint at the core issue - SVN
is not the system or record, source of truth or whatever you want to
call it for everyone when it comes to ASF source releases.

As I understand it, SVN or any SCM system is the non-normative form of
the source release - the normative form is the archived source, which
is cryptographically signed and has been voted upon.

It seems like this is pretty fundamental concept that would need to be
determined to more formally define the policy.

-Nathan

>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message