On 2015-01-06 18:53, Vincent Keunen wrote:
Good idea.
I would just remove the "only" from "Releases: source code only".
Maybe say "Releases: source code at the minimum" ? It's not a problem
to have some projects also release binaries, is it?
Releasing binaries have, to this point, always been a convenience
service provided by individuals, but that may very well change with the
new code signing service. I agree that this will need some mulling over.
Shouldn't there be also something about a minimum documentation? Not
necessarily doc on source code, but doc on the project (minimal web
site,...)?
I would add to that something about where discussions/decisions take
place, possibly something about contacting projects; private for
personal/security issues (provided they get disclosed publicly if it's a
security issue and it has been fixed), public for all else. Some
projects unfortunately have a tendency to use their private lists for
much more than committer votes and security issues, which I find is bad
practice.
With regards,
Daniel.
I can also confirm that Bertrand was talking about this to me at
Budapest. So "ages >= 2 months". :-)
Vincent
On 2015-01-06 18:28, Bertrand Delacretaz wrote:
Hi,
Creating such a model has been on my todo list for ages, and in a
related discussion on board@ people seem to agree that having this can
be useful.
So let's start - here's my rough initial list of items:
Code: open, discoverable, fully public history, documented provenance
Quality: security, backwards compatibility, etc
Contributions: welcome from anyone based on technical quality
License: Apache License, dependencies must not put additional
restrictions
Community: inclusive, meritocratic, no dictators, clear documented
path to entry
Discussions and decisions: asynchronous, in a single central place,
archived
Decision making: consensus, votes if needed, technical vetoes in the
worst case
Independence: from any corporate or organizational influence
Releases: source code only, notices, long-lived release format
Related efforts, inspiration:
http://osswatch.jiscinvolve.org/wp/2014/12/11/open-or-fauxpen-use-the-oss-watch-openness-rating-tool-to-find-out/
http://rfc.zeromq.org/spec:16
-Bertrand