On Oct 2, 2007, at 5:33 PM, Robert Burrell Donkin wrote:
On 9/28/07, Niclas Hedhman <[EMAIL PROTECTED]> wrote:
On Friday 28 September 2007 17:12, Guillaume Nodet wrote:
On 9/28/07, Bertrand Delacretaz <[EMAIL PROTECTED]> wrote:
What we care about is that podlings get the "legal stuff" right,
and
letting releases out without this being ok is not an option, due to
potential legal risks.
I thought projects in incubator were not endorsed by the ASF, hence
the ASF could not be responsible for the legal stuff in podling
releases... Did I miss something here ?
Yes, you missed the fact that Incubator is part of ASF, and the
Incubator are
doing the releases on behalf of the podling.
AFAIUI, we are responsible of the legal aspects of the releases
(i.e. upstream
sources), but we have no practical responsibilities towards the
downstream
users.
+1
the disclaimer is really aimed at informing users and has no force
in law
the responsibility for the release rests with those IPMCers who
vote in favour
I think most people would agree that reviews should be "strict" -- as
many problems as possible should be identified during a release
review. However, there seem to be some who feel that voting for
incubator releases can be a bit more "lenient".
If I understand the Incubator process correctly, there is some
relaxation of standards for incubator releases. Perhaps there is some
confusion on just what requirements are relaxed for incubator
releases. The following summarizes my understanding. Is it more or
less correct?
IIUC, the external dependencies of an incubating project need not
strictly conform to Apache policy. For instance, a project may enter
incubation with dependencies on artifacts that have an excluded
license (http://people.apache.org/~rubys/3party.html#category-x).
It's my understanding that incubator releases could be created with
these dependencies. However, the project would be expected to be
working to remove these dependencies (certainly would be expected to
be removed prior to graduation). Is my understanding correct?
This relaxation of Apache policy towards external dependency policy
does not translate to a relaxation of licensing requirements. Any
Apache release must observe and follow the license requirements of
the artifacts that it contains (no matter what category the license
falls under). Failure to adhere to the license requirements of these
dependencies are non-negotiable. Once identified, they must be
addressed prior to release.
--kevan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
