www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Connolly <stephen.alan.conno...@gmail.com>
Subject Re: Clarification about D&O insurance and bad acts
Date Thu, 29 May 2014 14:55:31 GMT
On 29 May 2014 15:54, Stephen Connolly <stephen.alan.connolly@gmail.com>
wrote:

> Actually I like the QA analogy ;-)
>
> And a QA department is not going to check every toy in every batch of
> toys.... instead they will do a random check... either checking one toy at
> random in each batch (or a fraction of batches), or checking all toys in a
> small fraction of batches.
>

Oh! and if they find a failure then they will obviously call halt and start
checking more... and only reduce the level of checks once things return to
normal.


>
> So following the QA analogy, if each PMC member does some random
> spot-checks as a QA assurance that the required buts are present... would
> that be OK?
>
>
> On 29 May 2014 13:14, Mark Struberg <struberg@yahoo.de> wrote:
>
>> +1
>>
>> Think about it like a QA department of a production line in a company
>> building children toys.
>>
>> Of course all employees take care to not introduce a failure which might
>> harm children. But even then it _might_ happen.
>>
>> Now what would happen if such a failure really appears? They would sue
>> the hell out of this company...
>>
>> By having a QA department which does an independent check if all is fine
>> over and over again this risk might get reduced. And even if a failure
>> still slips through it will help the company to not get hit too hard at
>> least.
>>
>> LieGrue,
>> strub
>>
>> --------------------------------------------
>> On Thu, 29/5/14, Jim Jagielski <jim@jaguNET.com> wrote:
>>
>>  Subject: Re: Clarification about D&O insurance and bad acts
>>  To: legal-discuss@apache.org
>>  Date: Thursday, 29 May, 2014, 13:49
>>
>>  Not sure what you mean by
>>  that... One of the aspects
>>  of verifying a
>>  release is checking that the bits going out
>>  are, in fact, the expected and correct bits...
>>  which sounds
>>  like src verification to me.
>>  And is, obviously, appropriate
>>  and
>>  necessary.
>>
>>  On May 28, 2014,
>>  at 2:47 PM, Brian LeRoux <b@brian.io> wrote:
>>
>>  > Agreed! That said, src
>>  verification for releases is not always appropriate or
>>  necessary. (Depending on the project, the people and their
>>  unique attributes.)
>>  >
>>  > On May 28, 2014 1:01 PM, "Jim
>>  Jagielski" <jim@jagunet.com>
>>  wrote:
>>  > That is true. But doing normal
>>  work-in-progress, and the
>>  > oversight
>>  thereof, is a different thing than doing a
>>  > release.
>>  >
>>  > One does not negate the other, nor does it
>>  remove the
>>  > need for the other. Saying
>>  "we do X oversight for our day
>>  > to
>>  day development" does not mean that no oversight is
>>  > needed for a release, simply because
>>  it's a different
>>  > kind of oversight
>>  for a different kind of activity.
>>  >
>>  > On May 27, 2014, at 5:22 PM, Brian LeRoux
>>  <b@brian.io> wrote:
>>  >
>>  > > We could both
>>  wax hypothetical about the merit of humans and error
>>  proneness. My point is whatever is work-in-progress is a
>>  daily responsibility and not something to be left for the
>>  last minute check by others. Ever.
>>  >
>>  >
>>  > >
>>  > > On
>>  Tue, May 27, 2014 at 2:59 PM, Ross Gardler <rgardler@opendirective.com>
>>  wrote:
>>  > > Brian, you are absolutely
>>  correct. However, SVN is not the release and so having
>>  reviewed commits is not the same as having reviewed the
>>  release. In a well run project where people are reviewing
>>  code commits there should be no problem. But people make
>>  errors and you would be surprised how often those errors
>>  slip through.
>>  > >
>>  >
>>  > Furthermore, since I (as a committer) cannot guarantee
>>  that I reviewed every change to every file between release a
>>  and release b I cannot, as a PMC member, be certain that the
>>  necessary files are present and correct. If I were to vote
>>  +1 without having reviewed the release then my vote would be
>>  worthless when it comes to demonstrating that our policy has
>>  been followed for that release.
>>  > >
>>  > > Ross
>>  > >
>>  > >
>>  > >
>>  > >
>>  > >
>>  > >
>>  > > On 27 May
>>  2014 10:25, Brian LeRoux <b@brian.io> wrote:
>>  > > From my perspective this is a daily
>>  requirement of a responsible committer. That final check
>>  isn't hurting anything but it is not even remotely
>>  acceptable for a committer to not be constantly vigilant
>>  when landing commits to our source.
>>  >
>>  >
>>  > >
>>  > > On
>>  Sun, May 25, 2014 at 11:05 AM, Lawrence Rosen <lrosen@rosenlaw.com>
>>  wrote:
>>  > > Ross Gardler wrote:
>>  > >
>>  > > > In my
>>  mind (and I am not a lawyer so that means almost nothing in
>>  these situations) the requirement to have 3 PMC members
>>  indicate that, to the best of their knowledge, the release
>>  is compliant with the policy is sufficient.
>>  > >
>>  > >
>>  > >
>>  > > Leaving my
>>  lawyer hat off for a bit, it seems so to me too. I'm not
>>  worried. I wasn't even worried about that when I served
>>  on the board. /Larry
>>  > >
>>  > >
>>  > >
>>  > > From: Ross Gardler [mailto:rgardler@opendirective.com]
>>  > > Sent: Saturday, May 24, 2014 8:08
>>  PM
>>  > > To: legal-discuss@apache.org;
>>  Larry Rosen
>>  > > Subject: Re:
>>  Clarification about D&O insurance and bad acts
>>  > >
>>  > >
>>  <snip>
>>  > >
>>  >
>>  >
>>  > >
>>  > >
>>  > >
>>  > >
>>  >
>>  >
>>  >
>>  ---------------------------------------------------------------------
>>  > To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>  > For additional commands, e-mail: legal-discuss-help@apache.org
>>  >
>>
>>
>>
>>  ---------------------------------------------------------------------
>>  To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>  For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>

Mime
View raw message