You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@kylin.apache.org by "Shaofeng SHI (JIRA)" <ji...@apache.org> on 2019/03/09 15:05:00 UTC
[jira] [Created] (KYLIN-3862) Check the binary packages
Shaofeng SHI created KYLIN-3862:
-----------------------------------
Summary: Check the binary packages
Key: KYLIN-3862
URL: https://issues.apache.org/jira/browse/KYLIN-3862
Project: Kylin
Issue Type: Task
Reporter: Shaofeng SHI
As to the approval of binary packages:
It's not possible in general to check the exact contents of a binary, however there are some checks that should be made:
- sigs and hashes must be OK
- the package must contain the correct NOTICE and LICENSE files for the included content
- the package must not contain any content not derived from the source.
- in the case of bundled binaries, reviewers must check that all contents are represented in the LICENSE (and NOTICE file if required).
The bundle must not contain any files that are prohibited from distribution (category X).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)