sbp commented on issue #173: URL: https://github.com/apache/tooling-trusted-release/issues/173#issuecomment-2976758963
Yeah, the release policy calls these "additional" packages, and we don't yet automatically detect them in ATR. Detection would need to be heuristic; the alternative is that we can have users themselves indicate whether a package is source or additional. Ideally we'd run the automatic detector for the user, and then if they notice anything wrong they can manually fix it. As you (and the release policy) say, in those cases the location of the LICENSE and NOTICE files is distribution dependent. At first, in the alpha phases for example, we could just say "we detected that this is an additional package, so we relax the check". But it would be great if we could build up a sort of library of expected locations going forward. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tooling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tooling.apache.org For additional commands, e-mail: dev-h...@tooling.apache.org
