On Thu, May 14, 2009 at 3:48 AM, Jonathan Ellis <[email protected]> wrote:
> On Thu, May 14, 2009 at 5:24 AM, ant elder <[email protected]> wrot > > "Do not include any links on the project website that might encourage > > non-developers to download and use nightly builds, snapshots, release > > candidates, or any other similar package. The only people who are > > supposed to know about such packages are the people following the dev > > list (or searching its archives) and thus aware of the conditions > > placed on the package. If you find that the general public are > > downloading such test packages, then remove them. > > What problem is this policy supposed to solve? The days of someone > downloading a nightly build and being surprised it's not release > quality are long gone, if they ever existed. > > In my mind the point of having nightly builds available is so that > someone can check to see if a bug he ran into is fixed in the latest > code before filing a bug report, or try out new features before an > official release. > > I guess you could argue that such people are ipso facto "developers" > but in that case we come back again to ... what problem does this > solve? > A lot of the policies at the ASF are rooted in Intellectual Property land, which is probably why they can sound so backwards sometimes :) Basically the ASF is liable for any tarball that you release as long as it's blessed by the ASF stamp. How the blessing takes place and limiting the liabilities are both strong motivations for the policies to exist. Heck, the foundation has been created just to protect developers against those liabilities. Placing a tarball under your own account is a somewhat clear indicator that it's just a snapshot and as such is pretty much "use at your own risk", from both a code quality and an IP standpoint (i.e. does it contain GPL'd code?). Placing it under a project URL usually indicates that it's been properly voted and is therefore "clean". > This really seems like an area that projects should be able to set > their own policy guided by common sense. > Fuck no :) None of us are lawyers, yet releasing is unfortunately a step in that land. Releasing open source is even more touchy. Believe it or not, there are companies that employ lawyers to check releases licensing before adopting one. Even Eclipse does that. So releases are really an area where you want to have very tight common policies, the last thing the ASF wants is an official, ASF-endorsed release continaing some GPL code or code copy / pasted from proprietary software by a careless contributor. > > (Is the ASF a place where I can raise questions like this without > being shut down with "this is how we do things here, go away if you > don't like it?" I guess we will see.) > Hopefully not, always feel free to ask why. But people around here are busy and sometimes saying "put up or shut up" is so much quicker :) Matthieu > > -Jonathan >
