On 25 July 2013 22:34, Nigel Magnay <nigel.mag...@gmail.com> wrote: > > > > > > Should the PMC encourage people experimenting on new improvements to > Maven > > to do that work at the ASF? And if so, should they then practice what > they > > preach, and ensure that any experiments with Maven take place on the ASF > > SCM servers (at least once such experiments become semi-serious or > progress > > enough not to cause egg-on-face syndrome)? > > > > > That feels to me like swimming entirely against the tide, and a recipe for > irrelevance. > > Who, in 2013, *cares* about Apache's SCM? OSS, for just about everyone I > speak to these days runs thus: > > 1) Is it on Github? > 2) If no, fork onto GIthub. > > ASF might indeed value "community over code", but that doesn't seem to be a > winning strategy any longer, and those changes seem to be trying to > double-down on that strategy. >
There is nothing preventing the project from being mirrored onto GitHub, and in fact the Maven project is mirrored there. We *legally* need to have the code end up back at ASF if we are to release it under the legal protections that the ASF provides. We *legally* are supposed to review aspects of the provenance of the code that gets released. The more code development that takes place on non ASF servers, the less we can be sure of. By having commits and forks at ASF, then each non-ASF set of commits will be smaller and more likely from a single author which means less work for reviewing. Code dumps from a long running fork are thus incompatible with releasing from the ASF If you are a YOLO developer, perhaps you don't care about the legal stuff... your prerogative... I think it is a mistake though. > > Perhaps Maven should extricate itself from the ASF. Maybe that's what long > standing forks will do. > Perhaps. Perhaps not. This is a different question... and one that also begs an answer to a different question: what value do users of Maven place on the legal protections that being released from the ASF provide. There is also the question of whether the developers value the legal protections. But at the end of they day there seems to be quite a large cohort of OSS developers who take a YOLO attitude towards legal stuff[1]... who knows what experiences they will encounter in the next few years and whether they will change their opinions in the light of their experiences and whether they will then see relevance in the ASF. [1]: There are lots of projects on GitHub that don't even bother to have a license