Code size is not the only measure of significance. Without any specialty knowledge of the domain, I would consider this security fix probably significant. https://github.com/mvndaemon/mvnd/pull/391 fixing https://github.com/mvndaemon/mvnd/issues/390
However, the AL2.0 license states: > Unless You explicitly state otherwise, any Contribution intentionally > submitted for inclusion in the Work by You to the Licensor shall be under the > terms and conditions of this License, without any additional terms or > conditions. Given the project was AL2.0 licensed at the time of the contribution, submitting a PR to the repository should constitute a "Contribution intentionally submitted for inclusion in the Work" and should require no additional terms. Also see https://issues.apache.org/jira/browse/LEGAL-156?focusedCommentId=13554864&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13554864 > Any contribution - in any form (patch to the mailing list, blog post, JIRA > attchment, git pull request, Bugzilla attachment, scrawled on the back of a > napkin) - may be included as long as two conditions are met: > > 1. As per section 5 of AL2 the person providing the patch does not explicitly > state that the patch provided is not licensed under ALv2 > > 2. The project's PMC is happy that the person providing the contribution has > the necessary rights to do so. On 9/5/21, 6:46 PM, "Olivier Lamy" <ol...@apache.org> wrote: looking at this https://github.com/mvndaemon/mvnd/graphs/contributors except the 2 main contributors we can't really qualify other contributions as really significant in terms of code size :) --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org