Hi, thanks all for the suggestions. What I thought was to provide an alternative solution that can still provide users a convenient way to get a customized build. But also will not violate the distribution policy.
Here are some alternatives I thought of: 1. Generate a build command from users' selection. They can copy-paste it to run the build command in the source package locally. 2. Provide a command like `npm run build:custom` in the source release. It will start an admin page locally, where users can choose which modules to be included in the build. It can be checked and tested in the release vote. But I'm not sure if it can be deployed after release vote passed. These two alternatives may still not as easy as the current custom builder page. Users need a few more steps to get the customized version they want. Add a statement like the custom-built version can not represent the official version from Quill is a good idea if we want to keep the page. But I'm not sure if it will let users think it is not reliable. Do other PPMC members have any ideas? Thanks On Tue, Aug 4, 2020 at 12:43 AM Maxime Beauchemin <m...@preset.io> wrote: > Hi all! I recently subscribed to the mailing list and wanted to introduce > myself and offer some help. > > My name is Max and I'm the original creator of Apache Airflow (top level) > and Apache Superset (soon to graduate). The Superset community is currently > voting on this Superset Improvement Proposal [SIP-50] Proposal for using > ECharts as our main charting library > <https://github.com/apache/incubator-superset/issues/10418>, looking > forward to collaborate! > <https://github.com/apache/incubator-superset/issues/10418> > > I wanted to see how we might be able to help ECharts' graduation process as > we kick off our process for Superset. Do you all have a checklist and items > you're looking for help/support? > > Thanks, > > Max > > On Mon, Aug 3, 2020 at 7:43 AM Sheng Qian <quillq...@gmail.com> wrote: > > > > > I agree with softer way raising concern between ASF official and > > community, including: > > - Using different domain other than Apache hosting external content > > including Gallery, Extension, etc. Marking out something like “this is > not > > officially distributed by ASF” just like cookie collecting announcement > on > > websites. > > - For customized build service on browser, keep the service but also > > stated out builded version can not represent official version and it is > not > > for re-distributing. > > > > Quill > > (Actually another Sheng but to avoid confusion I will use my nickname) > > > > > 在 2020年8月3日,20:54,Sheng Wu <wu.sheng.841...@gmail.com> 写道: > > > > > > Yi Shen <shenyi....@gmail.com> 于2020年8月3日周一 下午7:21写道: > > > > > >>> > > >>> From my side, this is not the difference. The download source package > > is > > >>> never been voted is my concern. > > >>> I know the logically, it is just a subset, but whether there is a > > change > > >> or > > >>> unexpected files in the final download, we don't know. And no one > would > > >>> check. > > >>> The whole vote/check process is for manual confirmation about that, > the > > >>> source release is 100% following the ASF requirements. > > >>> > > >> > > >> I think I get your point. An important reason is the build script used > > on > > >> the custom builder page is not been checked and voted. > > >> I agree to remove this page. But there are still about 1.5k developers > > >> using this online tool everyday. > > >> We should take it carefully to guide these developers to build from > > source > > >> in local. > > >> > > > > > > I think you could start a discussion in the gerneral@incubator, to > check > > > others' ideas. Maybe they have a better solution than removing it. > > > For that page, I think you could have a terminal simulation on that > page, > > > and guide users on how to use the local command at least. > > > Or provide a docker image, which including all necessary env, then you > > just > > > provide one command. Docker image could make the pre-requirement env > have > > > been installed correctly. > > > > > > > > > Sheng Wu 吴晟 > > > Twitter, wusheng1108 > > > > > > > > >> > > >> Thanks > > >> > > >>> On Mon, Aug 3, 2020 at 4:28 PM Sheng Wu <wu.sheng.841...@gmail.com> > > wrote: > > >>> > > >>> Yi Shen <shenyi....@gmail.com> 于2020年8月3日周一 下午4:14写道: > > >>> > > >>>> Hi, Sheng > > >>>> > > >>>> The point is, you only vote for the source tar, which includes all > > >>>>> contents, with an ASC and sha512 sign. So, only that is an official > > >>>> apache > > >>>>> release. > > >>>>> > > >>>> > > >>>> I want to explain it a bit more. What we thought is bringing the > local > > >>> CLI > > >>>> to the web. > > >>>> In which developers can > > >>>> > > >>>> 1. Choose a version from the source tar list which have been voted. > > >>>> 2. Download the tar and check sha512 on the browser. > > >>>> 3. Unzip the tar and build the source into a single js file on the > > >>> browser. > > >>>> 4. Download the customized built js file. > > >>>> > > >>>> I guess the main difference between this and the local CLI is all > the > > >>>> processes are on the browser. > > >>>> Please remind us if we missed anything that may cause potential > risks > > >> in > > >>>> it. > > >>>> > > >>> > > >>> From my side, this is not the difference. The download source package > > is > > >>> never been voted is my concern. > > >>> I know the logically, it is just a subset, but whether there is a > > change > > >> or > > >>> unexpected files in the final download, we don't know. And no one > would > > >>> check. > > >>> The whole vote/check process is for manual confirmation about that, > the > > >>> source release is 100% following the ASF requirements. > > >>> > > >>> Sheng Wu 吴晟 > > >>> Twitter, wusheng1108 > > >>> > > >>> > > >>>> > > >>>> Regards. > > >>>> > > >>>> On Mon, Aug 3, 2020 at 3:03 PM Sheng Wu <wu.sheng.841...@gmail.com> > > >>> wrote: > > >>>> > > >>>>> Ovilia <oviliazh...@gmail.com> 于2020年8月3日周一 下午2:52写道: > > >>>>> > > >>>>>> Thanks Sheng for the checking. > > >>>>>> > > >>>>>> Here're my thoughts on these issues: > > >>>>>> > > >>>>>> 1. I was referring to [1] when checking the navigator. I thought > it > > >>>> meant > > >>>>>> if there's a > > >>>>>> "Sponsorship" link, it should link to xxx but I didn't realize it > > >>> means > > >>>>> the > > >>>>>> link is > > >>>>>> mandatory. The following link should be added: > > >>>>>> Sponsorship, Thanks, Apache Software Foundation. > > >>>>>> > > >>>>>> > > >>>>> Use this to check the potential issue. > > >>>>> https://incubator.apache.org/clutch/echarts.html > > >>>>> > > >>>>> > > >>>>>> 2. Gallery is a place to host ECharts works from the community, > > >>>> something > > >>>>>> similar > > >>>>>> to jsfiddle or codepen. The server is currently hosted on a Baidu > > >>>> server > > >>>>>> and we don't > > >>>>>> have a current plan to donate it to ASF. > > >>>>>> How about removing the project from the navigator and list it > > >>> somewhere > > >>>>> as > > >>>>>> a > > >>>>>> community resource? > > >>>>>> > > >>>>> > > >>>>> Agree, should make it clear, that is a part of community/ecosystem. > > >> And > > >>>> not > > >>>>> a part of ASF or Apache release. They just extend the Apache > ECharts. > > >>>>> > > >>>>> > > >>>>>> > > >>>>>> 3. Theme files are included in the source release [2] and the > > >> current > > >>>>>> download-theme page > > >>>>>> uses convenient binary files hosted on our server. Is this a > > >> problem? > > >>>>>> Extensions are mostly made by the community so they are links to > > >>>> related > > >>>>>> GitHub projects. > > >>>>>> I think we should put a more clear instruction on the > > >>>>>> download-extention page [3] that > > >>>>>> these projects are made by the community. > > >>>>>> > > >>>>> > > >>>>> I just prefer to provide a clear statement and catalogs about links > > >> to > > >>>> 3rd > > >>>>> party extensions, or Apache release. > > >>>>> That includes, how and where to report the bug/security issue when > > >>> those > > >>>>> extensions have issues. > > >>>>> Also, where should hold their discussion, such as enhancement, > > >>> iteration. > > >>>>> > > >>>>> > > >>>>>> > > >>>>>> > > >>>>>> 4. The tools are currently under translation. We didn't put a > "help > > >>>>>> translate" note because > > >>>>>> we have already found the people who wish to translate and it > > >> should > > >>> be > > >>>>>> done within a few > > >>>>>> weeks. Before then, the English Website will have a "(in Chinese)" > > >>> note > > >>>>> in > > >>>>>> the navigator. > > >>>>>> > > >>>>> > > >>>>> Good to know the progress. Could you check whether they could > finish > > >>>> those > > >>>>> before the graduation discussion in the incubator? I hope to ease > > >> other > > >>>>> people's concern. > > >>>>> > > >>>>> > > >>>>>> > > >>>>>> 5. The custom build is used to build a release with the least > > >> source > > >>>>> files > > >>>>>> required. > > >>>>>> I think the biggest concern here is that it is not using the > source > > >>>> files > > >>>>>> voted. > > >>>>>> How about we change the Web front-end logic to get the source file > > >>> from > > >>>>>> Apache SVN > > >>>>>> that has been voted, to build and be downloaded? Does that seem to > > >>> work > > >>>>> for > > >>>>>> you? > > >>>>>> > > >>>>> > > >>>>> The point is, you only vote for the source tar, which includes all > > >>>>> contents, with an ASC and sha512 sign. So, only that is an official > > >>>> apache > > >>>>> release. > > >>>>> If you provide downloads to that only, it is OK. Or, if you prefer > > >> the > > >>>>> custom mode, do you could provide a local tool to repackage the > > >> source > > >>>>> code? > > >>>>> > > >>>>> > > >>>>> > > >>>>>> > > >>>>>> > > >>>>>> > > >>>>>> [1] https://www.apache.org/foundation/marks/pmcs#navigation > > >>>>>> [2] > > >>>> https://dist.apache.org/repos/dist/release/incubator/echarts/4.8.0/ > > >>>>>> [3] https://echarts.apache.org/en/download-extension.html > > >>>>>> > > >>>>>> Thanks > > >>>>>> > > >>>>>> *Ovilia* > > >>>>>> > > >>>>>> > > >>>>>> On Mon, Aug 3, 2020 at 11:31 AM Kevin A. McGrail < > > >>> kmcgr...@apache.org> > > >>>>>> wrote: > > >>>>>> > > >>>>>>> I do not know about the links checker but I do remember there was > > >>>>>>> something cobbled together. All it is doing is testing for this > > >>>>> policy: > > >>>>>>> > > >>>>>>> https://www.apache.org/foundation/marks/pmcs#navigation > > >>>>>>> > > >>>>>>> On 8/2/2020 10:56 PM, Sheng Wu wrote: > > >>>>>>>> Hi, Ovilia > > >>>>>>>> > > >>>>>>>> I don't remember, but there is a website link check in the > > >>>> incubator, > > >>>>>>> does > > >>>>>>>> anyone/mentor remember this? > > >>>>>>>> From I read from your website, questions > > >>>>>>>> 1. There are some links missing. You could compare it with > > >>>>>>>> http://skywalking.apache.org/ links menu. > > >>>>>>>> 2. There is a menu, called Gallary Chinese. What is that? From > > >> my > > >>>>>>> reading, > > >>>>>>>> it seems more like extensions/plugins? Who owns (s) this repo? > > >>>>>>>> 3. Download part, theme, and extension, what are the > > >> differences > > >>>>>> between > > >>>>>>>> these two and Gallary? And I don't remember there is any > > >> official > > >>>>>> release > > >>>>>>>> process(vote/license check, etc.) about these. Could you > > >> clarify > > >>>> what > > >>>>>>> they > > >>>>>>>> are? > > >>>>>>>> 4. About the tool(s). From my understanding, they are > > >>> configuration > > >>>>>>>> generation for ECharts, why they are Chinese only, and do you > > >>> have > > >>>>> open > > >>>>>>>> process about how to contribute on these tools? > > >>>>>>>> 5. I noticed `Option 3: Custom Build` on the website download > > >>> page, > > >>>>> how > > >>>>>>>> this works? I am a little worried about it breaks the ASF > > >> release > > >>>>>>> process. > > >>>>>>>> Because, the source release(js mostly is not source, no binary) > > >>> is > > >>>>>> never > > >>>>>>>> being voted. I could get the points, seems you provide the > > >> users > > >>> to > > >>>>>> get a > > >>>>>>>> subset of the entire source tar. But the unvoted source tars > > >> make > > >>>> me > > >>>>>>> unsure > > >>>>>>>> whether this is acceptable in the ASF. What other mentors > > >> think? > > >>>>>>>> > > >>>>>>>> Sheng Wu 吴晟 > > >>>>>>>> Twitter, wusheng1108 > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> Ovilia <oviliazh...@gmail.com> 于2020年8月3日周一 上午10:25写道: > > >>>>>>>> > > >>>>>>>>> Dear mentors, > > >>>>>>>>> > > >>>>>>>>> Can you help us review the graduation related documents and > > >> see > > >>> if > > >>>>>>> there is > > >>>>>>>>> something > > >>>>>>>>> to be improved? > > >>>>>>>>> > > >>>>>>>>> Thanks > > >>>>>>>>> > > >>>>>>>>> *Ovilia* > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> On Sun, Aug 2, 2020 at 11:59 AM siwen su <susiw...@gmail.com> > > >>>>> wrote: > > >>>>>>>>> > > >>>>>>>>>> Hi all: > > >>>>>>>>>> > > >>>>>>>>>> I have nothing to say about website, It apply all rules of > > >>>> Apache, > > >>>>>> and > > >>>>>>>>> most > > >>>>>>>>>> importantly, add some very useful features. > > >>>>>>>>>> > > >>>>>>>>>> About reserving initial PPMC qualification, since I haven't > > >>> work > > >>>>> with > > >>>>>>>>> them, > > >>>>>>>>>> but I read about the history of ECharts, Mr Lin Zhifeng and > > >> Mr > > >>>> Dong > > >>>>>> Rui > > >>>>>>>>> had > > >>>>>>>>>> made remarkable contributions to ECharts, even thought they > > >>>> haven't > > >>>>>>>>>> contribute during incubating but It can't change the fact > > >> that > > >>>> they > > >>>>>>> have > > >>>>>>>>>> laid the foundation for ECharts, so naming they as PMC in > > >>> future > > >>>>>> would > > >>>>>>> be > > >>>>>>>>>> reasonable > > >>>>>>>>>> > > >>>>>>>>>> As for the password, distribute it via private mail list > > >>> wasn't a > > >>>>>> great > > >>>>>>>>>> idea,, like @zhongxiang mentioned, someone else would "steal" > > >>> it, > > >>>>>>>>>> especially we have discussed on dev mail list which lots of > > >>>> people > > >>>>>> know > > >>>>>>>>> how > > >>>>>>>>>> passport would be distributed. > > >>>>>>>>>> > > >>>>>>>>>> Best regard > > >>>>>>>>>> > > >>>>>>>>>> Siwen Su > > >>>>>>>>>> > > >>>>>>>>>> Zhongxiang Wang <wan...@apache.org> 于2020年7月30日周四 下午12:57写道: > > >>>>>>>>>> > > >>>>>>>>>>> Hi, > > >>>>>>>>>>> 1. The current website is following the guide of podling > > >>> website > > >>>>> and > > >>>>>>> it > > >>>>>>>>>> is > > >>>>>>>>>>> all right for me. > > >>>>>>>>>>> 2. Sending an important private key or password on email > > >>> without > > >>>>> any > > >>>>>>>>>>> encryption is obviously so unsafe. Some email clients don’t > > >>>>> encrypt > > >>>>>>> the > > >>>>>>>>>>> email content by default and this may lead to a leak of > > >>> content > > >>>> if > > >>>>>>> it’s > > >>>>>>>>>>> intercepted during the transmission. So it’s better to > > >> enable > > >>>>> email > > >>>>>>>>>>> encryption in email client and encrypt the raw password or > > >> any > > >>>>> other > > >>>>>>>>>>> important information in the content of the email by some > > >>>> advanced > > >>>>>>>>>> patterns > > >>>>>>>>>>> difficult to crack before sending to a mailing list or > > >>>> elsewhere. > > >>>>>>>>>>> 3. As for the early PMCs and committers, we should always > > >> keep > > >>>> the > > >>>>>>>>>> founder > > >>>>>>>>>>> Zhifeng Lin as PMC, who is so essential to ECharts project. > > >>> As I > > >>>>>> know, > > >>>>>>>>>> he’s > > >>>>>>>>>>> been helping silently ECharts project improve and develop by > > >>> his > > >>>>>>>>>>> professional suggestions. > > >>>>>>>>>>> > > >>>>>>>>>>> Thanks, > > >>>>>>>>>>> Zhongxiang Wang. > > >>>>>>>>>>> > > >>>>>>>>>>> On 2020/07/27 05:07:23, Ovilia <oviliazh...@gmail.com> > > >> wrote: > > >>>>>>>>>>>> Hi all, > > >>>>>>>>>>>> > > >>>>>>>>>>>> Apache ECharts (incubating) has learned and grown a lot > > >> since > > >>>> our > > >>>>>>>>>>>> incubation in Jan > > >>>>>>>>>>>> 2018. Now, I'm glad to call on a discussion about whether > > >> we > > >>>> are > > >>>>>>>>> ready > > >>>>>>>>>>> for > > >>>>>>>>>>>> graduation and > > >>>>>>>>>>>> what remains to be done. Hopefully, after this discussion, > > >> we > > >>>> can > > >>>>>> set > > >>>>>>>>>> the > > >>>>>>>>>>>> status to be > > >>>>>>>>>>>> "near graduation" in the monthly report. > > >>>>>>>>>>>> > > >>>>>>>>>>>> Updates since incubation: > > >>>>>>>>>>>> - 2 new PPMCs (and another has completed the vote and > > >>>> undergoing > > >>>>>> the > > >>>>>>>>>>>> process) and 7 > > >>>>>>>>>>>> new committers were elected and joined the community [1] > > >> and > > >>>> now > > >>>>>>>>>>>> we have committers working for more than 6 different > > >>> companies. > > >>>>>>>>>>>> - Our mailing list [2] is very active and we have 79 people > > >>>>>>>>> subscribed > > >>>>>>>>>> to > > >>>>>>>>>>>> it. > > >>>>>>>>>>>> - Released 8 versions by 2 release managers [3]; release > > >>> guide > > >>>> is > > >>>>>> at > > >>>>>>>>>> [4] > > >>>>>>>>>>>> - 73 people have contributed to the project during > > >> incubation > > >>>> [9] > > >>>>>>>>>>>> - Assessment of the maturity model is available at [5] > > >>>>>>>>>>>> - Branding issues have been solved and name searching has > > >>> been > > >>>>>>>>>> completed > > >>>>>>>>>>> [6] > > >>>>>>>>>>>> Other things we need to discuss: > > >>>>>>>>>>>> > > >>>>>>>>>>>> 1. Website > > >>>>>>>>>>>> We updated our Website [7] content, logo, document, and so > > >> on > > >>>>>>>>> according > > >>>>>>>>>>> to > > >>>>>>>>>>>> Apache rules > > >>>>>>>>>>>> and hopefully, it's following all requirements. You may > > >> help > > >>>>> check > > >>>>>>>>> the > > >>>>>>>>>>>> rules [8] and discuss > > >>>>>>>>>>>> the ones that you think need to change. > > >>>>>>>>>>>> > > >>>>>>>>>>>> 2. Sponsored CDN > > >>>>>>>>>>>> We have updated the Website with a sponsored CDN to improve > > >>>> speed > > >>>>>> in > > >>>>>>>>>>> China > > >>>>>>>>>>>> and > > >>>>>>>>>>>> created an account for all PPMCs. But we are not sure how > > >> we > > >>>>>>>>>>>> should distribute the > > >>>>>>>>>>>> password of that account? Should we send the password on > > >> the > > >>>>>> private > > >>>>>>>>>>>> mailing list? Is that safe enough? > > >>>>>>>>>>>> Also, the releasing script in the release guide [4] depends > > >>> on > > >>>>> the > > >>>>>>>>>>> password > > >>>>>>>>>>>> of the CDN > > >>>>>>>>>>>> private key. How should we distribute it? > > >>>>>>>>>>>> > > >>>>>>>>>>>> 3. PMCs and Committers > > >>>>>>>>>>>> We have to discuss what to do with the initial PPMCs that > > >> had > > >>>> no > > >>>>>>>>> clear > > >>>>>>>>>>>> contribution to > > >>>>>>>>>>>> the project during incubation. We should decide on each of > > >>>> them, > > >>>>> do > > >>>>>>>>> we > > >>>>>>>>>>> wish > > >>>>>>>>>>>> to make > > >>>>>>>>>>>> him a PMC or Committer or neither. Basically, it's decided > > >> by > > >>>> the > > >>>>>>>>>>> project, > > >>>>>>>>>>>> so please talk about how you feel about this. > > >>>>>>>>>>>> a. Lin Zhifeng https://github.com/kener > > >>>>>>>>>>>> b. Dong Rui https://github.com/erik168 > > >>>>>>>>>>>> c. Huang Houjin https://github.com/chriswong > > >>>>>>>>>>>> > > >>>>>>>>>>>> > > >>>>>>>>>>>> [1] https://echarts.apache.org/en/committers.html > > >>>>>>>>>>>> [2] > > >>> https://lists.apache.org/list.html?dev@echarts.apache.org > > >>>>>>>>>>>> [3] > > >>>>> https://dist.apache.org/repos/dist/release/incubator/echarts/ > > >>>>>>>>>>>> [4] > > >>>>>>>>>>>> > > >>>>>>>>> > > >>>>>>> > > >>>>>> > > >>>>> > > >>>> > > >>> > > >> > > > https://cwiki.apache.org/confluence/display/ECHARTS/Apache+ECharts+Release+Guide > > >>>>>>>>>>>> < > > >>>>>>>>> > > >>>>>>> > > >>>>>> > > >>>>> > > >>>> > > >>> > > >> > > > https://cwiki.apache.org/confluence/display/ECHARTS/Apache+ECharts+Release+Guide > > >>>>>>>>>>>> [5] > > >>>>>>>>>>>> > > >>>>>>>>> > > >>>>>>> > > >>>>>> > > >>>>> > > >>>> > > >>> > > >> > > > https://cwiki.apache.org/confluence/display/ECHARTS/Apache+Maturity+Model+Assessment+for+ECharts > > >>>>>>>>>>>> [6] > > >>>> https://issues.apache.org/jira/browse/PODLINGNAMESEARCH-153 > > >>>>>>>>>>>> [7] http://echarts.apache.org/ > > >>>>>>>>>>>> [8] https://incubator.apache.org/guides/sites.html > > >>>>>>>>>>>> [9] Using `git shortlog -sn --since="20 Jan, 2018"` on the > > >>>> master > > >>>>>>>>>> branch > > >>>>>>>>>>>> and merging > > >>>>>>>>>>>> alias > > >>>>>>>>>>>> > > >>>>>>>>>>>> > > >>>>>>>>>>>> Thanks > > >>>>>>>>>>>> > > >>>>>>>>>>>> *Ovilia* > > >>>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>> > > >> --------------------------------------------------------------------- > > >>>>>>>>>>> To unsubscribe, e-mail: dev-unsubscr...@echarts.apache.org > > >>>>>>>>>>> For additional commands, e-mail: > > >> dev-h...@echarts.apache.org > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>> -- > > >>>>>>> Kevin A. McGrail > > >>>>>>> kmcgr...@apache.org > > >>>>>>> > > >>>>>>> Member, Apache Software Foundation > > >>>>>>> Chair Emeritus Apache SpamAssassin Project > > >>>>>>> https://www.linkedin.com/in/kmcgrail - 703.798.0171 > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>> --------------------------------------------------------------------- > > >>>>>>> To unsubscribe, e-mail: dev-unsubscr...@echarts.apache.org > > >>>>>>> For additional commands, e-mail: dev-h...@echarts.apache.org > > >>>>>>> > > >>>>>>> > > >>>>>> > > >>>>> > > >>>> > > >>>> > > >>>> -- > > >>>> Yi Shen > > >>>> Apache ECharts(incubating) PPMC > > >>>> > > >>> > > >> > > >> > > >> -- > > >> Yi Shen > > >> Apache ECharts(incubating) PPMC > > >> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@echarts.apache.org > > For additional commands, e-mail: dev-h...@echarts.apache.org > > > > > -- Yi Shen Apache ECharts(incubating) PPMC
