spot-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cesar Berho <>
Subject Re: Following up on board report
Date Tue, 28 Feb 2017 08:13:52 GMT
Hi John,

Appreciated for getting back to us. Initially we did the question to mentors, which actually
suggested us to post it on the PMC report.

In regards them; they have helped us a lot, among the guys on the community, and as we actually
ramp and now going over documentation towards Apache release, the notion of code scan is clear,
process wise at least, and complemented with your answer in regards the existence of the tool
for static analysis, we'll follow-up with Infra team to get guidance on the setup.

In regards IP review, SGA was submitted to Secretary back in October of last year, I can look
for the email if needed. Now clarifying a little bit on this one, as you mention the code
is compatible, but we we were wondering if after initial code migration to ASF repositories,
then another review was required. The gap closed with the release documentation. Over the
past months we have got individual feedback from mentors, about the licenses.

One thing that also was noted and we acknowledge is the fact of moving most of the communications
to the mailing lists, this Slack app has become very popular and helped us for quick interactions,
however something that we're carrying over are all the "extended" conversations that can be
enriched over here, as those facilitate input from Community in general.



From: John D. Ament <>
Sent: Monday, February 27, 2017 8:44:13 PM
Subject: Following up on board report

Dear Spot Podling,

I wanted to follow up with you regarding the comments in your board
report.  In it, you wrote:

Any issues that the Incubator PMC (IPMC) or ASF Board wish/need to be
aware of?

  IPMC this point has been posted on the last two report, we have not
  received any feedback in terms of how it goes, please comment.

  Please elaborate on the process for code scanning and IP reviews. On the
  last report this was brought to attention but no communication was

Ideally these are questions you are raising to your mentors, and your
mentors are giving you the right info.  Is that happening?  I noticed for
instance that you received only a single sign off.  Do you have engagement
with all 4 of your mentors?

Presently, the ASF provides static analysis via SonarQube, You can find the
instance at .  Please reach out to infra
if you need some guides on how to get it running for your project.

RE IP review - I'm not 100% sure what you mean.  I'm assuming that an SGA
was executed? I can't find any documentation.  It looks like regardless the
project was always apache licensed.  Have your mentors provided any input
on good/bad IP practices?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message