On Aug 16, 2010, at 6:32 PM, Mike Kienenberger wrote:
Every ASF release must contain a source package, which must be sufficient for a user to build and test the release provided they have access to the appropriate platform and tools. The source package must be cryptographically signed by the Release Manager with a detached signature; and that package together with its signature must be tested prior to voting +1 for release. Folks who vote +1 for release may offer their own cryptographic signature to be concatenated with the detached signature file (at the Release Manager's discretion) prior to release.
Actually, re-reading the above and it doesn't state a need of a working pom.xml or build.xml, just the source that is matching the binaries. In this respect we don't violate this. We do not provide a buildfile, but a Java developer will be able to build the source regardless (e.g. by writing build.xml himself, or importing sources in Eclipse).
Andrus
