www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henri Yandell (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LEGAL-287) Legal review of Apache Maturity Model
Date Wed, 25 Jan 2017 08:49:26 GMT

    [ https://issues.apache.org/jira/browse/LEGAL-287?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15837391#comment-15837391
] 

Henri Yandell commented on LEGAL-287:
-------------------------------------

Primarily these seem like questions for the author of that page. One question of which I'd
ask is whether there is intended to be a progression of maturity in the numbers; is X50 >
X10, X10 > X50 or they are just random items that incorrectly imply ordering due to numbers
being chosen.

On your specifics:

* CD30 - not seeing that this item is relevant to legal-discuss@ (same with some of the others).
That said - you're nitpicking. A lua project is already built, and the widely available tool
may be a computer. Least that's what I'd argue :)
* LC30 & LC20 are not the same items. LC20 appears to be related to Category A, while
LC30 is the undefined 'Open Source software' and may be intended to meet the first item on
the resolved.html Criteria (meets Open Source Definition). 
* LC50 - hard to know what was intended; this could be intended to indicate that a level of
maturity is for the provenance of all of the code is clear.
* RE40 - I disagree, the word is 'can', not 'must'. Using the word 'may' would imo be better
policy-speak.
* RE50 - I'm not aware that that is a foundation position; specifically the 'someone new to
the project'.
* QU* - This is no more a new 'policy' than any other part of the page. 

(Now starting to wince with Incubator mentor hat on at the notion that projects may have to
start self-reviewing their 'maturity model').

> Legal review of Apache Maturity Model
> -------------------------------------
>
>                 Key: LEGAL-287
>                 URL: https://issues.apache.org/jira/browse/LEGAL-287
>             Project: Legal Discuss
>          Issue Type: Question
>            Reporter: John D. Ament
>
> I'd like to ask the legal team to review the maturity model - http://community.apache.org/apache-way/apache-project-maturity-model.html
> There are some clauses that don't sound quite right, either they don't align to the existing
foundation policies or seem to mis-state them.
> CD30 - Does this preclude that the tooling required to build cannot be distributed with
the package? What about projects that require lua or other interpreted language (e.g. not
compiled).
> LC30 and LC20 seem to duplicate each other
> LC50 - I'm not sure what copyright has to do here.  Its been discussed that copyright
!= licensing.  The SGA is a license to use code under Apache v2 license.  Copyright claims
may be added to NOTICES in accordance with that.
> RE40 - Seems to imply that convenience binaries are expected.
> RE50 - While a good idea, seems to be a subtle foundation policy change.
> QU* - All seem to be new policy.  Specifically, security is more of a foundation-wide
requirement with foundation-wide rules for handling.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message