www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John D. Ament (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LEGAL-287) Legal review of Apache Maturity Model
Date Wed, 25 Jan 2017 11:33:26 GMT

    [ https://issues.apache.org/jira/browse/LEGAL-287?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15837595#comment-15837595

John D. Ament commented on LEGAL-287:


The reason I'm bringing this up to legal, many podlings and IPMC members seem to semi-treat
this page as required.  Many people looking at it identify issues with the contents (Jim Apple's
response being only the latest in a line).  For those reviewing it, seeing contents here that
don't line up to actual ASF policy is an issue.  We're asking projects to compare themselves
to things not expected policy wise.  So my question is more around "is this document meant
to be new/additional policy?"

> Legal review of Apache Maturity Model
> -------------------------------------
>                 Key: LEGAL-287
>                 URL: https://issues.apache.org/jira/browse/LEGAL-287
>             Project: Legal Discuss
>          Issue Type: Question
>            Reporter: John D. Ament
> I'd like to ask the legal team to review the maturity model - http://community.apache.org/apache-way/apache-project-maturity-model.html
> There are some clauses that don't sound quite right, either they don't align to the existing
foundation policies or seem to mis-state them.
> CD30 - Does this preclude that the tooling required to build cannot be distributed with
the package? What about projects that require lua or other interpreted language (e.g. not
> LC30 and LC20 seem to duplicate each other
> LC50 - I'm not sure what copyright has to do here.  Its been discussed that copyright
!= licensing.  The SGA is a license to use code under Apache v2 license.  Copyright claims
may be added to NOTICES in accordance with that.
> RE40 - Seems to imply that convenience binaries are expected.
> RE50 - While a good idea, seems to be a subtle foundation policy change.
> QU* - All seem to be new policy.  Specifically, security is more of a foundation-wide
requirement with foundation-wide rules for handling.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message