You are viewing a plain text version of this content. The canonical link for it is here.
Posted to legal-discuss@apache.org by ma...@apache.org on 2020/01/17 11:31:29 UTC
svn commit: r1872915 -
/infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
Author: markt
Date: Fri Jan 17 11:31:29 2020
New Revision: 1872915
URL: http://svn.apache.org/viewvc?rev=1872915&view=rev
Log:
Update after review of 0.1
Modified:
infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
Modified: infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
URL: http://svn.apache.org/viewvc/infrastructure/site/trunk/content/foundation/marks/downstream.mdtext?rev=1872915&r1=1872914&r2=1872915&view=diff
==============================================================================
--- infrastructure/site/trunk/content/foundation/marks/downstream.mdtext (original)
+++ infrastructure/site/trunk/content/foundation/marks/downstream.mdtext Fri Jan 17 11:31:29 2020
@@ -20,7 +20,9 @@ Notice: Licensed to the Apache Softwa
This **Downstream Distribution Branding Policy** defines **requirements** for
downstream software distributors that wish to distribute Apache® software
-products under the original Apache product name.
+products under the original Apache product name. Distributors wishing to use a
+different name should follow our
+[formal Trademark Policy](http://www.apache.org/foundation/marks/)
# Downstream Distribution Branding Policy # {#introduction}
@@ -28,7 +30,7 @@ Apache software products are distributed
provide packages for their platform. Examples include Docker images, Linux
distributors and cloud platform vendors.
-The Apache Software Foundation recognises the importance of these downstream
+The Apache Software Foundation recognizes the importance of these downstream
distributors and is happy to see them distribute Apache products under the
original Apache name providing that this policy is followed.
@@ -36,12 +38,17 @@ original Apache name providing that this
## Channel ## {#channel}
The software must be provided via a channel the end user would expect to use to
-obtain packages for their platform.
+obtain packages for their platform. For example:
+
+ - a Linux user would expect to obtain packages via one of their distribution's package managers;
+ - a Perl user would expect to be able to obtain Perl modules via CPAN
## Naming ## {#name}
-The name must be the same name as the name used by the Apache Software Foundation.
+The name must be the same name as the name used by The Apache Software Foundation. The full
+name of all Apache software products has the form of "Apache *ProjectName*". Note that "Apache",
+"*ProjectName*" and "Apache *ProjectName*" are trademarks of The Apache Software Foundation.
## Source Code ## {#source}
@@ -50,24 +57,56 @@ The source code on which the software is
Apache Software Foundation source code release or all of the following must also
be true:
-- All source code from which the software it is built must be available in the
- Apache Software Foundation source code repository for the project.
+- All source code changes must meet at least one of the acceptable changes criteria
+ set out below.
+
+- A version number must be used that both clearly differentiates it from an
+ Apache Software Foundation release and clearly identifies the Apache Software
+ Foundation version on which the software is based.
+
+- The documentation must clearly identify the Apache Software Foundation
+ version on which the software is based.
+
+- The end user expects that the distribution channel will back-port fixes. It
+ is not necessary to back-port all fixes. Selection of fixes to back-port must
+ be consistent with the update policy of that distribution channel.
+
+The acceptable changes must met at least one of the following criteria:
+
+- Changes that have been accepted by the relevant Apache project community
+ for inclusion in a future release. Note that the process used to accept
+ changes and how that acceptance is documented varies between projects.
-- All changes must have been accepted by the relevant project community for
- inclusion in a future release.
+- A fix for an undisclosed security issue provided the Apache project has
+ been [notified of the issue](http://www.apache.org/security/) and has not
+ rejected the vulnerability report.
-- A version number must be used that clearly differentiates it from an Apache
- Software Foundation release.
+- A fix for a bug provided that the Apache project has been notified of the
+ bug and has not rejected the bug report.
-- The documentation must clearly identify which Apache Software Foundation
- version the software is based on.
+- Minor changes (e.g. alterations to the start-up and shutdown scripts,
+ configuration files, file layout etc.) to integrate with the target platform
+ providing the Apache project has not objected to those changes.
-- The end user expects that the distribution channel will back-port fixes.
+## Additional dependencies
+Optional dependencies, modules, add-ons, etc. available from The Apache
+Software Foundation MAY be included in the distribution.
+
+Optional dependencies, modules, add-ons, etc. available from 3rd parties
+that extend the functionality of the Apache project SHOULD be provided
+via separate packages but MAY be included in the distribution provided
+that the project does not object.
+
+Optional dependencies, modules, add-ons, etc. available from 3rd parties
+that replace default functionality in the Apache project MUST be provided
+via separate packages unless the Apache project has approved their
+inclusion in the distribution.
# Usage Examples # {#examples}
-Based on the above policy, the following usages would be acceptable:
+Based on the above policy, the following usages would be acceptable unless
+project specific requirements prevent it:
- Releasing any particular revision from the development branch.
@@ -78,7 +117,12 @@ Based on the above policy, the following
- Applying back-ports that require trivial changes to enable the back-port
to apply.
-Based on the above policy, the following usages would not be acceptable:
+- Including a range of 3rd party JDBC drivers or similar libraries to
+ facilitate communication with other systems.
+
+
+Based on the above policy, the following usages would not be acceptable
+unless project specific requirements allow it:
- Including fixes or features back-ported from an individual committer's
feature branch or any other branch that has not been accepted by the
@@ -91,6 +135,12 @@ Based on the above policy, the following
- Applying back-ports that require non-trivial changes to enable the
back-port to apply.
+- Silently fixing a discovered security issue without informing the PMC of
+ the issue.
+
+- Replacing the default persistence layer of a database with a 3rd party
+ persistence library.
+
# Project Specific Requirements # {#projects}
@@ -101,7 +151,7 @@ The following projects are known to use
- Apache Subversion
-Distributors SHOULD check with the relevant project for the any project specific
+Distributors MUST check with the relevant project for the any project specific
policy before distributing a modified version of an Apache software project under
the standard Apache product name.
@@ -114,13 +164,13 @@ and our [site map of Trademark resources
# Important Note # {#notes}
**Nothing in this ASF policy statement shall be interpreted to allow any
-third party to claim any association with the Apache Software Foundation or
+third party to claim any association with The Apache Software Foundation or
any of its projects or to imply any approval or support by ASF for any
third party products, services, or events.**
# Policy Version # {#version}
-This is version 0.1 of this draft Apache policy document, published in April 2019.
+This is version 0.2 of this draft Apache policy document, published in January 2020.
Material changes will be marked with a new version number.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org
Re: svn commit: r1872915 - /infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
Posted by Fantri Fitriani <fa...@gmail.com>.
Pada tanggal Jum, 17 Jan 2020 19.31, <ma...@apache.org> menulis:
> Author: markt
> Date: Fri Jan 17 11:31:29 2020
> New Revision: 1872915
>
> URL: http://svn.apache.org/viewvc?rev=1872915&view=rev
> Log:
> Update after review of 0.1
>
> Modified:
> infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
>
> Modified:
> infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
> URL:
> http://svn.apache.org/viewvc/infrastructure/site/trunk/content/foundation/marks/downstream.mdtext?rev=1872915&r1=1872914&r2=1872915&view=diff
>
> ==============================================================================
> --- infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
> (original)
> +++ infrastructure/site/trunk/content/foundation/marks/downstream.mdtext
> Fri Jan 17 11:31:29 2020
> @@ -20,7 +20,9 @@ Notice: Licensed to the Apache Softwa
>
> This **Downstream Distribution Branding Policy** defines **requirements**
> for
> downstream software distributors that wish to distribute Apache®
> software
> -products under the original Apache product name.
> +products under the original Apache product name. Distributors wishing to
> use a
> +different name should follow our
> +[formal Trademark Policy](http://www.apache.org/foundation/marks/)
>
> # Downstream Distribution Branding Policy # {#introduction}
>
> @@ -28,7 +30,7 @@ Apache software products are distributed
> provide packages for their platform. Examples include Docker images, Linux
> distributors and cloud platform vendors.
>
> -The Apache Software Foundation recognises the importance of these
> downstream
> +The Apache Software Foundation recognizes the importance of these
> downstream
> distributors and is happy to see them distribute Apache products under the
> original Apache name providing that this policy is followed.
>
> @@ -36,12 +38,17 @@ original Apache name providing that this
> ## Channel ## {#channel}
>
> The software must be provided via a channel the end user would expect to
> use to
> -obtain packages for their platform.
> +obtain packages for their platform. For example:
> +
> + - a Linux user would expect to obtain packages via one of their
> distribution's package managers;
> + - a Perl user would expect to be able to obtain Perl modules via CPAN
>
>
> ## Naming ## {#name}
>
> -The name must be the same name as the name used by the Apache Software
> Foundation.
> +The name must be the same name as the name used by The Apache Software
> Foundation. The full
> +name of all Apache software products has the form of "Apache
> *ProjectName*". Note that "Apache",
> +"*ProjectName*" and "Apache *ProjectName*" are trademarks of The Apache
> Software Foundation.
>
>
> ## Source Code ## {#source}
> @@ -50,24 +57,56 @@ The source code on which the software is
> Apache Software Foundation source code release or all of the following
> must also
> be true:
>
> -- All source code from which the software it is built must be available
> in the
> - Apache Software Foundation source code repository for the project.
> +- All source code changes must meet at least one of the acceptable
> changes criteria
> + set out below.
> +
> +- A version number must be used that both clearly differentiates it from
> an
> + Apache Software Foundation release and clearly identifies the Apache
> Software
> + Foundation version on which the software is based.
> +
> +- The documentation must clearly identify the Apache Software Foundation
> + version on which the software is based.
> +
> +- The end user expects that the distribution channel will back-port
> fixes. It
> + is not necessary to back-port all fixes. Selection of fixes to
> back-port must
> + be consistent with the update policy of that distribution channel.
> +
> +The acceptable changes must met at least one of the following criteria:
> +
> +- Changes that have been accepted by the relevant Apache project community
> + for inclusion in a future release. Note that the process used to accept
> + changes and how that acceptance is documented varies between projects.
>
> -- All changes must have been accepted by the relevant project community
> for
> - inclusion in a future release.
> +- A fix for an undisclosed security issue provided the Apache project has
> + been [notified of the issue](http://www.apache.org/security/) and has
> not
> + rejected the vulnerability report.
>
> -- A version number must be used that clearly differentiates it from an
> Apache
> - Software Foundation release.
> +- A fix for a bug provided that the Apache project has been notified of
> the
> + bug and has not rejected the bug report.
>
> -- The documentation must clearly identify which Apache Software Foundation
> - version the software is based on.
> +- Minor changes (e.g. alterations to the start-up and shutdown scripts,
> + configuration files, file layout etc.) to integrate with the target
> platform
> + providing the Apache project has not objected to those changes.
>
> -- The end user expects that the distribution channel will back-port fixes.
> +## Additional dependencies
>
> +Optional dependencies, modules, add-ons, etc. available from The Apache
> +Software Foundation MAY be included in the distribution.
> +
> +Optional dependencies, modules, add-ons, etc. available from 3rd parties
> +that extend the functionality of the Apache project SHOULD be provided
> +via separate packages but MAY be included in the distribution provided
> +that the project does not object.
> +
> +Optional dependencies, modules, add-ons, etc. available from 3rd parties
> +that replace default functionality in the Apache project MUST be provided
> +via separate packages unless the Apache project has approved their
> +inclusion in the distribution.
>
> # Usage Examples # {#examples}
>
> -Based on the above policy, the following usages would be acceptable:
> +Based on the above policy, the following usages would be acceptable unless
> +project specific requirements prevent it:
>
> - Releasing any particular revision from the development branch.
>
> @@ -78,7 +117,12 @@ Based on the above policy, the following
> - Applying back-ports that require trivial changes to enable the back-port
> to apply.
>
> -Based on the above policy, the following usages would not be acceptable:
> +- Including a range of 3rd party JDBC drivers or similar libraries to
> + facilitate communication with other systems.
> +
> +
> +Based on the above policy, the following usages would not be acceptable
> +unless project specific requirements allow it:
>
> - Including fixes or features back-ported from an individual committer's
> feature branch or any other branch that has not been accepted by the
> @@ -91,6 +135,12 @@ Based on the above policy, the following
> - Applying back-ports that require non-trivial changes to enable the
> back-port to apply.
>
> +- Silently fixing a discovered security issue without informing the PMC of
> + the issue.
> +
> +- Replacing the default persistence layer of a database with a 3rd party
> + persistence library.
> +
>
> # Project Specific Requirements # {#projects}
>
> @@ -101,7 +151,7 @@ The following projects are known to use
>
> - Apache Subversion
>
> -Distributors SHOULD check with the relevant project for the any project
> specific
> +Distributors MUST check with the relevant project for the any project
> specific
> policy before distributing a modified version of an Apache software
> project under
> the standard Apache product name.
>
> @@ -114,13 +164,13 @@ and our [site map of Trademark resources
> # Important Note # {#notes}
>
> **Nothing in this ASF policy statement shall be interpreted to allow any
> -third party to claim any association with the Apache Software Foundation
> or
> +third party to claim any association with The Apache Software Foundation
> or
> any of its projects or to imply any approval or support by ASF for any
> third party products, services, or events.**
>
> # Policy Version # {#version}
>
> -This is version 0.1 of this draft Apache policy document, published in
> April 2019.
> +This is version 0.2 of this draft Apache policy document, published in
> January 2020.
>
> Material changes will be marked with a new version number.
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>