On Wed, Dec 5, 2012 at 1:03 PM, Rob Weir <rabas...@gmail.com> wrote: > On Dec 5, 2012, at 4:44 AM, Oliver-Rainer Wittmann > <orwittm...@googlemail.com> wrote: > >> Hi, >> >> In the thread regarding our planned release for further languages - thread >> subject "[RELEASE]: new languages for AOO 3.4.1" - a discussion took place >> about what we want/should release and what kind of binary packages should be >> made available and on which location. >> Thus, I just want to share what I had learned in the discussions with Apache >> members at the ApacheCon EU 2012 regarding releases made by an ASF project. >> The discussion was more or less about all paragraphs in section "What Is A >> Release?" found at [1]: >> <my lesson learned> >> A release - in nomenclature of ASF - is more or less the publication of the >> open source material of an ASF project. >> A binary packages which are produced on the basis of a certain release are >> only for the convenience to the users. These binary packages do not belong >> to the released material. >> </my lesson learned> > > > > If you ask 5 Apache Members on this you will get 5 interpretations. I > know. I've seen many conflicting interpretations on the Incubator > general list. > > >> >> My conclusions for our AOO project releases are: >> - An AOO release consists of the source package which we are creating based >> on a certain revision of our source code repository. >> - We are producing certain binary packages based on the same source code >> repository revision which we had tested in advanced. >> - We are providing the produced binary packages as convenience to our users >> together this the publication of our release. >> > > But from this you cannot conclude that a project may publish binaries > with lesser degree of review and approval than we do for a release.
What I took from this, as we have all seen and supposedly understand the ASF release guidelines and what they mean, is the appropriate place(s) to house our binaries, beta or not. Right now our production releases of these are NOT in our ASF "dist" area, nor should they be I guess. But, you are correct, we absolutely should NOT publish binaries without undergoing scrutiny. The binaries are, for the most part, our deliverable and the product that is used. > Remember our Notice obligations stem from the use of 3rd party open > source. This is more than just an ASF policy question. Ditto for > proper license file. > > Also, Remember, our binaries are the source files for some consumers, > those who repackage, e.g. WinPenPack. So proper review of the IP is > essential. > > I'd recommend simply producing a RC and having a 72 hour vote. This > won't kill anyone. I don't see what we're so scared of. We review blog > posts for 72 hours before publishing. Is it really such a bad thing to > have a review and approval of binaries before publishing? > > -Rob > > >> [1] http://www.apache.org/dev/release.html#releases >> >> >> Best regards, Oliver. -- ---------------------------------------------------------------------------------------- MzK “How wrong is it for a woman to expect the man to build the world she wants, rather than to create it herself?” -- Anais Nin
