On 9/13/06, Craig L Russell <[EMAIL PROTECTED]> wrote:
On Sep 13, 2006, at 10:24 AM, robert burrell donkin wrote:
<snip>
> since we started checking releases in detail, it's become clear that > most projects struggle to create a compliant release at the first > attempt. nearly every first attempt checked turns out not be > compliant. i didn't expect this (since the rules are really pretty > simple). I only slightly beg to differ over Robert's characterization of the Apache release rules as "simple". Not.
it's the lack of rules that causes the difficulty - nearly everything written about releases is neither policy nor rules. there are so few rules that many projects feel the need to create more process for themselves. formal rules: 1 every official release must be approved by the project responsible for the code policy: 1 all source files must have license headers 2 all dependencies shipped must have approved licenses 3 all released artifacts must contain LICENSE and NOTICE files 4 all released artifacts must have signatures and checksums the interpretation of these rules and policies changes from time to time and application of these in borderline cases can be difficult. however, the principles have changed rarely. there are quite a lot more guidelines which are not quite policy. projects that do not follow these may become unpopular with the infrastructure team. but they are neither policy nor rules. there are lots and lots of traditions, conventions and practices which are neither guidelines, policy nor formal rules. there is a lot to be said for learning from other people's mistakes and i would hope that (once they are written down and collated) projects would elect to adopt a lot of these practices but they are free to adopt any or none as they choose. when i review a release i try to indicate which category each point falls into. - robert --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
