www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Mclean <jus...@classsoftware.com>
Subject Re: Podling releases and ASF policy
Date Fri, 14 Jun 2019 08:42:21 GMT
Hi,

Thanks for the quick response. Just a couple of comments

> Fixable outside the release per Justin:
> - Invalid signatures and checksums    (HY: Wouldn't this be fixable?)

It might be, but I’m not sure I’d have much confident in a release where the signature
or hash was wrong. Is it the same thing that was voted on by the PPMC or not?

> These would depend on the license and situation; I would worry about whether the license
allows it to be included in the release, whether it would cause a typical user an unpleasant
surprise

I think that finding compiled code in a release is an unpleasant surprise as you have no idea
what might be in it or how it is licensed, even when it claims to be something know.

> Cat B source code is a scenario that, while it's not Cat A or B (thus I see your point
about Cat X), I think it would usually be safe.

Perhaps a possible example might help clarify. A non trivial section of code is taken from
stack overflow and put into a release. [1] Permission wasn’t asked from the owner. That
code is CC BY-SA and now contain terms related to "Effective Technological Measures", which
may come as a surprise to users. [2]

Thanks,
Justin

1. https://apache.org/legal/resolved.html#stackoverflow
2. https://apache.org/legal/resolved.html#cc-by


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message