- pátek 31. července 2020 10:00:01 CEST, Neil C Smith - > On Fri, 31 Jul 2020 at 06:20, Jaroslav Tulach <[email protected]> wrote: > > How will those guys find out what has happened and how to fix the problem? > > When their build breaks they look it up / come and ask us. If we get > a few queries, we put a notice on the front page of the website. > Don't see an issue here at all.
I am not a fan of punishing users for using my API/product. > > PS: Redirecting to Oracle server is acceptable, redirecting to my backup > > isn't? What a level of trust. Thank you, Neil! > > Fixed that for you! ;-) > > This has nothing to do with trust. and everything to do with > transparency. And ASF trademarks, domains, etc. Transparently > redirecting previously existing links away from Apache to the > third-party owner of the legacy artefacts, and putting responsibility > for those on them, is fundamentally different to redirecting to a > different new third party, even you! Are either or both acceptable in > the longer term? That's something we should discuss as a PMC. But I > don't think we should just accept they amount to the same thing, or we > should do it without informing people. If one can guarantee the bits are identical, I'd say both situations are the same. What if Apache server delivers the checksum files and my server delivers the JARs? That would be both license correct (3rd party JARs goes from elsewhere) as well as secure (Maven would refuse any changed JAR) from ASF perspective. > You should now have been CC'd into an off-list email conversation > involving Oracle on these. I haven't noticed any conversation. -jt --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
