Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [orbit-dev] Continue to require ATO CQs?

On Mon, Apr 6, 2020 at 10:13 AM Wayne Beaton
<wayne.beaton@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> I've developed a prototype tool that can be used to vet the license of content based on identifiers (e.g. Maven GAV). I'm moving this to Eclipse Dash. One of the things that the tool does now is cite the source of the vetted license information ("CQ999", "clearlydefined", or "projectcode"). I've been thinking of extending this to include a URL pointer to the source.
> For this new regime to work, we depend on regular IP Log checks. We do IP Log checks when projects engage in release reviews. Per the EDP, a project needs to engage in a release review only once every year.
> Since I believe that Eclipse Orbit engages in what could be considered releases, I believe that it is reasonable to require that the project engage in an annual review like every other open source project at the Eclipse Foundation. Feel free to argue with me.

Seems reasonable. As long as this tool can be automated somehow through our
CI builds, I think it should be painless. I'll try out the tool at
least to start
embedding the data into the builds.

Roland Grunberg

Back to the top