On Tue, May 1, 2012 at 1:20 PM, Norbert Thiebaud <[email protected]> wrote: > On Tue, May 1, 2012 at 11:48 AM, Rob Weir <[email protected]> wrote: >> >> We accept relatively small contributions without an ICLA. But all >> contributions get reviewed, and all releases go through scans (what we >> call RAT == Release Audit Tool) and are voted on in a transparent, >> open process. > > RAT does not help you track to provenance of patches applied to existing > files. > RAT only check that a correct/compatible license is claimed, not that > it is true. >
Correct. That is why we have committers that apply patches, and committers that review patches and can veto patches. And then we have a vote by the entire PMC, and in our case also by the IPMC, to approve a release. So it is multiple stages of review and approval, as befits the important question. The RAT scan provides an automated inspection that finds some, but not all issues. We think it is useful. But in the interest of mutual information exchange and sharing, can you tell us how TDF/LO determines that the code is sufficiently clean, from an IP perspective, to release? This would be useful to understand. -Rob >> >> For larger contributions, an ICLA (or an SGA) is in order. Ditto for >> smaller ones, if there are questions/concerns. Remember, any >> committer can veto a patch. So incoming patches without an ICLA need >> to meet a high bar to get into the code. My default posture would be >> to veto any patch more than 10 lines long that does not come with an >> iCLA. > > really? so why didn't you veto r1182539, for example ? > > Norbert
