Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [eclipse-pmc] Do we still need to file CQs?

Hi Alex

I don't want to base my judgement on a blog post. However, Wayne also sent this to the committers with https://www.eclipse.org/lists/eclipse.org-committers/msg01241.html.

To be honest it leaves a lot of holes/questions to me. Here are some things that look fuzzy to me;

> CQs are not required for third-party content in all cases. In the case of third-party content due diligence, CQs are now only used to track the vetting process.
What does "In the case of third-party content due diligence, CQs are now only used to track the vetting process. " mean?

CQs are no longer required before third-party content is introduced. 
Looks like being listed on clearlydefined does not necessarily mean we can use it  The project, i.e. we as PMC have to make that decision and then decide whether to file a CQ. See also above point.

The only thing that's clear is that no piggyback CQs are needed anymore. However, the official document (https://wiki.eclipse.org/Development_Resources/Contribution_Questionnaire#Piggyback_CQs) still says otherwise. Unless the official documents are updated I would vote against changing anything.

What's also unclear/undefined is the process regarding Orbit.

There's supposed to be a tool that detects the dependencies but AFAIK it's not complete yet. This would leave us in a state where we do not have a correct IP log.

Dani



From:        Aleksandar Kurtakov <akurtako@xxxxxxxxxx>
To:        eclipse-pmc@xxxxxxxxxxx
Date:        30.06.2020 17:18
Subject:        [EXTERNAL] [eclipse-pmc] Do we still need to file CQs?
Sent by:        eclipse-pmc-bounces@xxxxxxxxxxx




Last week Wayne posted some updates on the IP process [1].  Please pay special attention to "Leverage other sources of license information for third-party content." and "ClearlyDefined is a trusted source of license information." paragraphs .
It's worth noting that PB CQs are no longer needed too.
According to this I could have skipped filing CQ for ICU4J 67.1 [2] and rather pointed to clearlydefined.io[3] and get it contributed to Orbit based on that.
That would be a huge reduction for releng as right now updating deps is still a lengthy and painful process involving many steps by committer/pmc/IP team/orbit committer and etc.

Let's discuss at some of the next PMC meetings when we have everyone.

[1] https://waynebeaton.wordpress.com/2020/06/25/updates-to-the-eclipse-ip-due-diligence-process/
[2] https://dev.eclipse.org/ipzilla/show_bug.cgi?id=22320
[3] https://clearlydefined.io/definitions/maven/mavencentral/com.ibm.icu/icu4j/67.1

--
Alexander Kurtakov
Red Hat Eclipse Team_______________________________________________
eclipse-pmc mailing list
eclipse-pmc@xxxxxxxxxxx
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/eclipse-pmc




Back to the top