Shaofeng SHI created KYLIN-3862:

             Summary: Check the binary packages
                 Key: KYLIN-3862
             Project: Kylin
          Issue Type: Task
            Reporter: Shaofeng SHI

As to the approval of binary packages:
It's not possible in general to check the exact contents of a binary, however 
there are some checks that should be made:
- sigs and hashes must be OK
- the package must contain the correct NOTICE and LICENSE files for the 
included content
- the package must not contain any content not derived from the source.
- in the case of bundled binaries, reviewers must check that all contents are 
represented in the LICENSE (and NOTICE file if required).
The bundle must not contain any files that are prohibited from distribution 
(category X).

This message was sent by Atlassian JIRA

Reply via email to