Review Request: jss - Java Security Services (bz#230262)

[Warren Togami]

Margaret Lum wrote:
> Warren Togami wrote:
>> Right, unsigned in Fedora.  Proprietary or 3rd party apps needing a 
>> signed JAR would need to provide it from a separate source.  Can you 
>> confirm that it could be parallel installed without much trouble?
> There won't be any need for this, as developers can sign at their own 
> discretion.
>>
>>>>
>>>> Red Hat (the company) could (pending legal approval) choose to 
>>>> proceed with this as part of an internal product.  But as the rules 
>>>> stand today, Fedora cannot ship this signed.
>>> We will ship this UNsigned, in Fedora.  Can approval be re-evaluated?
>>
>> Right, yes it can.
> Please let me know what the next steps to working this through the 
> approval committee expediently.  I want to make sure there aren't 
> details omitted that would hinder this package from being approved.
> 
> Thanks!
> 


There is no approval committee.  Inclusion of the package only requires 
package review approval of ANYBODY.  The reviewer could even be another 
member of the same team of the submitter of the package review.

http://fedoraproject.org/wiki/PackageMaintainers/NewPackageProcess
Please familiarize yourself with this process document.

Many dozens of java packages were included in Fedora in the past few 
months in this fashion, where a team within Red Hat had separate people 
act as package submitter and package reviewer.  I don't remember all 
their names at the moment, though I believe rafaels@ and dbhole@ were 
among the RH participants involved with inclusion of those many java 
packages.

If you have deadlines for business reasons to get packages into Fedora 
or EPEL, please don't wait for unaccountable external volunteers.  Any 
team has the power to get a package in without the need for external 
participation or approval.

Please let us know here on this list if you have further questions.

Thanks,
Warren Togami
wtogami at redhat.com