Re: Voting on releases with serious unaddressed issues

[Ross Gardler]

Three comments, each of which I phrase as my opinion on the correct way to do 
this. Each comment is independent from the other:

1) If VP Legal or VP Infra says any of the issues are blockers then the podling 
cannot do a release

2) If IPMC members want to become contributors and help fix the problems with 
pull requests,  or mentors (meaning real mentors not just folks pointing out 
problems, then they should get started. As active members of the community 
those individuals will have the right to vote -1 on a release.

3) If the podling is unable to gather three +1s among their active community 
then they won't be able to do a release so the conversation is moot

Ross


From: Justin Mclean 
Sent: Friday, March 29, 2019 7:24 PM
To: general@incubator.apache.org
Subject: Voting on releases with serious unaddressed issues

Hi,

The  Netbeans RC is an interesting one as they:
- Have made several releases before.
- Have been given advice from the IPMC on serious issues and what to fix.
- Looks like nothing has been done to correct those issues.

Now I know we’re trying to be more lenient on releases but we still have to 
draw the line somewhere and this is not their first release. The the binary in 
source code, license issues copyright issues on the cute cat and rabbit photos 
[1] probably mean that they cannot put that release in the ASF distribution 
area even if they do get 3 +1s without legal and infra approval.

What do other IPMC members think?

Thanks,
Justin

1. Curiously this is the second time I’ve vote -1 because of a cat photo taken 
by a professional photographer has been included in a source release
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Justin Mclean]

Hi,

> 1) If VP Legal or VP Infra says any of the issues are blockers then the 
> podling cannot do a release

I guess they well need to clarify that then, but AFAIK an an ex VP legal has 
said this, and VP infra has stated this for the exact issues mentioned in this 
release.

> 2) If IPMC members want to become contributors and help fix the problems with 
> pull requests,  or mentors (meaning real mentors not just folks pointing out 
> problems, then they should get started. As active members of the community 
> those individuals will have the right to vote -1 on a release.

So are you saying that IPMC members vote are only valid for +1 votes on 
podlings they are not actively involved in and their -1 votes are invalid? The 
risk I see there is IPMC votes when needed just become just a rubber stamping 
exercise.

> 3) If the podling is unable to gather three +1s among their active community 
> then they won't be able to do a release so the conversation is moot

Well in this case here that happened (they only had one binding vote) and they 
asked the IPMC to vote on it. Some podlings, for a number of reasons, are not 
going to be able to find 3 active IPMC members in their project to vote on 
every release. (Although I'm surprised in this case given who the mentors are).

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Ross Gardler]

For 2, yes I'm saying exactly that. It's long been an expectation in apache 
that a -1 be accompanied by a willingness to help fix the problem. There are a 
few exceptions, such as releases. That's why I have #1 of something is not 
approved by legal and infra then a -1 reflects that. If the -1 is ticking boxes 
on a formal process then I don't see that as constructive, unless accompanied 
by a willingness to help.

Awareness is good. For none blocking items a +1 accompanied by a recorded issue 
about something that must be approved before graduation is the way to go if one 
does a check but didn't want to help fix things.

As for not enough votes i refer you to Roy's suggestion on board@. Essentially 
votes don't need to be from IPMC members.

Get Outlook for Android<https://aka.ms/ghei36>


From: Justin Mclean 
Sent: Friday, March 29, 2019 10:32:24 PM
To: general@incubator.apache.org
Subject: Re: Voting on releases with serious unaddressed issues

Hi,

> 1) If VP Legal or VP Infra says any of the issues are blockers then the 
> podling cannot do a release

I guess they well need to clarify that then, but AFAIK an an ex VP legal has 
said this, and VP infra has stated this for the exact issues mentioned in this 
release.

> 2) If IPMC members want to become contributors and help fix the problems with 
> pull requests,  or mentors (meaning real mentors not just folks pointing out 
> problems, then they should get started. As active members of the community 
> those individuals will have the right to vote -1 on a release.

So are you saying that IPMC members vote are only valid for +1 votes on 
podlings they are not actively involved in and their -1 votes are invalid? The 
risk I see there is IPMC votes when needed just become just a rubber stamping 
exercise.

> 3) If the podling is unable to gather three +1s among their active community 
> then they won't be able to do a release so the conversation is moot

Well in this case here that happened (they only had one binding vote) and they 
asked the IPMC to vote on it. Some podlings, for a number of reasons, are not 
going to be able to find 3 active IPMC members in their project to vote on 
every release. (Although I'm surprised in this case given who the mentors are).

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Myrle Krantz]

On Sat, Mar 30, 2019 at 9:11 AM Ross Gardler  wrote:

> As for not enough votes i refer you to Roy's suggestion on board@.
> Essentially votes don't need to be from IPMC members.
>

Hey Ross,

A.) That was a suggestion and not a statement about how the incubator
currently operates.  If you want to change the way the incubator currently
operates, please put it up for discussion.  Preferably on a public list.
B.) While the person you're replying to can see Roy's suggestion, not
everyone on this list can.  Not even all of the IPMC members can in fact.
If you want to make a suggestion to the way we work in the incubator,
please include both the suggested change AND the arguments where they can
be seen by the IPMC.  Who the idea or the arguments are originally from
isn't directly relevant to the merits of the proposal, but in general I
wouldn't appeal to Roy's authority here, since he hasn't, to my knowledge,
given permission to put his words in public.

Best Regards,
Myrle

Re: Voting on releases with serious unaddressed issues

[Ross Gardler]

Opinions were asked for. I gave mine.

I have tried to do it before and been squashed repeatedly because my opinion is 
not broadly supported. I should not have said board must as it has been brought 
here recently and did not find support.

I don't a agree that the proposal for the IPMC to be facilitators rather than 
gatekeepers is a suggestion. It's what the IPMC was set up to be. It's not what 
it is, but it's what it was intended to be (and was for quite some time).

Your are right to call me or on do it or get out, if I choose to champion or 
mentor another project here I will do it within that project. That is, as a 
mentor /champion I will ensure the project did not need the IPMC to vote and 
this this whole discussion would not be necessary, for that project.

My actions will match my recommendations.

Get Outlook for Android<https://aka.ms/ghei36>



From: Myrle Krantz
Sent: Saturday, March 30, 3:00 AM
Subject: Re: Voting on releases with serious unaddressed issues
To: general@incubator.apache.org


On Sat, Mar 30, 2019 at 9:11 AM Ross Gardler  wrote:

> As for not enough votes i refer you to Roy's suggestion on board@.
> Essentially votes don't need to be from IPMC members.
>

Hey Ross,

A.) That was a suggestion and not a statement about how the incubator
currently operates.  If you want to change the way the incubator currently
operates, please put it up for discussion.  Preferably on a public list.
B.) While the person you're replying to can see Roy's suggestion, not
everyone on this list can.  Not even all of the IPMC members can in fact.
If you want to make a suggestion to the way we work in the incubator,
please include both the suggested change AND the arguments where they can
be seen by the IPMC.  Who the idea or the arguments are originally from
isn't directly relevant to the merits of the proposal, but in general I
wouldn't appeal to Roy's authority here, since he hasn't, to my knowledge,
given permission to put his words in public.

Best Regards,
Myrle

Re: Voting on releases with serious unaddressed issues

[Wade Chandler]

On Sat, Mar 30, 2019, 13:03 Ross Gardler  wrote:

> Opinions were asked for. I gave mine.
>
> I have tried to do it before and been squashed repeatedly because my
> opinion is not broadly supported. I should not have said board must as it
> has been brought here recently and did not find support.
>

I appreciate your input on this thread very much and thanks.

Wade

Re: Voting on releases with serious unaddressed issues

[Wade Chandler]

On Fri, Mar 29, 2019, 22:34 Justin Mclean  wrote:

> Hi,
>
> The  Netbeans RC is an interesting one as they:
> - Have made several releases before.
> - Have been given advice from the IPMC on serious issues and what to fix.
> - Looks like nothing has been done to correct those issues.
>
> Now I know we’re trying to be more lenient on releases but we still have
> to draw the line somewhere and this is not their first release. The the
> binary in source code, license issues copyright issues on the cute cat and
> rabbit photos [1] probably mean that they cannot put that release in the
> ASF distribution area even if they do get 3 +1s without legal and infra
> approval.
>
> What do other IPMC members think?
>

Interestingly though there is a Jira issue related to these items of which
you speak, and there has been mentor input on them; have you covered these
with our mentors as an example? This thread seems a little (maybe quite)
premature; maybe some disconnect. This discussion actually seems more
appropriate in the NetBeans channels, and in fact please see the referenced
issues and comments in those channels including release 10 and the one this
is related to, 11, where addressing these issues has been specifically
discussed with you Justin.

Thanks

Wade

Re: Voting on releases with serious unaddressed issues

[Dave Fisher]

Hi -

Clearly NetBeans is an exceptional project. That’s clearly the case from their 
676 releases on dist.a.o. Most all of these are NBM binaries.

See https://incubator.apache.org/clutch/netbeans.html

I’d like to wait for their mentors to explain the situation so that we can 
properly *facilitate* its progress towards becoming a TLP.

> On Mar 30, 2019, at 10:02 AM, Ross Gardler  wrote:
> 
> Opinions were asked for. I gave mine.
> 
> I have tried to do it before and been squashed repeatedly because my opinion 
> is not broadly supported. I should not have said board must as it has been 
> brought here recently and did not find support.
> 
> I don't a agree that the proposal for the IPMC to be facilitators rather than 
> gatekeepers is a suggestion. It's what the IPMC was set up to be. It's not 
> what it is, but it's what it was intended to be (and was for quite some time).

What can we do to get back to that?

I’ve rebuilt the clutch process. I plan to discuss next steps in that and the 
topic will be status record keeping.

> 
> Your are right to call me or on do it or get out, if I choose to champion or 
> mentor another project here I will do it within that project. That is, as a 
> mentor /champion I will ensure the project did not need the IPMC to vote and 
> this this whole discussion would not be necessary, for that project.
> 
> My actions will match my recommendations.
> 
> Get Outlook for Android<https://aka.ms/ghei36>
> 
> 
> 
> From: Myrle Krantz
> Sent: Saturday, March 30, 3:00 AM
> Subject: Re: Voting on releases with serious unaddressed issues
> To: general@incubator.apache.org
> 
> 
>> On Sat, Mar 30, 2019 at 9:11 AM Ross Gardler  wrote:
>> 
>> As for not enough votes i refer you to Roy's suggestion on board@.
>> Essentially votes don't need to be from IPMC members.
>> 
> 
> Hey Ross,
> 
> A.) That was a suggestion and not a statement about how the incubator
> currently operates.  If you want to change the way the incubator currently
> operates, please put it up for discussion.  Preferably on a public list.
> B.) While the person you're replying to can see Roy's suggestion, not
> everyone on this list can.  Not even all of the IPMC members can in fact.
> If you want to make a suggestion to the way we work in the incubator,
> please include both the suggested change AND the arguments where they can
> be seen by the IPMC.  Who the idea or the arguments are originally from
> isn't directly relevant to the merits of the proposal, but in general I
> wouldn't appeal to Roy's authority here, since he hasn't, to my knowledge,
> given permission to put his words in public.

I thought Roy did, but my recollection could be wrong.

Way!

Regards,
Dave

> 
> Best Regards,
> Myrle
> 
> 


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Geertjan Wielenga]

On Sat, Mar 30, 2019 at 6:26 PM Wade Chandler 
wrote:

> On Fri, Mar 29, 2019, 22:34 Justin Mclean 
> wrote:
>
> > Hi,
> >
> > The  Netbeans RC is an interesting one as they:
> > - Have made several releases before.
> > - Have been given advice from the IPMC on serious issues and what to fix.
> > - Looks like nothing has been done to correct those issues.
> >
> > Now I know we’re trying to be more lenient on releases but we still have
> > to draw the line somewhere and this is not their first release. The the
> > binary in source code, license issues copyright issues on the cute cat
> and
> > rabbit photos [1] probably mean that they cannot put that release in the
> > ASF distribution area even if they do get 3 +1s without legal and infra
> > approval.
> >
> > What do other IPMC members think?
> >
>
> Interestingly though there is a Jira issue related to these items of which
> you speak, and there has been mentor input on them; have you covered these
> with our mentors as an example?



+1. Indeed, this "looks like nothing has been done to correct these issues"
is false, insulting, and misleading.

I believe I need to explicitly need to say these things since Justin so
explicitly calls out the NetBeans RC here.

I could equally well say a couple of other things, but won't, since I
respect Justin and we're all striving for the same goals and this kind of
tone isn't what I want to be involved with.

Gj




> This thread seems a little (maybe quite)
> premature; maybe some disconnect. This discussion actually seems more
> appropriate in the NetBeans channels, and in fact please see the referenced
> issues and comments in those channels including release 10 and the one this
> is related to, 11, where addressing these issues has been specifically
> discussed with you Justin.
>
> Thanks
>
> Wade
>

Re: Voting on releases with serious unaddressed issues

[David Jencks]

Personally, I’d appreciate it if everyone involved in this discussion decided 
that all parties are equally correct and expanded the scope of what they were 
paying attention to so as to dissolve any apparent contradictions.

All i know about this situation I’ve learned from this thread, but, for example…
Justin reviewed this release candidate and found a lot of files that appear to 
not adhere to normal apache standards for license headers.  Apparently this has 
been discussed extensively in the past, including with Justin, but for this 
review apparently he wasn’t appreciating that context.
Project members think these files are just fine for various reasons, apparently 
documented in Jira and the mailing lists.
If I put myself in Justin’s place, I think, perhaps,…. I’d like to review this 
release candidate, perhaps as an introduction to getting more involved in the 
project…. hmmm this is odd, this appears to violate what I expect for what 
appears to be source code even it’s for tests…. what’s going on?
If I put myself in a long-time project member’s place, I think,…. we’ve dealt 
with all these licensing issues, it’s right there in lira, let’s try a relasse….
From my own point of view, I think it would be nice to be able to review a 
release candidate without being a long-term project member with extensive 
historical knowledge. Perhaps a review guide pointing out deviations from what 
most people expect from apache projects and why they are fine would help.

Thanks
David Jencks

> On Mar 30, 2019, at 10:42 AM, Geertjan Wielenga 
>  wrote:
> 
> On Sat, Mar 30, 2019 at 6:26 PM Wade Chandler  >
> wrote:
> 
>> On Fri, Mar 29, 2019, 22:34 Justin Mclean 
>> wrote:
>> 
>>> Hi,
>>> 
>>> The  Netbeans RC is an interesting one as they:
>>> - Have made several releases before.
>>> - Have been given advice from the IPMC on serious issues and what to fix.
>>> - Looks like nothing has been done to correct those issues.
>>> 
>>> Now I know we’re trying to be more lenient on releases but we still have
>>> to draw the line somewhere and this is not their first release. The the
>>> binary in source code, license issues copyright issues on the cute cat
>> and
>>> rabbit photos [1] probably mean that they cannot put that release in the
>>> ASF distribution area even if they do get 3 +1s without legal and infra
>>> approval.
>>> 
>>> What do other IPMC members think?
>>> 
>> 
>> Interestingly though there is a Jira issue related to these items of which
>> you speak, and there has been mentor input on them; have you covered these
>> with our mentors as an example?
> 
> 
> 
> +1. Indeed, this "looks like nothing has been done to correct these issues"
> is false, insulting, and misleading.
> 
> I believe I need to explicitly need to say these things since Justin so
> explicitly calls out the NetBeans RC here.
> 
> I could equally well say a couple of other things, but won't, since I
> respect Justin and we're all striving for the same goals and this kind of
> tone isn't what I want to be involved with.
> 
> Gj
> 
> 
> 
> 
>> This thread seems a little (maybe quite)
>> premature; maybe some disconnect. This discussion actually seems more
>> appropriate in the NetBeans channels, and in fact please see the referenced
>> issues and comments in those channels including release 10 and the one this
>> is related to, 11, where addressing these issues has been specifically
>> discussed with you Justin.
>> 
>> Thanks
>> 
>> Wade

Re: Voting on releases with serious unaddressed issues

[Geertjan Wielenga]

+1 Thanks for these sensible words and probably what comes closest to what
you're looking for is the Rat exclusions file, i.e., these are the
deviations in terms of licensing in relation to what most people expect
from Apache projects and why things are fine despite that:

https://github.com/apache/incubator-netbeans/blob/master/nbbuild/rat-exclusions.txt

If more or clearer descriptions are needed to the above, let us know, we're
very happy to add any and all info needed.

Gj


On Sat, Mar 30, 2019 at 7:44 PM David Jencks 
wrote:

> Personally, I’d appreciate it if everyone involved in this discussion
> decided that all parties are equally correct and expanded the scope of what
> they were paying attention to so as to dissolve any apparent contradictions.
>
> All i know about this situation I’ve learned from this thread, but, for
> example…
> Justin reviewed this release candidate and found a lot of files that
> appear to not adhere to normal apache standards for license headers.
> Apparently this has been discussed extensively in the past, including with
> Justin, but for this review apparently he wasn’t appreciating that context.
> Project members think these files are just fine for various reasons,
> apparently documented in Jira and the mailing lists.
> If I put myself in Justin’s place, I think, perhaps,…. I’d like to review
> this release candidate, perhaps as an introduction to getting more involved
> in the project…. hmmm this is odd, this appears to violate what I expect
> for what appears to be source code even it’s for tests…. what’s going on?
> If I put myself in a long-time project member’s place, I think,…. we’ve
> dealt with all these licensing issues, it’s right there in lira, let’s try
> a relasse….
> From my own point of view, I think it would be nice to be able to review a
> release candidate without being a long-term project member with extensive
> historical knowledge. Perhaps a review guide pointing out deviations from
> what most people expect from apache projects and why they are fine would
> help.
>
> Thanks
> David Jencks
>
> > On Mar 30, 2019, at 10:42 AM, Geertjan Wielenga
>  wrote:
> >
> > On Sat, Mar 30, 2019 at 6:26 PM Wade Chandler  >
> > wrote:
> >
> >> On Fri, Mar 29, 2019, 22:34 Justin Mclean 
> >> wrote:
> >>
> >>> Hi,
> >>>
> >>> The  Netbeans RC is an interesting one as they:
> >>> - Have made several releases before.
> >>> - Have been given advice from the IPMC on serious issues and what to
> fix.
> >>> - Looks like nothing has been done to correct those issues.
> >>>
> >>> Now I know we’re trying to be more lenient on releases but we still
> have
> >>> to draw the line somewhere and this is not their first release. The the
> >>> binary in source code, license issues copyright issues on the cute cat
> >> and
> >>> rabbit photos [1] probably mean that they cannot put that release in
> the
> >>> ASF distribution area even if they do get 3 +1s without legal and infra
> >>> approval.
> >>>
> >>> What do other IPMC members think?
> >>>
> >>
> >> Interestingly though there is a Jira issue related to these items of
> which
> >> you speak, and there has been mentor input on them; have you covered
> these
> >> with our mentors as an example?
> >
> >
> >
> > +1. Indeed, this "looks like nothing has been done to correct these
> issues"
> > is false, insulting, and misleading.
> >
> > I believe I need to explicitly need to say these things since Justin so
> > explicitly calls out the NetBeans RC here.
> >
> > I could equally well say a couple of other things, but won't, since I
> > respect Justin and we're all striving for the same goals and this kind of
> > tone isn't what I want to be involved with.
> >
> > Gj
> >
> >
> >
> >
> >> This thread seems a little (maybe quite)
> >> premature; maybe some disconnect. This discussion actually seems more
> >> appropriate in the NetBeans channels, and in fact please see the
> referenced
> >> issues and comments in those channels including release 10 and the one
> this
> >> is related to, 11, where addressing these issues has been specifically
> >> discussed with you Justin.
> >>
> >> Thanks
> >>
> >> Wade
>
>

Re: Voting on releases with serious unaddressed issues

[Dave Fisher]

Hi -

> On Mar 30, 2019, at 12:01 PM, Geertjan Wielenga 
>  wrote:
> 
> +1 Thanks for these sensible words and probably what comes closest to what
> you're looking for is the Rat exclusions file, i.e., these are the
> deviations in terms of licensing in relation to what most people expect
> from Apache projects and why things are fine despite that:
> 
> https://github.com/apache/incubator-netbeans/blob/master/nbbuild/rat-exclusions.txt

I was just writing about that:

Well - it is certainly possible to investigate history of the rat exclude file 
(or any other).

https://github.com/apache/incubator-netbeans/commits/master/nbbuild/rat-exclusions.txt

From there one can follow on to JIRA issues, etc. Choices were made. There is a 
lot to unpack and none of it looks thoughtless.

So, if one is going to take the excursion then you have to go all the way!

BTW - All four of your mentors: Ate Douma (ate), Bertrand Delacretaz 
(bdelacretaz), Daniel Gruno (humbedooh), Mark Struberg (struberg) are 
experienced and well respected.

Regards,
Dave

> 
> If more or clearer descriptions are needed to the above, let us know, we're
> very happy to add any and all info needed.
> 
> Gj
> 
> 
> On Sat, Mar 30, 2019 at 7:44 PM David Jencks 
> wrote:
> 
>> Personally, I’d appreciate it if everyone involved in this discussion
>> decided that all parties are equally correct and expanded the scope of what
>> they were paying attention to so as to dissolve any apparent contradictions.
>> 
>> All i know about this situation I’ve learned from this thread, but, for
>> example…
>> Justin reviewed this release candidate and found a lot of files that
>> appear to not adhere to normal apache standards for license headers.
>> Apparently this has been discussed extensively in the past, including with
>> Justin, but for this review apparently he wasn’t appreciating that context.
>> Project members think these files are just fine for various reasons,
>> apparently documented in Jira and the mailing lists.
>> If I put myself in Justin’s place, I think, perhaps,…. I’d like to review
>> this release candidate, perhaps as an introduction to getting more involved
>> in the project…. hmmm this is odd, this appears to violate what I expect
>> for what appears to be source code even it’s for tests…. what’s going on?
>> If I put myself in a long-time project member’s place, I think,…. we’ve
>> dealt with all these licensing issues, it’s right there in lira, let’s try
>> a relasse….
>> From my own point of view, I think it would be nice to be able to review a
>> release candidate without being a long-term project member with extensive
>> historical knowledge. Perhaps a review guide pointing out deviations from
>> what most people expect from apache projects and why they are fine would
>> help.
>> 
>> Thanks
>> David Jencks
>> 
>>> On Mar 30, 2019, at 10:42 AM, Geertjan Wielenga
>>  wrote:
>>> 
>>> On Sat, Mar 30, 2019 at 6:26 PM Wade Chandler > >
>>> wrote:
>>> 
 On Fri, Mar 29, 2019, 22:34 Justin Mclean 
 wrote:
 
> Hi,
> 
> The  Netbeans RC is an interesting one as they:
> - Have made several releases before.
> - Have been given advice from the IPMC on serious issues and what to
>> fix.
> - Looks like nothing has been done to correct those issues.
> 
> Now I know we’re trying to be more lenient on releases but we still
>> have
> to draw the line somewhere and this is not their first release. The the
> binary in source code, license issues copyright issues on the cute cat
 and
> rabbit photos [1] probably mean that they cannot put that release in
>> the
> ASF distribution area even if they do get 3 +1s without legal and infra
> approval.
> 
> What do other IPMC members think?
> 
 
 Interestingly though there is a Jira issue related to these items of
>> which
 you speak, and there has been mentor input on them; have you covered
>> these
 with our mentors as an example?
>>> 
>>> 
>>> 
>>> +1. Indeed, this "looks like nothing has been done to correct these
>> issues"
>>> is false, insulting, and misleading.
>>> 
>>> I believe I need to explicitly need to say these things since Justin so
>>> explicitly calls out the NetBeans RC here.
>>> 
>>> I could equally well say a couple of other things, but won't, since I
>>> respect Justin and we're all striving for the same goals and this kind of
>>> tone isn't what I want to be involved with.
>>> 
>>> Gj
>>> 
>>> 
>>> 
>>> 
 This thread seems a little (maybe quite)
 premature; maybe some disconnect. This discussion actually seems more
 appropriate in the NetBeans channels, and in fact please see the
>> referenced
 issues and comments in those channels including release 10 and the one
>> this
 is related to, 11, where addressing these issues has been specifically
 discussed with you Justin.
 
 Thanks
 
 Wade
>> 
>> 


--

Re: Voting on releases with serious unaddressed issues

[Justin Mclean]

Hi,

> +1. Indeed, this "looks like nothing has been done to correct these issues"
> is false, insulting, and misleading.

I'm sorry about that, I looked at the release and saw no changes from the last 
review and wrongly assumed that previous feedback had not been discussed. I 
should have looked deeper or asked some more questions before voting.

I still have some concerns re the binary files, but if your mentors are fine 
with it then that’s OK by me, and the copyright issue is going to be addressed 
by removing the files in question so that good.

However, there’s still one major licensing issue that was brought in both 
releases that I cannot find any discussion on. That is you seem to be in 
violation of several licenses conditions by not including the full license 
text. 

The other less serious issue is missing stuff from the LICENSE file, I’ve not 
done an exhaustive check but a simple spot check showed the release to included 
BSD licensed files that were not mentioned din LICENSE. They are probably more 
files like this.

Thanks,
Justin

Re: Voting on releases with serious unaddressed issues

[Justin Mclean]

Hi,

> Your are right to call me or on do it or get out, if I choose to champion or 
> mentor another project here I will do it within that project. That is, as a 
> mentor /champion I will ensure the project did not need the IPMC to vote and 
> this this whole discussion would not be necessary, for that project.


The only way you could do that I believe is go straight to TLP, as currently 
binding votes on releases need to come from IPMC members. I believe, (but could 
be mistaken), that it would require the board to change this.

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Craig Russell]

Hi Justin,

> On Mar 29, 2019, at 7:24 PM, Justin Mclean  wrote:
> 
> Hi,
> 
> The  Netbeans RC is an interesting one as they:
> - Have made several releases before.
> - Have been given advice from the IPMC on serious issues and what to fix.
> - Looks like nothing has been done to correct those issues.

I think this in incorrect. There is only one issue that I know of that seems to 
have been closed before being resolved 
https://issues.apache.org/jira/browse/NETBEANS-1820
While this issue is only three months old, it should not have been closed.
> 
> Now I know we’re trying to be more lenient on releases but we still have to 
> draw the line somewhere and this is not their first release. The the binary 
> in source code,

The binaries have been discussed in detail and from my read of their analysis, 
there is good reason to include them.

> license issues

The license issues have been discussed in detail and from my read, there is 
good reason to include them.

> copyright issues on the cute cat and rabbit photos [1] probably mean that 
> they cannot put that release in the ASF distribution area even if they do get 
> 3 +1s without legal and infra approval.

We have to look at risk here. Is there a risk that the owner of the images is 
going to make trouble? 
> 
> What do other IPMC members think?

I think that if others want to dig into the details, I would encourage them to 
do so. But at this point, I do not believe that the issues you raised warrant a 
-1 on the release.

Craig

> 
> Thanks,
> Justin
> 
> 1. Curiously this is the second time I’ve vote -1 because of a cat photo 
> taken by a professional photographer has been included in a source release
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
> 

Craig L Russell
Secretary, Apache Software Foundation
c...@apache.org  http://db.apache.org/jdo 

Re: Voting on releases with serious unaddressed issues

[Justin Mclean]

Hi,

>> copyright issues on the cute cat and rabbit photos [1] probably mean that 
>> they cannot put that release in the ASF distribution area even if they do 
>> get 3 +1s without legal and infra approval.
> 
> We have to look at risk here. Is there a risk that the owner of the images is 
> going to make trouble? 

Professional photographers are generally protective of their work given it how 
they make a living.

> I think that if others want to dig into the details, I would encourage them 
> to do so. But at this point, I do not believe that the issues you raised 
> warrant a -1 on the release.

There are still some issues to be revolved here still (missing license 
information in LICENSE and missing license text) but yes it was my mistake to 
vote -1 on that release.

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Craig Russell]

Hi Justin,

> On Mar 30, 2019, at 2:06 PM, Justin Mclean  wrote:
> 
> Hi,
> 
>>> copyright issues on the cute cat and rabbit photos [1] probably mean that 
>>> they cannot put that release in the ASF distribution area even if they do 
>>> get 3 +1s without legal and infra approval.
>> 
>> We have to look at risk here. Is there a risk that the owner of the images 
>> is going to make trouble? 
> 
> Professional photographers are generally protective of their work given it 
> how they make a living.

Absolutely. But professional photographers more likely object to use of their 
work in commercial settings. 

What I suggested in my comment on the JIRA is that this issue must be resolved, 
by either getting permission from the owner (perhaps Oracle did this already?) 
or by removing the file from the release.

Craig
> 
>> I think that if others want to dig into the details, I would encourage them 
>> to do so. But at this point, I do not believe that the issues you raised 
>> warrant a -1 on the release.
> 
> There are still some issues to be revolved here still (missing license 
> information in LICENSE and missing license text) but yes it was my mistake to 
> vote -1 on that release.
> 
> Thanks,
> Justin
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
> 

Craig L Russell
Secretary, Apache Software Foundation
c...@apache.org  http://db.apache.org/jdo 

Re: Voting on releases with serious unaddressed issues

[Ted Dunning]

On Sat, Mar 30, 2019 at 1:57 PM Craig Russell  wrote:

> 
> > copyright issues on the cute cat and rabbit photos [1] probably mean
> that they cannot put that release in the ASF distribution area even if they
> do get 3 +1s without legal and infra approval.
>
> We have to look at risk here. Is there a risk that the owner of the images
> is going to make trouble?
>

I am kind of stunned to hear this.

The web site where the images came from says:

We have an extensive commercial picture library of professional Nature and
> Pet photographs. Our images are sold on a rights managed basis and can be
> bought for specific and exclusive uses. All the images on this website are
> ©Warren Photographic and watermarked with our logo.

(see https://www.warrenphotographic.co.uk/about.php)

This sounds a lot like serious photographers trying to make a living.
Anybody who goes to the trouble of watermarking their images is pretty
serious about their work and about people stealing that work.

But aside from that, quite frankly, Apache is not in the business of
judging whether somebody is powerful enough or aware enough or rich enough
or even just cantankerous enough to make trouble for us about copyright
infringement. We don't even do adversarial forks of open source material
where the license says that it is perfectly fine to do.

So how can anybody imagine that it is OK to steal some images from people
who do not grant the rights to use just because they aren't likely to "make
trouble"?



> >
> > What do other IPMC members think?
>
> I think that if others want to dig into the details, I would encourage
> them to do so. But at this point, I do not believe that the issues you
> raised warrant a -1 on the release.


The issue of the photos has been previously raised. The suggested solution
was to delete the photos.

It should be done.

Re: Voting on releases with serious unaddressed issues

[Craig Russell]

Hi Ted,

> On Mar 30, 2019, at 2:22 PM, Ted Dunning  wrote:
> 
> On Sat, Mar 30, 2019 at 1:57 PM Craig Russell  wrote:
> 
>> 
>>> copyright issues on the cute cat and rabbit photos [1] probably mean
>> that they cannot put that release in the ASF distribution area even if they
>> do get 3 +1s without legal and infra approval.
>> 
>> We have to look at risk here. Is there a risk that the owner of the images
>> is going to make trouble?
>> 
> 
> I am kind of stunned to hear this.

> 
> The web site where the images came from says:
> 
> We have an extensive commercial picture library of professional Nature and
>> Pet photographs. Our images are sold on a rights managed basis and can be
>> bought for specific and exclusive uses. All the images on this website are
>> ©Warren Photographic and watermarked with our logo.
> 
> (see https://www.warrenphotographic.co.uk/about.php)
> 
> This sounds a lot like serious photographers trying to make a living.
> Anybody who goes to the trouble of watermarking their images is pretty
> serious about their work and about people stealing that work.
> 
> But aside from that, quite frankly, Apache is not in the business of
> judging whether somebody is powerful enough or aware enough or rich enough
> or even just cantankerous enough to make trouble for us about copyright
> infringement.

This is way over the top. Please don't go there.

> We don't even do adversarial forks of open source material
> where the license says that it is perfectly fine to do.
> 
> So how can anybody imagine that it is OK to steal some images from people
> who do not grant the rights to use just because they aren't likely to "make
> trouble"?
> 

I am not arguing that the image issue does not need to be resolved. Just the 
opposite.

Perhaps I should have elaborated: Is there a risk that during the next few 
weeks that it will take us to either get permission or remove the image that 
the owner is going to make trouble?

Craig
> 
> 
>>> 
>>> What do other IPMC members think?
>> 
>> I think that if others want to dig into the details, I would encourage
>> them to do so. But at this point, I do not believe that the issues you
>> raised warrant a -1 on the release.
> 
> 
> The issue of the photos has been previously raised. The suggested solution
> was to delete the photos.
> 
> It should be done.

Craig L Russell
Secretary, Apache Software Foundation
c...@apache.org  http://db.apache.org/jdo 

Re: Voting on releases with serious unaddressed issues

[Davor Bonaci]

The issue at hand is simply called theft, and everyone (both inside and
outside the community) is most welcome to point it out and ask for it to be
fixed. We thank those individuals who point it out, whether in IPMC or
otherwise, and look for ways to address it as soon as possible.

Fixing this issue is in the best interest of the foundation, the project,
the community, the release manager, the copyright owner... everyone. We
don't push back on this. We don't look for reasons why the individual has
no standing in pointing it out. We don't find excuses. (If we do and/or
continue as nothing happened, we'd just make a case that the theft was
willful and action negligent -- we do not do that.)

So... to be direct -- just fix the damn problem, thank Justin for pointing
it out, and stop arguing.

You may find that fixing the problem requires no code changes. If you'd
just politely email the copyright owner, explain the situation, that ASF is
a charity, offer to promote the photographer in legal notices, you may find
that a reasonable person will just grant you the permission you need and
thank you for helping promote his work. This is particularly true if you
ask for a few photos, out of the photographer's huge collection. It is
often as simple as that. (Try that instead of arguing here, but make sure
to phrase things properly so that everyone understands all implications of
licensing downstream and upstream.)

On Sat, Mar 30, 2019 at 2:31 PM Craig Russell  wrote:

> Hi Ted,
>
> > On Mar 30, 2019, at 2:22 PM, Ted Dunning  wrote:
> >
> > On Sat, Mar 30, 2019 at 1:57 PM Craig Russell 
> wrote:
> >
> >> 
> >>> copyright issues on the cute cat and rabbit photos [1] probably mean
> >> that they cannot put that release in the ASF distribution area even if
> they
> >> do get 3 +1s without legal and infra approval.
> >>
> >> We have to look at risk here. Is there a risk that the owner of the
> images
> >> is going to make trouble?
> >>
> >
> > I am kind of stunned to hear this.
>
> >
> > The web site where the images came from says:
> >
> > We have an extensive commercial picture library of professional Nature
> and
> >> Pet photographs. Our images are sold on a rights managed basis and can
> be
> >> bought for specific and exclusive uses. All the images on this website
> are
> >> ©Warren Photographic and watermarked with our logo.
> >
> > (see https://www.warrenphotographic.co.uk/about.php)
> >
> > This sounds a lot like serious photographers trying to make a living.
> > Anybody who goes to the trouble of watermarking their images is pretty
> > serious about their work and about people stealing that work.
> >
> > But aside from that, quite frankly, Apache is not in the business of
> > judging whether somebody is powerful enough or aware enough or rich
> enough
> > or even just cantankerous enough to make trouble for us about copyright
> > infringement.
>
> This is way over the top. Please don't go there.
>
> > We don't even do adversarial forks of open source material
> > where the license says that it is perfectly fine to do.
> >
> > So how can anybody imagine that it is OK to steal some images from people
> > who do not grant the rights to use just because they aren't likely to
> "make
> > trouble"?
> >
>
> I am not arguing that the image issue does not need to be resolved. Just
> the opposite.
>
> Perhaps I should have elaborated: Is there a risk that during the next few
> weeks that it will take us to either get permission or remove the image
> that the owner is going to make trouble?
>
> Craig
> >
> >
> >>>
> >>> What do other IPMC members think?
> >>
> >> I think that if others want to dig into the details, I would encourage
> >> them to do so. But at this point, I do not believe that the issues you
> >> raised warrant a -1 on the release.
> >
> >
> > The issue of the photos has been previously raised. The suggested
> solution
> > was to delete the photos.
> >
> > It should be done.
>
> Craig L Russell
> Secretary, Apache Software Foundation
> c...@apache.org  http://db.apache.org/jdo <
> http://db.apache.org/jdo>
>

Re: Voting on releases with serious unaddressed issues

[Adrian Cole]

I agree please email the author of the cat photo or find another cat.
This topic is boring and probably there are actual important things we
are defocused from when focusing so massively on this photo.

On Sun, Mar 31, 2019 at 10:51 AM Davor Bonaci  wrote:
>
> The issue at hand is simply called theft, and everyone (both inside and
> outside the community) is most welcome to point it out and ask for it to be
> fixed. We thank those individuals who point it out, whether in IPMC or
> otherwise, and look for ways to address it as soon as possible.
>
> Fixing this issue is in the best interest of the foundation, the project,
> the community, the release manager, the copyright owner... everyone. We
> don't push back on this. We don't look for reasons why the individual has
> no standing in pointing it out. We don't find excuses. (If we do and/or
> continue as nothing happened, we'd just make a case that the theft was
> willful and action negligent -- we do not do that.)
>
> So... to be direct -- just fix the damn problem, thank Justin for pointing
> it out, and stop arguing.
>
> You may find that fixing the problem requires no code changes. If you'd
> just politely email the copyright owner, explain the situation, that ASF is
> a charity, offer to promote the photographer in legal notices, you may find
> that a reasonable person will just grant you the permission you need and
> thank you for helping promote his work. This is particularly true if you
> ask for a few photos, out of the photographer's huge collection. It is
> often as simple as that. (Try that instead of arguing here, but make sure
> to phrase things properly so that everyone understands all implications of
> licensing downstream and upstream.)
>
> On Sat, Mar 30, 2019 at 2:31 PM Craig Russell  wrote:
>
> > Hi Ted,
> >
> > > On Mar 30, 2019, at 2:22 PM, Ted Dunning  wrote:
> > >
> > > On Sat, Mar 30, 2019 at 1:57 PM Craig Russell 
> > wrote:
> > >
> > >> 
> > >>> copyright issues on the cute cat and rabbit photos [1] probably mean
> > >> that they cannot put that release in the ASF distribution area even if
> > they
> > >> do get 3 +1s without legal and infra approval.
> > >>
> > >> We have to look at risk here. Is there a risk that the owner of the
> > images
> > >> is going to make trouble?
> > >>
> > >
> > > I am kind of stunned to hear this.
> >
> > >
> > > The web site where the images came from says:
> > >
> > > We have an extensive commercial picture library of professional Nature
> > and
> > >> Pet photographs. Our images are sold on a rights managed basis and can
> > be
> > >> bought for specific and exclusive uses. All the images on this website
> > are
> > >> ©Warren Photographic and watermarked with our logo.
> > >
> > > (see https://www.warrenphotographic.co.uk/about.php)
> > >
> > > This sounds a lot like serious photographers trying to make a living.
> > > Anybody who goes to the trouble of watermarking their images is pretty
> > > serious about their work and about people stealing that work.
> > >
> > > But aside from that, quite frankly, Apache is not in the business of
> > > judging whether somebody is powerful enough or aware enough or rich
> > enough
> > > or even just cantankerous enough to make trouble for us about copyright
> > > infringement.
> >
> > This is way over the top. Please don't go there.
> >
> > > We don't even do adversarial forks of open source material
> > > where the license says that it is perfectly fine to do.
> > >
> > > So how can anybody imagine that it is OK to steal some images from people
> > > who do not grant the rights to use just because they aren't likely to
> > "make
> > > trouble"?
> > >
> >
> > I am not arguing that the image issue does not need to be resolved. Just
> > the opposite.
> >
> > Perhaps I should have elaborated: Is there a risk that during the next few
> > weeks that it will take us to either get permission or remove the image
> > that the owner is going to make trouble?
> >
> > Craig
> > >
> > >
> > >>>
> > >>> What do other IPMC members think?
> > >>
> > >> I think that if others want to dig into the details, I would encourage
> > >> them to do so. But at this point, I do not believe that the issues you
> > >> raised warrant a -1 on the release.
> > >
> > >
> > > The issue of the photos has been previously raised. The suggested
> > solution
> > > was to delete the photos.
> > >
> > > It should be done.
> >
> > Craig L Russell
> > Secretary, Apache Software Foundation
> > c...@apache.org  http://db.apache.org/jdo <
> > http://db.apache.org/jdo>
> >

-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Adrian Cole]

It appears a jira issue was updated about the cat photo IP and what to
do about it. My 2p is park the cat thing there, give it a chance to
proceed, and let's move on.

https://issues.apache.org/jira/browse/NETBEANS-1820?focusedCommentId=16805839&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-16805839

I'm excited about netbeans becoming an apache TLP, and also interested
in learning if there are things in that process (beyond the photo
snatching) other podlings like the one I am should be careful of.

Cheers,
-A

On Sun, Mar 31, 2019 at 12:35 PM Adrian Cole  wrote:
>
> I agree please email the author of the cat photo or find another cat.
> This topic is boring and probably there are actual important things we
> are defocused from when focusing so massively on this photo.
>
> On Sun, Mar 31, 2019 at 10:51 AM Davor Bonaci  wrote:
> >
> > The issue at hand is simply called theft, and everyone (both inside and
> > outside the community) is most welcome to point it out and ask for it to be
> > fixed. We thank those individuals who point it out, whether in IPMC or
> > otherwise, and look for ways to address it as soon as possible.
> >
> > Fixing this issue is in the best interest of the foundation, the project,
> > the community, the release manager, the copyright owner... everyone. We
> > don't push back on this. We don't look for reasons why the individual has
> > no standing in pointing it out. We don't find excuses. (If we do and/or
> > continue as nothing happened, we'd just make a case that the theft was
> > willful and action negligent -- we do not do that.)
> >
> > So... to be direct -- just fix the damn problem, thank Justin for pointing
> > it out, and stop arguing.
> >
> > You may find that fixing the problem requires no code changes. If you'd
> > just politely email the copyright owner, explain the situation, that ASF is
> > a charity, offer to promote the photographer in legal notices, you may find
> > that a reasonable person will just grant you the permission you need and
> > thank you for helping promote his work. This is particularly true if you
> > ask for a few photos, out of the photographer's huge collection. It is
> > often as simple as that. (Try that instead of arguing here, but make sure
> > to phrase things properly so that everyone understands all implications of
> > licensing downstream and upstream.)
> >
> > On Sat, Mar 30, 2019 at 2:31 PM Craig Russell  wrote:
> >
> > > Hi Ted,
> > >
> > > > On Mar 30, 2019, at 2:22 PM, Ted Dunning  wrote:
> > > >
> > > > On Sat, Mar 30, 2019 at 1:57 PM Craig Russell 
> > > wrote:
> > > >
> > > >> 
> > > >>> copyright issues on the cute cat and rabbit photos [1] probably mean
> > > >> that they cannot put that release in the ASF distribution area even if
> > > they
> > > >> do get 3 +1s without legal and infra approval.
> > > >>
> > > >> We have to look at risk here. Is there a risk that the owner of the
> > > images
> > > >> is going to make trouble?
> > > >>
> > > >
> > > > I am kind of stunned to hear this.
> > >
> > > >
> > > > The web site where the images came from says:
> > > >
> > > > We have an extensive commercial picture library of professional Nature
> > > and
> > > >> Pet photographs. Our images are sold on a rights managed basis and can
> > > be
> > > >> bought for specific and exclusive uses. All the images on this website
> > > are
> > > >> ©Warren Photographic and watermarked with our logo.
> > > >
> > > > (see https://www.warrenphotographic.co.uk/about.php)
> > > >
> > > > This sounds a lot like serious photographers trying to make a living.
> > > > Anybody who goes to the trouble of watermarking their images is pretty
> > > > serious about their work and about people stealing that work.
> > > >
> > > > But aside from that, quite frankly, Apache is not in the business of
> > > > judging whether somebody is powerful enough or aware enough or rich
> > > enough
> > > > or even just cantankerous enough to make trouble for us about copyright
> > > > infringement.
> > >
> > > This is way over the top. Please don't go there.
> > >
> > > > We don't even do adversarial forks of open source material
> > > > where the license says that it is perfectly fine to do.
> > > >
> > > > So how can anybody imagine that it is OK to steal some images from 
> > > > people
> > > > who do not grant the rights to use just because they aren't likely to
> > > "make
> > > > trouble"?
> > > >
> > >
> > > I am not arguing that the image issue does not need to be resolved. Just
> > > the opposite.
> > >
> > > Perhaps I should have elaborated: Is there a risk that during the next few
> > > weeks that it will take us to either get permission or remove the image
> > > that the owner is going to make trouble?
> > >
> > > Craig
> > > >
> > > >
> > > >>>
> > > >>> What do other IPMC members think?
> > > >>
> > > >> I think that if others want to dig into the details, I would encourage
> > > >> them to do so. But at this point, I do 

Re: Voting on releases with serious unaddressed issues

[Geertjan Wielenga]

The images have been deleted. The sample containing them has been deleted.
Of the millions of lines of code in Apache NetBeans, the deleted sample is
so completely unimportant that it is impossible to express its
unimportance. There isn’t even a metaphor I can think of to illustrate
this. Thanks, let’s stop discussing this topic.

Gj

On Sun, 31 Mar 2019 at 07:49, Adrian Cole  wrote:

> It appears a jira issue was updated about the cat photo IP and what to
> do about it. My 2p is park the cat thing there, give it a chance to
> proceed, and let's move on.
>
>
> https://issues.apache.org/jira/browse/NETBEANS-1820?focusedCommentId=16805839&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-16805839
>
> I'm excited about netbeans becoming an apache TLP, and also interested
> in learning if there are things in that process (beyond the photo
> snatching) other podlings like the one I am should be careful of.
>
> Cheers,
> -A
>
> On Sun, Mar 31, 2019 at 12:35 PM Adrian Cole 
> wrote:
> >
> > I agree please email the author of the cat photo or find another cat.
> > This topic is boring and probably there are actual important things we
> > are defocused from when focusing so massively on this photo.
> >
> > On Sun, Mar 31, 2019 at 10:51 AM Davor Bonaci  wrote:
> > >
> > > The issue at hand is simply called theft, and everyone (both inside and
> > > outside the community) is most welcome to point it out and ask for it
> to be
> > > fixed. We thank those individuals who point it out, whether in IPMC or
> > > otherwise, and look for ways to address it as soon as possible.
> > >
> > > Fixing this issue is in the best interest of the foundation, the
> project,
> > > the community, the release manager, the copyright owner... everyone. We
> > > don't push back on this. We don't look for reasons why the individual
> has
> > > no standing in pointing it out. We don't find excuses. (If we do and/or
> > > continue as nothing happened, we'd just make a case that the theft was
> > > willful and action negligent -- we do not do that.)
> > >
> > > So... to be direct -- just fix the damn problem, thank Justin for
> pointing
> > > it out, and stop arguing.
> > >
> > > You may find that fixing the problem requires no code changes. If you'd
> > > just politely email the copyright owner, explain the situation, that
> ASF is
> > > a charity, offer to promote the photographer in legal notices, you may
> find
> > > that a reasonable person will just grant you the permission you need
> and
> > > thank you for helping promote his work. This is particularly true if
> you
> > > ask for a few photos, out of the photographer's huge collection. It is
> > > often as simple as that. (Try that instead of arguing here, but make
> sure
> > > to phrase things properly so that everyone understands all
> implications of
> > > licensing downstream and upstream.)
> > >
> > > On Sat, Mar 30, 2019 at 2:31 PM Craig Russell 
> wrote:
> > >
> > > > Hi Ted,
> > > >
> > > > > On Mar 30, 2019, at 2:22 PM, Ted Dunning 
> wrote:
> > > > >
> > > > > On Sat, Mar 30, 2019 at 1:57 PM Craig Russell <
> apache@gmail.com>
> > > > wrote:
> > > > >
> > > > >> 
> > > > >>> copyright issues on the cute cat and rabbit photos [1] probably
> mean
> > > > >> that they cannot put that release in the ASF distribution area
> even if
> > > > they
> > > > >> do get 3 +1s without legal and infra approval.
> > > > >>
> > > > >> We have to look at risk here. Is there a risk that the owner of
> the
> > > > images
> > > > >> is going to make trouble?
> > > > >>
> > > > >
> > > > > I am kind of stunned to hear this.
> > > >
> > > > >
> > > > > The web site where the images came from says:
> > > > >
> > > > > We have an extensive commercial picture library of professional
> Nature
> > > > and
> > > > >> Pet photographs. Our images are sold on a rights managed basis
> and can
> > > > be
> > > > >> bought for specific and exclusive uses. All the images on this
> website
> > > > are
> > > > >> ©Warren Photographic and watermarked with our logo.
> > > > >
> > > > > (see https://www.warrenphotographic.co.uk/about.php)
> > > > >
> > > > > This sounds a lot like serious photographers trying to make a
> living.
> > > > > Anybody who goes to the trouble of watermarking their images is
> pretty
> > > > > serious about their work and about people stealing that work.
> > > > >
> > > > > But aside from that, quite frankly, Apache is not in the business
> of
> > > > > judging whether somebody is powerful enough or aware enough or rich
> > > > enough
> > > > > or even just cantankerous enough to make trouble for us about
> copyright
> > > > > infringement.
> > > >
> > > > This is way over the top. Please don't go there.
> > > >
> > > > > We don't even do adversarial forks of open source material
> > > > > where the license says that it is perfectly fine to do.
> > > > >
> > > > > So how can anybody imagine that it is OK to steal some images from
> people
> > > > > who 

Re: Voting on releases with serious unaddressed issues

[Geertjan Wielenga]

On Sun, Mar 31, 2019 at 7:49 AM Adrian Cole  wrote:

>
> I'm excited about netbeans becoming an apache TLP, and also interested
> in learning if there are things in that process (beyond the photo
> snatching) other podlings like the one I am should be careful of.
>


Here it is:
https://foss-backstage.de/session/10-tips-moving-large-corporate-projects-apache

Gj



>
> Cheers,
> -A
>
> On Sun, Mar 31, 2019 at 12:35 PM Adrian Cole 
> wrote:
> >
> > I agree please email the author of the cat photo or find another cat.
> > This topic is boring and probably there are actual important things we
> > are defocused from when focusing so massively on this photo.
> >
> > On Sun, Mar 31, 2019 at 10:51 AM Davor Bonaci  wrote:
> > >
> > > The issue at hand is simply called theft, and everyone (both inside and
> > > outside the community) is most welcome to point it out and ask for it
> to be
> > > fixed. We thank those individuals who point it out, whether in IPMC or
> > > otherwise, and look for ways to address it as soon as possible.
> > >
> > > Fixing this issue is in the best interest of the foundation, the
> project,
> > > the community, the release manager, the copyright owner... everyone. We
> > > don't push back on this. We don't look for reasons why the individual
> has
> > > no standing in pointing it out. We don't find excuses. (If we do and/or
> > > continue as nothing happened, we'd just make a case that the theft was
> > > willful and action negligent -- we do not do that.)
> > >
> > > So... to be direct -- just fix the damn problem, thank Justin for
> pointing
> > > it out, and stop arguing.
> > >
> > > You may find that fixing the problem requires no code changes. If you'd
> > > just politely email the copyright owner, explain the situation, that
> ASF is
> > > a charity, offer to promote the photographer in legal notices, you may
> find
> > > that a reasonable person will just grant you the permission you need
> and
> > > thank you for helping promote his work. This is particularly true if
> you
> > > ask for a few photos, out of the photographer's huge collection. It is
> > > often as simple as that. (Try that instead of arguing here, but make
> sure
> > > to phrase things properly so that everyone understands all
> implications of
> > > licensing downstream and upstream.)
> > >
> > > On Sat, Mar 30, 2019 at 2:31 PM Craig Russell 
> wrote:
> > >
> > > > Hi Ted,
> > > >
> > > > > On Mar 30, 2019, at 2:22 PM, Ted Dunning 
> wrote:
> > > > >
> > > > > On Sat, Mar 30, 2019 at 1:57 PM Craig Russell <
> apache@gmail.com>
> > > > wrote:
> > > > >
> > > > >> 
> > > > >>> copyright issues on the cute cat and rabbit photos [1] probably
> mean
> > > > >> that they cannot put that release in the ASF distribution area
> even if
> > > > they
> > > > >> do get 3 +1s without legal and infra approval.
> > > > >>
> > > > >> We have to look at risk here. Is there a risk that the owner of
> the
> > > > images
> > > > >> is going to make trouble?
> > > > >>
> > > > >
> > > > > I am kind of stunned to hear this.
> > > >
> > > > >
> > > > > The web site where the images came from says:
> > > > >
> > > > > We have an extensive commercial picture library of professional
> Nature
> > > > and
> > > > >> Pet photographs. Our images are sold on a rights managed basis
> and can
> > > > be
> > > > >> bought for specific and exclusive uses. All the images on this
> website
> > > > are
> > > > >> ©Warren Photographic and watermarked with our logo.
> > > > >
> > > > > (see https://www.warrenphotographic.co.uk/about.php)
> > > > >
> > > > > This sounds a lot like serious photographers trying to make a
> living.
> > > > > Anybody who goes to the trouble of watermarking their images is
> pretty
> > > > > serious about their work and about people stealing that work.
> > > > >
> > > > > But aside from that, quite frankly, Apache is not in the business
> of
> > > > > judging whether somebody is powerful enough or aware enough or rich
> > > > enough
> > > > > or even just cantankerous enough to make trouble for us about
> copyright
> > > > > infringement.
> > > >
> > > > This is way over the top. Please don't go there.
> > > >
> > > > > We don't even do adversarial forks of open source material
> > > > > where the license says that it is perfectly fine to do.
> > > > >
> > > > > So how can anybody imagine that it is OK to steal some images from
> people
> > > > > who do not grant the rights to use just because they aren't likely
> to
> > > > "make
> > > > > trouble"?
> > > > >
> > > >
> > > > I am not arguing that the image issue does not need to be resolved.
> Just
> > > > the opposite.
> > > >
> > > > Perhaps I should have elaborated: Is there a risk that during the
> next few
> > > > weeks that it will take us to either get permission or remove the
> image
> > > > that the owner is going to make trouble?
> > > >
> > > > Craig
> > > > >
> > > > >
> > > > >>>
> > > > >>> What do other IPMC members think?
> > > > >>
> > > > >> I thin

Re: Voting on releases with serious unaddressed issues

[Geertjan Wielenga]

On Sun, 31 Mar 2019 at 05:51, Davor Bonaci  wrote:

> The issue at hand is simply called theft,


For the record, no. No. It was never simply called theft. These files were
part of the donation received from Oracle. We did not add these files in
any way in Apache and simply received them as part of the donation. We have
now removed them, so that this kind of stupid accusation can cease and
since we didn’t care about them at all in the first place.

Gj



and everyone (both inside and
> outside the community) is most welcome to point it out and ask for it to be
> fixed. We thank those individuals who point it out, whether in IPMC or
> otherwise, and look for ways to address it as soon as possible.
>
> Fixing this issue is in the best interest of the foundation, the project,
> the community, the release manager, the copyright owner... everyone. We
> don't push back on this. We don't look for reasons why the individual has
> no standing in pointing it out. We don't find excuses. (If we do and/or
> continue as nothing happened, we'd just make a case that the theft was
> willful and action negligent -- we do not do that.)
>
> So... to be direct -- just fix the damn problem, thank Justin for pointing
> it out, and stop arguing.
>
> You may find that fixing the problem requires no code changes. If you'd
> just politely email the copyright owner, explain the situation, that ASF is
> a charity, offer to promote the photographer in legal notices, you may find
> that a reasonable person will just grant you the permission you need and
> thank you for helping promote his work. This is particularly true if you
> ask for a few photos, out of the photographer's huge collection. It is
> often as simple as that. (Try that instead of arguing here, but make sure
> to phrase things properly so that everyone understands all implications of
> licensing downstream and upstream.)
>
> On Sat, Mar 30, 2019 at 2:31 PM Craig Russell 
> wrote:
>
> > Hi Ted,
> >
> > > On Mar 30, 2019, at 2:22 PM, Ted Dunning 
> wrote:
> > >
> > > On Sat, Mar 30, 2019 at 1:57 PM Craig Russell 
> > wrote:
> > >
> > >> 
> > >>> copyright issues on the cute cat and rabbit photos [1] probably mean
> > >> that they cannot put that release in the ASF distribution area even if
> > they
> > >> do get 3 +1s without legal and infra approval.
> > >>
> > >> We have to look at risk here. Is there a risk that the owner of the
> > images
> > >> is going to make trouble?
> > >>
> > >
> > > I am kind of stunned to hear this.
> >
> > >
> > > The web site where the images came from says:
> > >
> > > We have an extensive commercial picture library of professional Nature
> > and
> > >> Pet photographs. Our images are sold on a rights managed basis and can
> > be
> > >> bought for specific and exclusive uses. All the images on this website
> > are
> > >> ©Warren Photographic and watermarked with our logo.
> > >
> > > (see https://www.warrenphotographic.co.uk/about.php)
> > >
> > > This sounds a lot like serious photographers trying to make a living.
> > > Anybody who goes to the trouble of watermarking their images is pretty
> > > serious about their work and about people stealing that work.
> > >
> > > But aside from that, quite frankly, Apache is not in the business of
> > > judging whether somebody is powerful enough or aware enough or rich
> > enough
> > > or even just cantankerous enough to make trouble for us about copyright
> > > infringement.
> >
> > This is way over the top. Please don't go there.
> >
> > > We don't even do adversarial forks of open source material
> > > where the license says that it is perfectly fine to do.
> > >
> > > So how can anybody imagine that it is OK to steal some images from
> people
> > > who do not grant the rights to use just because they aren't likely to
> > "make
> > > trouble"?
> > >
> >
> > I am not arguing that the image issue does not need to be resolved. Just
> > the opposite.
> >
> > Perhaps I should have elaborated: Is there a risk that during the next
> few
> > weeks that it will take us to either get permission or remove the image
> > that the owner is going to make trouble?
> >
> > Craig
> > >
> > >
> > >>>
> > >>> What do other IPMC members think?
> > >>
> > >> I think that if others want to dig into the details, I would encourage
> > >> them to do so. But at this point, I do not believe that the issues you
> > >> raised warrant a -1 on the release.
> > >
> > >
> > > The issue of the photos has been previously raised. The suggested
> > solution
> > > was to delete the photos.
> > >
> > > It should be done.
> >
> > Craig L Russell
> > Secretary, Apache Software Foundation
> > c...@apache.org  http://db.apache.org/jdo <
> > http://db.apache.org/jdo>
> >
>

Re: Voting on releases with serious unaddressed issues

[Justin Mclean]

Hi,

> For the record, no. No. It was never simply called theft. These files were
> part of the donation received from Oracle. We did not add these files in
> any way in Apache and simply received them as part of the donation. We have
> now removed them, so that this kind of stupid accusation can cease and
> since we didn’t care about them at all in the first place.

Part of all projects path to graduation is checking IP provenance, please don’t 
take that that you did the theft but perhaps someone did it before you did, a 
poor analogy is "receiving stolen goods". Stuff like this is often an 
accidental and unintentional, some internal developer copies something to use 
in a test that they think will never be public. Until that is it becomes open 
source. I have seen far more numerous and far more serious infringements of 
copyright in other codebases donated by other large companies. What is 
important is tat it has been addressed and the podling is fixing the issue

It could be far worse, for instance [1] (and they also have a script for hamlet 
they want to talk to you about).

Thanks,
Justin

1.https://en.wikipedia.org/wiki/Monkey_selfie_copyright_dispute
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Ross Gardler]

"What is important is tat it has been addressed and the podling is fixing the 
issue" - big +1000

Thank you to everyone for doing the right thing here. Including Justin for 
agreeing to change his vote - I think that was the right thing to do even 
though, on this occasion, he could have cited my point #1 (if VP Legal says 
it's a blocker then it's a blocker). 

Ross


From: Justin Mclean 
Sent: Sunday, March 31, 2019 3:54 AM
To: general@incubator.apache.org
Subject: Re: Voting on releases with serious unaddressed issues

Hi,

> For the record, no. No. It was never simply called theft. These files were
> part of the donation received from Oracle. We did not add these files in
> any way in Apache and simply received them as part of the donation. We have
> now removed them, so that this kind of stupid accusation can cease and
> since we didn’t care about them at all in the first place.

Part of all projects path to graduation is checking IP provenance, please don’t 
take that that you did the theft but perhaps someone did it before you did, a 
poor analogy is "receiving stolen goods". Stuff like this is often an 
accidental and unintentional, some internal developer copies something to use 
in a test that they think will never be public. Until that is it becomes open 
source. I have seen far more numerous and far more serious infringements of 
copyright in other codebases donated by other large companies. What is 
important is tat it has been addressed and the podling is fixing the issue

It could be far worse, for instance [1] (and they also have a script for hamlet 
they want to talk to you about).

Thanks,
Justin

1.https://en.wikipedia.org/wiki/Monkey_selfie_copyright_dispute
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Bertrand Delacretaz]

Hi,

On Sat, Mar 30, 2019 at 8:01 PM Geertjan Wielenga
 wrote:
>...what comes closest to what
> you're looking for is the Rat exclusions file...

> https://github.com/apache/incubator-netbeans/blob/master/nbbuild/rat-exclusions.txt
...

And note that that file is mentioned in the
https://github.com/apache/incubator-netbeans README which says
"NetBeans license violation checks are managed via the
rat-exclusions.txt file" with a link.

I think although there's a lot of exclusions, NetBeans has done a
great job in documenting them and gradually improve the situation on
what's a huge codebase.

-Bertrand (NetBeans incubation mentor)

-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Bertrand Delacretaz]

Hi,

On Sat, Mar 30, 2019 at 3:34 AM Justin Mclean  wrote:
> ...What do other IPMC members think?...

I'm coming late to this discussion but I think it would have been
better to point to specific issues so people can reply in a more
concrete way.

Generally, I think it can be ok for podling releases to be
"imperfect", provided tickets are created to manage what needs to
change.

Best might be to create a ticket at
https://issues.apache.org/jira/projects/INCUBATOR for each podling
release, from which sub-tasks or linked tickets can be created for
those things that need to be fixed later. This makes it easy to look
at the history of previous releases and verify that those things are
improved.

-Bertrand

-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Voting on releases with serious unaddressed issues

[Geertjan Wielenga]

On Mon, Apr 1, 2019 at 10:26 AM Bertrand Delacretaz <
bdelacre...@codeconsult.ch> wrote:

> Hi,
>
> On Sat, Mar 30, 2019 at 8:01 PM Geertjan Wielenga
>  wrote:
> >...what comes closest to what
> > you're looking for is the Rat exclusions file...
>
> >
> https://github.com/apache/incubator-netbeans/blob/master/nbbuild/rat-exclusions.txt
> ...
>
> And note that that file is mentioned in the
> https://github.com/apache/incubator-netbeans README which says
> "NetBeans license violation checks are managed via the
> rat-exclusions.txt file" with a link.
>


Indeed, I didn't want to put too fine a point on it, but a lot of this
whole discussion could have been avoided simply by reading the initial
thread in the IPMC vote thread, where, for example, we explicitly provided
a link to our Ant Rat results file, which would have avoided the "NetBeans
should really consider to use Ant Rat" and "NetBeans really should explain
how it deviates from the norm" type of discussion -- because, again, we
provided all that info directly in the initial vote mail.

Gj




>
> I think although there's a lot of exclusions, NetBeans has done a
> great job in documenting them and gradually improve the situation on
> what's a huge codebase.
>
> -Bertrand (NetBeans incubation mentor)
>
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
>
>