www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jukka Zitting <jukka.zitt...@gmail.com>
Subject Re: Continuous release review
Date Mon, 02 Jun 2014 20:37:25 GMT
Hi,

On Mon, Jun 2, 2014 at 12:43 PM, Emmanuel Lécharny <elecharny@gmail.com> wrote:
> Le 02/06/2014 17:18, Jukka Zitting a écrit :
>> For example, if you review and vote on releasing a specific revision
>> in the SCM, what's the added benefit of repeating the process on the
>> source bundle produced from that revision?
> AFAIU, there are two different things. As the bundle is produced by a
> automated tool (can be the maven packaging phase), the result can be
> *very* different from what we get when pulling the revision from the
> repository.

I personally don't see any compelling reasons why a source release
should be anything more than a packaged export of a tag, and some very
good reasons reasons (like the ability to verify that the sources
actually came from the scm) for why it should be just that. But I
recognize that others disagree.

Anyway, this doesn't affect my main premise. As long as there is a
deterministic process that produces the source bundle from a given scm
revision (or revisions) and the steps of verifying the correctness and
quality of that bundle can be automated (given the assumption that the
correctness and quality of original source has already been reviewed),
from the "policy invariant" perspective there should be little
difference in whether the manual review is done on the input or the
output of the process.

BR,

Jukka Zitting

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message