You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@harmony.apache.org by Etienne Gagnon <eg...@sablevm.org> on 2006/04/04 06:29:01 UTC
[classlib/legal?] Re: Downloading dependencies
Geir Magnusson Jr wrote:
> What are you voting against, exactly?
>
> I don't grok why this is a problem. You'll download the jars *once*
> (until a version changes), and with the exception of the MSVC runtime
> dll, it's automated for you.
[Just explaining my position, not trying to change your mind].
I'm mainly voting against having our trunk dependent on remote
(non-Apache) sites availability. For example, what if libXYZ-1.02.jar
became unavailable tomorrow (assuming the trunk depended on it)? Maybe
Harmony is the only project using it, and the author went bankrupt, or
more likely, lost his site because he/she graduated from school, and
that person wasn't aware Harmony used his/her open-source stuff. I'll
let it to your imagination to come up with other likely scenarios. In
such case, our trunk would break. I don't see how temporarily re-(?)
"distributing" open-source stuff is a problem, but I'm not a lawyer, so
I'll trust Apache's lawyers on this.
Yet, I'll admit that the build system is dealing with this issue in a
rather clean way, in that a separate ant file is used for the download,
and the main build file does not depend on downloading from remote sites.
And just as a note: I have no problem living in democracy, and not
always being on the majority side. A few discussions here and there are
key to coming up with better ideas, as long as discussions remain
civilized. :-)
Etienne
--
Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
SableVM: http://www.sablevm.org/
SableCC: http://www.sablecc.org/
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Geir Magnusson Jr <ge...@pobox.com>.
That's not a problem as long as the jars are under an acceptable license
for redistribution, which they are. A counterexample would be a tool we
like to use but won't redistribute - we should be sure things like that
don't get "sucked in" accidentally.
geir
Mark Hindess wrote:
> On a related subject, one side-effect of the dependency changes is
> that the downloaded jars that are copied to the deploy tree will be
> picked up by the snapshot target. The ASF need to decide if
> distributing these jars this way is acceptable.
>
> -Mark.
>
> On 4/4/06, Etienne Gagnon <eg...@sablevm.org> wrote:
>> Geir,
>>
>> Actually, I didn't reply to your question. See below.
>>
>>> Geir Magnusson Jr wrote:
>>>> Ok. So are you against having the external dependency, or having an
>>>> external dependency for which we don't have a jar in svn or the website?
>> I'm against having an external dependency, in the HEAD trunk, for which
>> we don't have a SOURCE jar in svn or the website.
>>
>> I assume that official releases do include "all" dependencies ("most" is
>> probably more appropriate; we probably won't include the OS and base C
>> libraries...).
>>
>> Etienne
>>
>> --
>> Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
>> SableVM: http://www.sablevm.org/
>> SableCC: http://www.sablecc.org/
>>
>>
>>
>
>
> --
> Mark Hindess <ma...@googlemail.com>
> IBM Java Technology Centre, UK.
>
> ---------------------------------------------------------------------
> Terms of use : http://incubator.apache.org/harmony/mailing.html
> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
>
>
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Mark Hindess <ma...@googlemail.com>.
On a related subject, one side-effect of the dependency changes is
that the downloaded jars that are copied to the deploy tree will be
picked up by the snapshot target. The ASF need to decide if
distributing these jars this way is acceptable.
-Mark.
On 4/4/06, Etienne Gagnon <eg...@sablevm.org> wrote:
> Geir,
>
> Actually, I didn't reply to your question. See below.
>
> > Geir Magnusson Jr wrote:
> >>Ok. So are you against having the external dependency, or having an
> >>external dependency for which we don't have a jar in svn or the website?
>
> I'm against having an external dependency, in the HEAD trunk, for which
> we don't have a SOURCE jar in svn or the website.
>
> I assume that official releases do include "all" dependencies ("most" is
> probably more appropriate; we probably won't include the OS and base C
> libraries...).
>
> Etienne
>
> --
> Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
> SableVM: http://www.sablevm.org/
> SableCC: http://www.sablecc.org/
>
>
>
--
Mark Hindess <ma...@googlemail.com>
IBM Java Technology Centre, UK.
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Etienne Gagnon <eg...@sablevm.org>.
Geir,
Actually, I didn't reply to your question. See below.
> Geir Magnusson Jr wrote:
>>Ok. So are you against having the external dependency, or having an
>>external dependency for which we don't have a jar in svn or the website?
I'm against having an external dependency, in the HEAD trunk, for which
we don't have a SOURCE jar in svn or the website.
I assume that official releases do include "all" dependencies ("most" is
probably more appropriate; we probably won't include the OS and base C
libraries...).
Etienne
--
Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
SableVM: http://www.sablevm.org/
SableCC: http://www.sablecc.org/
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Geir Magnusson Jr <ge...@pobox.com>.
Etienne Gagnon wrote:
> Geir Magnusson Jr wrote:
>> For example, we're going to do a distro dependnent on this "sablevm.jar"
>> thing. What if harmony was the only project using it? or the author
>> went bankrupt, or - more likely - lost his site because he/she got their
>> PhD and graduated from school..... :)
>
> You're too late... I graduate long ago. It's unlikely UQAM, a public
> university, will go bankrupt anytime soon. heh ;-)
I know. it was a joke :)
>
>> Ok. So are you against having the external dependency, or having an
>> external dependency for which we don't have a jar in svn or the website?
>> if the latter, I'd want to have source too, as the binary is pretty
>> useless over time...
>
> Actually, I was thinking about the sources; I don't care about the
> binaries! [I didn't get yet to complain about seeing .dll's and all
> kind of binary stuff in the repository. I'll keep that for some other
> day, very far away, when we all have less to do. :-P ]
>
> Cheers,
>
> Etienne
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Etienne Gagnon <eg...@sablevm.org>.
Geir Magnusson Jr wrote:
> For example, we're going to do a distro dependnent on this "sablevm.jar"
> thing. What if harmony was the only project using it? or the author
> went bankrupt, or - more likely - lost his site because he/she got their
> PhD and graduated from school..... :)
You're too late... I graduate long ago. It's unlikely UQAM, a public
university, will go bankrupt anytime soon. heh ;-)
> Ok. So are you against having the external dependency, or having an
> external dependency for which we don't have a jar in svn or the website?
> if the latter, I'd want to have source too, as the binary is pretty
> useless over time...
Actually, I was thinking about the sources; I don't care about the
binaries! [I didn't get yet to complain about seeing .dll's and all
kind of binary stuff in the repository. I'll keep that for some other
day, very far away, when we all have less to do. :-P ]
Cheers,
Etienne
--
Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
SableVM: http://www.sablevm.org/
SableCC: http://www.sablecc.org/
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Geir Magnusson Jr <ge...@pobox.com>.
Etienne Gagnon wrote:
> Geir Magnusson Jr wrote:
>> What are you voting against, exactly?
>>
>> I don't grok why this is a problem. You'll download the jars *once*
>> (until a version changes), and with the exception of the MSVC runtime
>> dll, it's automated for you.
>
> [Just explaining my position, not trying to change your mind].
You won't. We just don't redistribute other people's software from the
ASF infrastructure.
>
> I'm mainly voting against having our trunk dependent on remote
> (non-Apache) sites availability.
We're not dependent upon the site. The download is a convenience. You
could just as easily fetch it manually and put it in depends/jars
> For example, what if libXYZ-1.02.jar
> became unavailable tomorrow (assuming the trunk depended on it)? Maybe
> Harmony is the only project using it, and the author went bankrupt, or
> more likely, lost his site because he/she graduated from school, and
> that person wasn't aware Harmony used his/her open-source stuff. I'll
> let it to your imagination to come up with other likely scenarios.
The first one isn't likely at all. We don't choose are dependencies
lightly or randomly.
If we thought a dependency was flaky, we'd get a snapshot of the code as
insurance.
But we really want that our external dependencies are just that -
external - so we don't have to do it ourselves. We're lazy.
For example, we're going to do a distro dependnent on this "sablevm.jar"
thing. What if harmony was the only project using it? or the author
went bankrupt, or - more likely - lost his site because he/she got their
PhD and graduated from school..... :)
> In
> such case, our trunk would break. I don't see how temporarily re-(?)
> "distributing" open-source stuff is a problem, but I'm not a lawyer, so
> I'll trust Apache's lawyers on this.
>
> Yet, I'll admit that the build system is dealing with this issue in a
> rather clean way, in that a separate ant file is used for the download,
> and the main build file does not depend on downloading from remote sites.
Ok...
>
> And just as a note: I have no problem living in democracy, and not
> always being on the majority side. A few discussions here and there are
> key to coming up with better ideas, as long as discussions remain
> civilized. :-)
>
Ok. So are you against having the external dependency, or having an
external dependency for which we don't have a jar in svn or the website?
if the latter, I'd want to have source too, as the binary is pretty
useless over time...
geir
geir
> Etienne
>
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Etienne Gagnon <eg...@sablevm.org>.
Leo Simons wrote:
> To have a dependency on external packages, we extend some trust to their
> authors/vendors to keep them available as open source...
OK, I selected the wrong example. I am sure that you do understand that
my worry is not a trust issue, but motly a convenience one and only a
safety one in catastrophic cases [plane crash of development team, etc.].
> The other one is about voting/democracy. I just wanted to mention it,
I know, I know... :-)
Etienne
--
Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
SableVM: http://www.sablevm.org/
SableCC: http://www.sablecc.org/
Re: [classlib/legal?] Re: Downloading dependencies
Posted by Leo Simons <ma...@leosimons.com>.
Two keywords:
1) trust
2) merit
To have a dependency on external packages, we extend some trust to their
authors/vendors to keep them available as open source. If this trust is
misplaced, we don't want the dependency. We don't want dependencies on
badly hosted, fragile, one-person hobby projects. The ASF develops software
as part of a larger ecosystem and the dependencies on third party sites is
just a natural part of that. The ASF distributes binaries only as pure
convenience.
The other one is about voting/democracy. I just wanted to mention it,
because democracy doesn't work for us here. This is a meritocracy. There is
just merit, and merit can be associated with ideas as well as with people
(leading to things like committership). Some of these kinds of decisions
and/or ways of handling this kind of thing have been figured out over the
course of several years by the ASF and its not up to harmony to go and
change all of them. One of the main goals for incubation is learning to
understand the ASF ways and work with them. Starting off by disagreeing with
them is usually not all that conductive to making that happen. Perhaps this
sometimes means, "ask, don't tell".
cheers!
Leo
On Tue, Apr 04, 2006 at 12:29:01AM -0400, Etienne Gagnon wrote:
> Geir Magnusson Jr wrote:
> > What are you voting against, exactly?
> >
> > I don't grok why this is a problem. You'll download the jars *once*
> > (until a version changes), and with the exception of the MSVC runtime
> > dll, it's automated for you.
>
> [Just explaining my position, not trying to change your mind].
>
> I'm mainly voting against having our trunk dependent on remote
> (non-Apache) sites availability. For example, what if libXYZ-1.02.jar
> became unavailable tomorrow (assuming the trunk depended on it)? Maybe
> Harmony is the only project using it, and the author went bankrupt, or
> more likely, lost his site because he/she graduated from school, and
> that person wasn't aware Harmony used his/her open-source stuff. I'll
> let it to your imagination to come up with other likely scenarios. In
> such case, our trunk would break. I don't see how temporarily re-(?)
> "distributing" open-source stuff is a problem, but I'm not a lawyer, so
> I'll trust Apache's lawyers on this.
>
> Yet, I'll admit that the build system is dealing with this issue in a
> rather clean way, in that a separate ant file is used for the download,
> and the main build file does not depend on downloading from remote sites.
>
> And just as a note: I have no problem living in democracy, and not
> always being on the majority side. A few discussions here and there are
> key to coming up with better ideas, as long as discussions remain
> civilized. :-)
>
> Etienne
>
> --
> Etienne M. Gagnon, Ph.D. http://www.info2.uqam.ca/~egagnon/
> SableVM: http://www.sablevm.org/
> SableCC: http://www.sablecc.org/
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org