www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Harui <aha...@adobe.com>
Subject Re: Bundling and LICENSE
Date Thu, 07 Apr 2016 04:31:47 GMT
When you say "you can't turn a blind eye" does that mean we must vote to cancel the release?
 If so, then there is an effective veto in the release process.  Or do you mean that we must
take that information into consideration?  I guess I'm still trying to understand if PMC members
can use their judgement and still vote to release if someone else spots something that looks
odd at the last minute before the vote closes, especially in third-party content.  If the
expected consequence is to fix it in the next release, then it seems it would better suit
the "release early and often" philosophy to not bog down the release by using policy to force
cancellation and instead, ship the release and fix it in a future release if necessary.

Because if there is no allowance for judgement, then a person who does not trust the L&N
can effectively force those who want to trust the L&N to not be able to trust the L&N
by exposing them to potential issues.  And if you then say as you did up-thread that problems
found are the responsibility of the entire PMC, then that person who found the issue can essentially
force those who would rather trust the L&N to be the messenger of bad news to the third-party
by not bringing the message to the third-party themselves.  That doesn't feel very "Apache"
to me.  Using policy to force others to do work they don't want to do to scratch your itch
doesn't seem right.  Forcing people to take a "no trust" position doesn't seem right either.

My interpretation of the Apache way would be that PMC members could have the option say to
someone who does not trust the L&N and finds an issue:  "Hmm, well, I choose to trust
their top-level documents.  Maybe it is a clerical error on the part of the third-party. 
Please work with the third-party to see if they want to make any adjustments to their top-level
documents so we will know how to respond in our top-level documents.  Anyone else who is interested
in also working with that third-party, please help"  Yes, that puts the onus on the person
reporting the issue to do the work or recruit someone to do the work, but isn't that how the
scratch-your-own-itch philosophy is supposed to work?  IMO, if we could operate this way,
we would release more often and I think we might attract more RMs, and the release process
would feel more like a "potluck" than a grind.

Thanks,
-Alex

From: Mark Thomas <markt@apache.org<mailto:markt@apache.org>>
Reply-To: "legal-discuss@apache.org<mailto:legal-discuss@apache.org>" <legal-discuss@apache.org<mailto:legal-discuss@apache.org>>
Date: Wednesday, April 6, 2016 at 8:16 AM
To: "legal-discuss@apache.org<mailto:legal-discuss@apache.org>" <legal-discuss@apache.org<mailto:legal-discuss@apache.org>>
Subject: Re: Bundling and LICENSE


I think it is perfectly reasonable to trust the L&N you find but that doesn't mean you
can turn a blind eye if you spot something that looks odd. Some folks will want to check in
more detail than others and that is fine.

Mark


Mime
View raw message