I don't think there is a problem with that. Please note that as far as Apache is concerned any artefact consideres to be "Apache superset" needs to be available from it's official release location. So it's fine to "copy" this over to pypi/docker but not to have a "different" release at those locations.
B. P.S. a docker build would be nice, with proper security settings please ;-) Sent from my iPhone > On 9 Aug 2019, at 23:44, Maxime Beauchemin <[email protected]> wrote: > > Hi all, > > How should we go about convenience releases? Currently I'm thinking > Pypi.org, but we could think about Docker / DockerHub as well. > > First thing to know is that a convenience release for Superset is likely to > contain minified [aka "compiled"] javascript out of hundreds of libs. In > theory these libs are scanned and approved by FOSSA license-wise, and > generating that report will be part of the release process. Is that ok? I > mean is Apache ok with us distributing that bundle? > > Alternatively, it could *not* contain the minified javascript. We'd have to > find some solutions to a few challenges. Maybe run a new `superset > build-js` CLI command that would: > * bootstrap `npm` locally > * download JS build deps > * build locally (minutes) > * find a place to put these files (can't mutate Python's install dir > "site-packages") > * ... > > On the docker side, maybe an official Dockerfile, but no official DockerHub > entry? > > Max
