incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <willem.ji...@gmail.com>
Subject Re: How to review so-called "binary releases"?
Date Thu, 08 Nov 2018 01:10:18 GMT
If the binary release is not the official releases, we need to let
people know about it. Adding the DISCLAIMER could help us with that.
For the other binary release such as  Maven release, Docker release
how can we introduce the DISCLAIMER for it?

Willem Jiang

Twitter: willemjiang
Weibo: 姜宁willem
On Wed, Nov 7, 2018 at 11:59 PM Jim Jagielski <jim@jagunet.com> wrote:
>
> IMO, that was (and in many cases) still IS a Good Thing... the issue is that it must
be made clear that what the ASF releases are source code artifacts. Any binary releases that
are done are not official releases of the foundation nor the PMC, but are community provided
conveniences.
>
> > On Nov 7, 2018, at 8:14 AM, Carlos Santana <csantana23@gmail.com> wrote:
> >
> > Jim
> >
> > What do you think now?
> > Was that a good or bad thing?
> >
> > TLDR; I’m in favor of convenient binaries is just the how they are handled.
> >
> > Sorry for my brevity, what I meant is that binaries should not be beside next to
the source release seating on the same server and giving the same guarantees for both type
of artifacts (source vs binary).
> >
> > Now in terms of convenience :-)
> > ASF should not block a project of making binaries available to their community for
what ever purpose they think appropriate (ie nightly, binary of a RC, binary of final RC)
> >
> > ASF should provide guidance to the projects to make sure they make their communities
aware that a source artifact is different from a binary artifact.
> > A project for example can put warnings and bold text on the location (ie directory,
readme, inside the binary, download webpage, wiki etc) where the community downloads a copy
of the binary.
> > The warning can say this is not a release of the ASF, is just a convenient binary
“download on your own risk”, we provide sha256 sum and maybe the binary is even signed,
but best practice is for you to download the source and be in control of building the binary.
> >
> >
> >
> > - Carlos Santana
> > @csantanapr
> >
> >> On Nov 7, 2018, at 7:04 AM, Jim Jagielski <jim@jaguNET.com> wrote:
> >>
> >> Just a FYI that in the early days of the ASF (and the httpd project), community
binaries were a common offering...
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: general-help@incubator.apache.org
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message