You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@community.apache.org by Bertrand Delacretaz <bd...@apache.org> on 2021/04/23 15:04:45 UTC
Why would a project move to the Attic?
Hi,
I suggest updating https://www.apache.org/dev/pmc.html with the text
below, adding a "Why would a project move to the Attic?" section
before "How To Perform A PMC Roll Call" and adapting the latter
section accordingly.
I initially suggested adding that info to http://attic.apache.org/ but
people rightly noted that seeing that information there is "too late",
this really belongs to the "Project Management Committee Guide" page.
I'm planning to commit those website changes next week unless someone objects.
Feedback and suggested improvements are welcome!
-Bertrand
*** SUGGESTED NEW TEXT ***
### Why would a project move to the Attic? ### {#move-to-attic}
As described on [its homepage](http://attic.apache.org), the Attic is meant to
_provide oversight for projects which otherwise would not have oversight_.
It's fine for ASF projects to be mature and quiet, with little development
activity happening, and that in itself is not a reason to move to the Attic.
However, to be viable an ASF project must have enough active PMC Members who
provide oversight of the project. This means being able to fix and release
code, to handle security vulnerabilities or other serious bugs for example.
While the PMC doesn't have to fix all the bugs or requests that come
in, the Board
must be able to verify that there are at least three PMC members monitoring
the project's mailing lists who **could** reply and act in such cases.
To this end, the Board will sometimes perform a PMC roll call,
[as described below](#roll-call).
Sometimes, PMC members leaving a project would result in less than
three of them remaining,
but community members are willing to continue maintaining the project.
In such a case the
best, if possible, is to elect a few of those community members to the
PMC to keep it viable.
If that does not happen, the Board can "reboot" a PMC by
re-establishing it with a new
or modified roster. As an example, see the
[Board resolution to reboot the Apache Xalan
PMC](https://apache.org/foundation/records/minutes/2019/board_minutes_2019_02_20.txt)
in the February 2019 Board minutes.
Mature or very slow-running projects should periodically (once a year is
recommended) do a PMC roll call to demonstrate their viability.
In summary, the only reason for a project to move to the Attic is lack
of oversight,
caused by an insufficient number of active PMC members.
Note that going to the Attic is not necessarily a bad thing: it's
merely a reflection that there isn't currently an **active** community
to manage the project. It's also a clear way so set the right expectations
for users of the project's code.
### How To Perform A PMC Roll Call ### {#roll-call}
The Board sometimes asks for a roll call for projects that fail to
report regularly,
projects with very little visible activity on their mailing lists or releases,
and projects that do not seem to be responsive to security issues.
If a Director (on behalf of the Board) asks a PMC to perform a roll
call, the PMC **must** respond by
showing via an email thread that [at least three PMC
members](https://www.apache.org/legal/release-policy.html#release-approval)
are active.
A PMC can do this by each of its active members replying to a thread
to `board@`, or having one PMC
member send a link to a thread on the PMC's lists where at least three
PMC members reply that they are still monitoring the project, such that
they could assist with creating new releases if any security issues
were found. **Be sure** to let the `board@` mailing list know when at least
three PMC members have responded (or always cc: `board@`).
Projects **must** reply to the Board's request for a roll call. Failure
to show that at least three PMC members are present before the next monthly
Board meeting can lead to the Board concluding the project is due to be
shut down and moved to the [Apache Attic](https://attic.apache.org/)
for lack of oversight.
See also [why would a project move to the Attic](#move-to-attic) above.
*** EOF ***
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
For additional commands, e-mail: dev-help@community.apache.org
Re: Why would a project move to the Attic?
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Fri, Apr 23, 2021 at 7:22 PM Andrew Wetmore <co...@gmail.com> wrote:
>
> A good statement. There are minor text edits in the version below to
> enhance readability:..
Thank you!
The changes are now live at https://www.apache.org/dev/pmc.html#move-to-attic
-Bertrand
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
For additional commands, e-mail: dev-help@community.apache.org
Re: Why would a project move to the Attic?
Posted by Andrew Wetmore <co...@gmail.com>.
A good statement. There are minor text edits in the version below to
enhance readability:
*** SUGGESTED NEW TEXT ***
### Why would a project move to the Attic? ### {#move-to-attic}
As described on [its homepage](http://attic.apache.org), the Attic is meant
to
_provide oversight for projects which otherwise would not have oversight_.
It's fine for ASF projects to be mature and quiet, with little development
activity happening, and that in itself is not a reason to move to the Attic.
However, to be viable, an ASF project must have enough active PMC Members
who
provide oversight for the project. They fix and release
code and handle security vulnerabilities or other serious bugs, for example.
While the PMC doesn't have to fix all the bugs or requests that come
in, the Board
must be able to verify that there are at least three PMC members monitoring
the project's mailing lists who **could** reply and act in such cases.
To this end, the Board will sometimes perform a [PMC roll call](#roll-call).
Sometimes, members leaving a project would result in fewer than
three PMC members remaining, while other community members are willing to
continue maintaining the project.
In such a case, the best way forward, if possible, is to elect a few of
those community members to the
PMC to keep it viable.
If that does not happen, the Board can "reboot" a PMC by
re-establishing it with a new
or modified PMC. As an example, see the
[Board resolution to reboot the Apache Xalan
PMC](
https://apache.org/foundation/records/minutes/2019/board_minutes_2019_02_20.txt
)
in the February 2019 Board minutes.
Mature or very slow-running projects should periodically (we recommend once
a year) do a PMC roll call to confirm their viability.
In summary, the only reason for a project to move to the Attic is lack
of oversight due to an insufficient number of active PMC members.
Note that going to the Attic is not necessarily a bad thing: it's
merely a reflection that there isn't currently an **active** community
to manage the project. It's also a clear way so set the right expectations
for users of the project's code.
### How To Perform A PMC Roll Call ### {#roll-call}
The Board sometimes asks for a roll call for projects that fail to
report regularly, have very little visible activity on their mailing lists
or releases, or do not seem to be responsive to security issues.
If a Director (on behalf of the Board) asks a PMC to perform a roll
call, the PMC **must** respond by
showing via an email thread that [at least three PMC
members](https://www.apache.org/legal/release-policy.html#release-approval)
are active.
A PMC can do this by each of its active members replying to a thread
to `board@`, or having one PMC
member send a link to a thread on the PMC's lists where at least three
PMC members reply that they are still monitoring the project and could
assist with creating new releases if any security issues
were found. **Be sure** to let the `board@` mailing list know when at least
three PMC members have responded (or always cc: `board@`).
Projects **must** reply to the Board's request for a roll call. Failure
to show that at least three PMC members are present before the next monthly
Board meeting can lead to the Board concluding the project is due to
shut down and move to the [Apache Attic](https://attic.apache.org/)
for lack of oversight.
See also [why would a project move to the Attic](#move-to-attic), above.
*** EOF ***
On Fri, Apr 23, 2021 at 12:11 PM Bertrand Delacretaz <bd...@apache.org>
wrote:
> Hi,
>
> I suggest updating https://www.apache.org/dev/pmc.html with the text
> below, adding a "Why would a project move to the Attic?" section
> before "How To Perform A PMC Roll Call" and adapting the latter
> section accordingly.
>
> I initially suggested adding that info to http://attic.apache.org/ but
> people rightly noted that seeing that information there is "too late",
> this really belongs to the "Project Management Committee Guide" page.
>
> I'm planning to commit those website changes next week unless someone
> objects.
>
> Feedback and suggested improvements are welcome!
>
> -Bertrand
>
> *** SUGGESTED NEW TEXT ***
>
> ### Why would a project move to the Attic? ### {#move-to-attic}
>
> As described on [its homepage](http://attic.apache.org), the Attic is
> meant to
> _provide oversight for projects which otherwise would not have oversight_.
>
> It's fine for ASF projects to be mature and quiet, with little development
> activity happening, and that in itself is not a reason to move to the
> Attic.
>
> However, to be viable an ASF project must have enough active PMC Members
> who
> provide oversight of the project. This means being able to fix and release
> code, to handle security vulnerabilities or other serious bugs for example.
>
> While the PMC doesn't have to fix all the bugs or requests that come
> in, the Board
> must be able to verify that there are at least three PMC members monitoring
> the project's mailing lists who **could** reply and act in such cases.
>
> To this end, the Board will sometimes perform a PMC roll call,
> [as described below](#roll-call).
>
> Sometimes, PMC members leaving a project would result in less than
> three of them remaining,
> but community members are willing to continue maintaining the project.
> In such a case the
> best, if possible, is to elect a few of those community members to the
> PMC to keep it viable.
>
> If that does not happen, the Board can "reboot" a PMC by
> re-establishing it with a new
> or modified roster. As an example, see the
> [Board resolution to reboot the Apache Xalan
> PMC](
> https://apache.org/foundation/records/minutes/2019/board_minutes_2019_02_20.txt
> )
> in the February 2019 Board minutes.
>
> Mature or very slow-running projects should periodically (once a year is
> recommended) do a PMC roll call to demonstrate their viability.
>
> In summary, the only reason for a project to move to the Attic is lack
> of oversight,
> caused by an insufficient number of active PMC members.
>
> Note that going to the Attic is not necessarily a bad thing: it's
> merely a reflection that there isn't currently an **active** community
> to manage the project. It's also a clear way so set the right expectations
> for users of the project's code.
>
> ### How To Perform A PMC Roll Call ### {#roll-call}
>
> The Board sometimes asks for a roll call for projects that fail to
> report regularly,
> projects with very little visible activity on their mailing lists or
> releases,
> and projects that do not seem to be responsive to security issues.
>
> If a Director (on behalf of the Board) asks a PMC to perform a roll
> call, the PMC **must** respond by
> showing via an email thread that [at least three PMC
> members](https://www.apache.org/legal/release-policy.html#release-approval
> )
> are active.
>
> A PMC can do this by each of its active members replying to a thread
> to `board@`, or having one PMC
> member send a link to a thread on the PMC's lists where at least three
> PMC members reply that they are still monitoring the project, such that
> they could assist with creating new releases if any security issues
> were found. **Be sure** to let the `board@` mailing list know when at
> least
> three PMC members have responded (or always cc: `board@`).
>
> Projects **must** reply to the Board's request for a roll call. Failure
> to show that at least three PMC members are present before the next monthly
> Board meeting can lead to the Board concluding the project is due to be
> shut down and moved to the [Apache Attic](https://attic.apache.org/)
> for lack of oversight.
>
> See also [why would a project move to the Attic](#move-to-attic) above.
>
> *** EOF ***
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
> For additional commands, e-mail: dev-help@community.apache.org
>
>
--
Andrew Wetmore
http://cottage14.blogspot.com/