Re: patched sources v.s. release candidates

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Colm MacCarthaigh wrote:
> On Sun, Aug 19, 2007 at 02:40:39PM -0500, William A. Rowe, Jr. wrote:
>> The bottom line is that nobody took issue with Jeff's or my comments.  They
>> are free to do so.  Colm has this time around.  His points don't quite jive,
>> if you offered a patch set and said "hey, this is the difference between
>> the ASF's 2.2.4 and my binaries here", then his point would be spot-on and
>> we'd all agree there is no issue. 
> 
> I have absolutely no idea what you're talking about here, and what
> points jive or not.

You specifically mentioned how many distros have patched sources, and
that's true (and not an issue).  What I asked was, are there distros which
ship our release candidates before they are released, and if so, are they
labeled as such?

I still think we are talking apples and oranges.

Maybe it's time to tend to our long neglected testers@ to ensure everyone
is on the same page?  But I'd still maintain that keeping the RC testing
activity in one place is good for our releases (speaking as a more than
occasional RM).

> Our candidates are 100% redistributable and licensed in accordance with
> AL2.0, just like our svn trees.

So you can make anything out of any combination of our svn trees, with
whatever patches you like, as long as you give them your own name.  Right?
They are not, for example, a "release 2.2.5" until the project approves them.

E.g. I might have a binary "BetterScript, based on PHP sources 5.2.4 RC2",
but I better not ship that as *the* "PHP 5.2.4".  Do we agree on this,
or not?  Or are we in the mode of playing devil's advocate to spend list
bandwidth?  (Sometimes I don't know with you, Colm :-)

I'd hate to find the RC process closed, as Jim's suggested, because of
misunderstandings about this subtle difference of opinion.  The only thing
we lose is quality of our releases.

Bill

Re: patched sources v.s. release candidates

[Colm MacCarthaigh <co...@stdlib.net>]

On Sun, Aug 19, 2007 at 03:05:14PM -0500, William A. Rowe, Jr. wrote:
> You specifically mentioned how many distros have patched sources, and
> that's true (and not an issue).  What I asked was, are there distros which
> ship our release candidates before they are released, and if so, are they
> labeled as such?

I've had ports trees that carried odd-numbered trains, (2.1, 2.3), and
even yesterdays-svn (from nightly builds)!

> > Our candidates are 100% redistributable and licensed in accordance with
> > AL2.0, just like our svn trees.
> 
> So you can make anything out of any combination of our svn trees, with
> whatever patches you like, as long as you give them your own name.  Right?
> They are not, for example, a "release 2.2.5" until the project approves them.

Yes, and to repeat again; as long as it is made clear that it is not an
ASF release :-)

> E.g. I might have a binary "BetterScript, based on PHP sources 5.2.4 RC2",
> but I better not ship that as *the* "PHP 5.2.4".  Do we agree on this,
> or not?  Or are we in the mode of playing devil's advocate to spend list
> bandwidth?  (Sometimes I don't know with you, Colm :-)

I'm not trying to split hairs, but the tarballs we create as RCs are
licensed AL2.0 , and there's no way we can change that. That's all I
mean, third parties can take those tarballs and redistribute them as
they wish - as long as they take all of the precautions and steps
redistributors usually should.

I'm told it would be a bad idea for them to mis-represent things by
claiming it was an ASF release, what kind of naming practises that
translates into is probably best consulted with a lawyer :/

> I'd hate to find the RC process closed, as Jim's suggested, because of
> misunderstandings about this subtle difference of opinion.  The only
> thing we lose is quality of our releases.

This is not some subtle difference of opinion. You said;

"Without an announce, /dev/ tarball build doesn't belong on any external
site."

This is simply at odds with the AL2.0, so I'm saying the complete
opposite. I don't think that's subtle :-) /dev/ tarballs *are*
re-distributable, it says so right there in them, and this is
irrevokably the case. 

-- 
Colm MacCárthaigh                        Public Key: colm+pgp@stdlib.net