Return-Path: Delivered-To: apmail-repository-archive@www.apache.org Received: (qmail 44473 invoked from network); 19 Jan 2004 23:27:46 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 19 Jan 2004 23:27:46 -0000 Received: (qmail 15007 invoked by uid 500); 19 Jan 2004 23:27:32 -0000 Delivered-To: apmail-repository-archive@apache.org Received: (qmail 14974 invoked by uid 500); 19 Jan 2004 23:27:32 -0000 Mailing-List: contact repository-help@apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: repository@apache.org Delivered-To: mailing list repository@apache.org Received: (qmail 14960 invoked from network); 19 Jan 2004 23:27:32 -0000 Received: from unknown (HELO skutsje.san.webweaving.org) (209.132.96.45) by daedalus.apache.org with SMTP; 19 Jan 2004 23:27:32 -0000 Received: from skutsje.san.webweaving.org (localhost [127.0.0.1]) by skutsje.san.webweaving.org (8.12.9/8.12.9) with ESMTP id i0JNNmEJ073445 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 19 Jan 2004 15:23:48 -0800 (PST) (envelope-from dirkx@webweaving.org) Received: from localhost (dirkx@localhost) by skutsje.san.webweaving.org (8.12.9/8.12.9/Submit) with ESMTP id i0JNNmHQ073442; Mon, 19 Jan 2004 15:23:48 -0800 (PST) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: skutsje.san.webweaving.org: dirkx owned process doing -bs Date: Mon, 19 Jan 2004 15:23:48 -0800 (PST) From: Dirk-Willem van Gulik X-X-Sender: dirkx@skutsje.san.webweaving.org To: repository@apache.org cc: jason@maven.org Subject: Re: Developer Repository In-Reply-To: <400C65FA.8080901@latte.harvard.edu> Message-ID: <20040119151327.K96763@skutsje.san.webweaving.org> References: <400C20D6.2090802@latte.harvard.edu> <400C2212.4030400@chalko.com> <400C3454.30108@latte.harvard.edu> <20040119125226.O96763@skutsje.san.webweaving.org> <400C4679.7040805@latte.harvard.edu> <20040119142446.V96763@skutsje.san.webweaving.org> <400C65FA.8080901@latte.harvard.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N On Mon, 19 Jan 2004, Mark R. Diggory wrote: > Just to clarify, the maven repository at ibiblio is not just for apache, > there is content within it that is not created by apache. Sure - that is clear, and that is not the concern. > www.ibiblio.org/maven is the "canonical" source for the maven repository > specifically because it is an "organizationally neutral" location. Clear - but ass explained before; neutral is exactly -not- what is required for the authoritative copy or tools as under an ASF banner. On the other hand if maven wants to be totally "organizationally neutral" it should not be an shelter as an ASF project. Again - if the Foundation, for whatever reason, needs to pull a file or release; its own tools better follow suit as appropriate. In developer terms: Sure, clients can override, there can be caching; but if we pull a file, and some person, a week later can 'take a clean machine, fetch maven from the asf, do a 'default' install' then it should not contain that pulled file. If it does we have a problem. A lot of our protection relies on not beeing an attractive target when infringing; i.e. we pull, we clean - then analyse and put the file back or apologize as appropriate. As soon as we loose that control it starts to border on will full infringement, punitive damages and other things taking up developer energy. This propblem can be solved in many ways; metadata is one; while still using ibiblio and others for mirroring in a neutral fashion. But as soon as we hardcode things to any third part in ASF released code we better understand what relation we have with that party. Often that is not an issue; but releases are one of the few areas where we do have exposure. And no - having an MoU is propably not the right thing to do. DW