On 14 August 2013 12:01, sebb <seb...@gmail.com> wrote: > > As a member of the ASF, I do think it's my problem if software is > being released in the name of the ASF. > > The ASF is about transparency - "if it did not happen on a public > mailing list then it did not happen". > > It should be possible for anyone to review a release and provide > feedback to the PMC. > > At present the process is not transparent. > > As a member of the ASF, we elect a board to protect our responsibilities. The board delegates the responsibility of reviewing the provenance of source release bundles to each project's PMC. There is a chain of delegation of responsibilities from the members to the PMC.
If any member feel that a specific PMC is not following their delegated responsibilities correctly, their first point of call is to send a mail detailing the issue to that PMC's private@ list. If that does not result in a satisfactory response, then they should address their concern to the board. If that does not result in a satisfactory response, then they can address the membership as a whole.
