Just for the record : "Every ASF release MUST contain one or more source packages, which MUST be sufficient for a user to build and test the release provided they have access to the appropriate platform and tools."
(http://www.apache.org/legal/release-policy.html#source-packages) Le 29/09/2018 à 19:36, Lyor Goldstein a écrit : > As a side-bar, in the era of github does it make sense to mandate > publishing the sources ? After all, they are publicly available to whoever > wants to clone the repository and build the project. Perhaps Apache should > reconsider the policy and allow projects that have a public (!) git hub > repository avoid the need to publish the sources.... It's more than just a policy: it's a legal safety net. It already happened that The ASF was asked to prove that some source was pristine, which is only possible if you keep a track of all the commits since the very beginning. Also Github is own by a private company, we should not depend on them, they can easily shutdown their service, or stopping offering it for free. Or simply have an issue and lose the data. -- Emmanuel Lecharny Symas.com directory.apache.org
