[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [tools-pmc] Apache HttpComponents* CQs
|
On Mon, 2020-01-13 at 10:17 -0500, Jonah Graham wrote:
> Thanks Matthias,
>
> Thanks for taking the time to explain current state. I think we should go for it - after all the CQs are going to be approved, we just may need to do some paperwork later until the tooling catches up. I will approve them in a couple of hours, just to give others a chance to say something first.
>
> As for type a vs type b - https://projects.eclipse.org/projects/eclipse/releases/4.15.0 probably needs to be updated then, that is what I had based a vs b change on.
Hey,
Thanks for bringing this up. I just approved the CQs that I saw coming
in, and then read this e-mail so my apologies. Matthias explained the
situation very well and from what has been discussed at EclipseCon
Europe [1] and via mailing lists. The only thing I would add is that
type_B still has its place, but will no longer be done for ** 3rd party
libraries ** .
As for filing the CQs initially against Orbit, I think maintainers in
Orbit wanting to update a dependency due to vulnerabilities, or because
a newer version exists is a valid case. In the past, needing to wait
for the requesting project has slowed things down. Ultimately as long
as each project's IPlog accurately reflects the usage it should be
fine.
Cheers,
--
Roland Grunberg
[1] https://www.eclipsecon.org/europe2019/sessions/intellectual-property-management-and-open-source
