Re: Issue with Linux Foundation and expectations on ODL projects
Thanks for the reply, Anil. That did answer some questions I had.
These questions point to 4 serious issues with releasing projects. It would be great if answers to these are covered in the TSC meeting.
The response “you need security waivers” (for a past release!) dodges all of the issues raised above and really does nothing to address the 4 issues above.
PS - It is possible (maybe probable) that I have misunderstandings here, so please feel free to correct me.
From: Anil Belur <abelur@...>
On Fri, Mar 6, 2020 at 2:05 AM Allan <aclarke@...> wrote:
I understand the concerns on the delay in releasing Plastic, please find my response below.
2. The policy violations showing up on stage repositories is a "feature" and not a "bug", and a proactive way to ensure these violations are going to be addressed early on before a release.
3. The violations seen recently in plastic is a result of updating the "Nexus platform plugin", which is working as expected and not a result of any to Nexus repository level setting.
4. It's seldom up to LF or the PTL's to waive IQ policy violations, waivers can only come from the ODL security team as approved by the TSC.