Yes I agree. Only the canonical code can be used to produce official
maven builds and those tags are pushed back to the master. No different
really than what happens today.
On 4/24/2009 4:53 PM, John Casey wrote:
There is one very important issue with dscm:
To be in line with our goals for Maven in general - especially
reproducibility - the tag created from a release MUST be available for
others to grab and rebuild from. This means that a git push is
absolutely necessary to finish off the release process, but it also
sort of implies that these release tags need to be collected
somewhere...in a canonical repository that is controlled by the
project devs, and definitely not just a particular [subset] of the
project devs.
If at all possible, it should not be an option to do a release of
Maven to the public unless you can change the project name,
artifact/group ID, etc. This ties into use of trademarks issues (name)
and maven repository indexing (to make sure one release doesn't
conflict with another when there's no shared, recent code pedigree).
IMO, we need to make sure we will always be able to reproduce any
tagged build, and we need to remember that just because people _can_
rebase/resync their local repo clone doesn't mean they _have to_. Code
in different repo clones could diverge pretty wildly. In particular,
I'm thinking about Don Brown's maven builds, only magnified.
Just some thoughts.
-john
Brian Fox wrote:
2) On a more serious note: this is EXACTLY the issue. Jason is no
more
special than I am or anyone else on the Maven PMC. That is why
there is a
centralized storage for the repo. Anyone on the PMC (actually, any
committer) MUST have access to entire repo for the project and be
able to do
the releases or whatever. One persons copy cannot be any more
"special" than
anyone elses. We don't allow the "benevolent dictator" role around
here.
Agreed. I think it's a misconception that because some projects run
fully distributed with Git, that all must do so. I envision that
there would be an official git repo(s) that all Maven committers have
privs to push into. These repos would be the only source for official
Apache Maven releases. Everything else is just some working copy that
isn't yet official. In this way, i don't personally see what all the
hub-ub is about using dscm being imcompatible with ASF.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org
