Definition of Open Source [was Re: pine: UW permission to distribute]

[Michael Schwendt]

On Thu, 22 Jul 2004 17:46:08 -0400, Michael Tiemann wrote:

> Michael: But perhaps I did understand the diagram--in that I observed
> that it didn't attempt to cover new package submission.  Thus, I've
> attempted to enhance the diagram so that it /can/ cover that topic
> (which is frequently discussed) as well.  So my effort is complementary
> to Ville's, not conflicting.

Could also be that I misunderstand your changes in the diagram. ;o)
Changed policies with regard to submission of new packages have been
discussed already internally with quite different results. Actual policy
updates pending. One of fedora.us' deficiences is that every new (!)
package submitted by a non-trusted person (or even a trusted one) needs a
massive amount of QA work (in particular security related checks!) before
it could be approved, built and published. The goal of internal
discussions was to make it easier for package maintainers to submit and
publish new packages into an "unstable" or "development" repository after
considerably less QA (because very often no one other than the packager is
willing to review a package) and with the help of old packages which exist
in other big and reputable Linux distributions already, e.g. Debian
GNU/Linux, SuSE Linux or Mandrake Linux. In particular, source tarball
checksums taken from such distributions could be relied on.

Trusted submission without QA (in the diagram there's an arrow from
Meta-Fedora BZ to PUBLISH) is not a good idea unless such packages would
go into a "development" repository only.

Further, I don't understand the role of what is referred to as "Well-Known
3rd Party Repos" and whether/why/when a package would be classified as
"Well-known RPM". IMO a package is not well-known unless its complete
life-cycle including bug reports and reviews is documented well in an
open manner.