It sounds like you're envisioning an "Apple Store" model where every submission is rigorously tested and vetted. That is certainly an option, but since the PMC gets to define what the rules are, it's also an option to say, "this index is provided as a community service with no guarantees of quality."
Both models have succeeded with users -- the Python package index PyPI is an example of the "anything goes" kind. What are the alternatives if the PMC declines to provide such an index? (Let's call it an index, since "repository" seems to imply hosting the kind of code or binary releases that I'm *not* suggesting.) It seems to me that the most likely outcomes are 1. Today's state of affairs where essentially nobody knows about connectors that are not directly maintained and released by the PMC 2. A Confluent Hub model where a vendor hosts a connector index to fill the vacuum, or worse, multiple competing vendors do this. I don't think either of these is good for Apache Pulsar or its users. P.S. I get that it's awkward for me to say, "the PMC should do this" as a non-PMC member, but I'm happy to volunteer to help with any housekeeping needed for this proposal that the PMC would like to delegate, from creating a git repo to adding a script to the site builder to turn that into a page to approving PRs that people submit. On Thu, May 27, 2021 at 3:46 PM Sijie Guo <guosi...@gmail.com> wrote: > On Thu, May 27, 2021 at 1:17 PM Jonathan Ellis <jbel...@gmail.com> wrote: > > > On Thu, May 27, 2021 at 2:38 PM Sijie Guo <guosi...@gmail.com> wrote: > > > > > Agreed that the main problem is about discovering the existing > pre-built > > > Pulsar connectors. I don't think the PMC should involve hosting and > > > managing external connectors because it will put the PMC in the > situation > > > in handling licensing issues that I think we should avoid. > > > > > > > I totally agree that the PMC shouldn't get tied up in licensing > discussions > > for third party connectors, but I don't see how that's an issue if we're > > talking about a repository with descriptions and URLs -- no code, no > > binaries. Am I missing something? > > > > PMC has been treated as an authority of the project and trusted by most of > the people. > > If it is managed by the PMC, PMC is responsible for verifying the links, > whether the links point to any malformed binaries and their software > licenses. > For example, if a Pulsar user goes to the Pulsar website and downloads a > malformed binary, who is going to be responsible for that? > The PMC, the ASF, or the owner of the binary? IMO, it is too risky to > manage. > > As the PMC, we can make recommendations but I would avoid getting into the > trouble of managing external binaries even via links. > > > > > > > > > All the ASF accepted connectors are already in the main Pulsar repo. > Even > > > they are moved to the pulsar-connectors repo. They are managed and > > released > > > as part of the Pulsar release. > > > > > > > Right, there's no problem here. Where there is an opportunity to improve > > is discoverability for third party connectors that the PMC does *not* > want > > to bring in and maintain officially. > > > > See comments above. > -- Jonathan Ellis co-founder, http://www.datastax.com @spyced
