www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ross Gardler <rgard...@opendirective.com>
Subject Re: Clarified Release Policy
Date Tue, 27 May 2014 14:58:42 GMT
Good catch Sebb. As I said in my original post, I believe it is MUST for
policy conformance a ND optional for other items (test, build etc. these
items can be automated).

On Tue, May 27, 2014 at 7:37 AM, sebb <sebbaz@gmail.com> wrote:

On 27 May 2014 03:33, Marvin Humphrey <marvin@rectangular.com <javascript:;>>
> On Sat, May 24, 2014 at 12:21 AM, Ross Gardler
> <rgardler@opendirective.com <javascript:;>> wrote:
>> For me the most important part of voting +1 is that the individual is
>> asserting that they have reviewed the source for compliance with ASF
>> policies. You have this in the last sentence as "verifying that the
>> meets the requirements of the ASF policy on releases". However, it almost
>> feels like an afterthought rather than the most important part. I would
>> this to the front of the paragraph and possibly even add "including, but
>> limited to, verifying license files, notice file, ... as described
> I agree that this suggestion improves the policy draft and IMO reordering
> not constitute a policy change.  Here is a proposed mod:
>     Before casting +1 binding votes, individuals are REQUIRED to download
>     signed source code packages onto their own hardware, verify that they
>     all requirements of ASF policy on releases as described below,
>     all cryptographic signatures, compile as provided, and test the
result on
>     their own platform.

I disagree that testing is necessary to vote +1.
What is vital is that the source files have the appropriate license
and follow the ASF policy requirements to ensure the ASF has the right
to publish the files under the ALv2. If the release turns out to have
some bugs (what software doesn't?) then another release can be made.
But it is harder to undo a release of code that should not have been

If testing really is considered necessary, then testers should be
required to provide details of the platform used.

>> I would even consider making the part about meeting the requirements of
>> ASF policy a MUST and the other items a SHOULD.
> In the section under consideration, I have upcased the word "required"
> is present in the existing policy).  There is a "SHOULD" in a section on
> performing a licensing audit before each release; that one I've left
> Marvin Humphrey
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org<javascript:;>
> For additional commands, e-mail: legal-discuss-help@apache.org<javascript:;>

To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org <javascript:;>
For additional commands, e-mail: legal-discuss-help@apache.org<javascript:;>

Sent from MetroMail

View raw message