Gentlemen from Maryland wrote:
> ... adding a new module
> ... the following aspects:
In the final analysis the decision is made using the
PMC's procedures, i.e. public debate and rarely
semi-procedural voting.
These aspects inform that debate, along with others
and few of them manage to be absolute requirements
or even manage to inflict a veto.
> 1. Popular and well used already ...
> 2. It provides a core, functional *need* to Apache ...
> 3. It has no outside dependencies ...
> 4. It is small and well written ...
> 5. Has no copyright, patent or licensing issues ...
6. Some PMC members are enthusiastic about it.
- 1, 2, 4 is often a proxy for this but we certainly
do occationally pile on function for just this reason
7. We are extremely confident that it's secure.
- Many modules we have added generate security holes
foward, a pattern we labor to avoid repeating.
Thus it's approprate to always enquire: "Who audited
this?"
8. It doesn't frighten too many PMC members too badly.
- We do put modules in inspite of the worries of
PMC members, fear is not an excuse for piling in
functionality. But I doubt we would put anything
in that was creating too much of a panic attack.
9. Support
- We have usualy required that there be an active
maintainer, and from time to time we have even
prefered that the maintainer be in the PMC.
10. Standard
- We try hard to not add non-standard behavior,
or behavior that extends the standard in ways
that serve non-open interests.
To repeat all these inform the debate, they are a list
of things to think about, but we don't have and don't
want some objective scoring scheme for these; the
public debate process while tedious is good - particularly
when we all remain gentlemenly.
- ben
