Title: Apache Board -- Project Services & Expectations license: https://www.apache.org/licenses/LICENSE-2.0
The Apache Software Foundation (ASF) provides a wide array of
services to the many Apache communities and their Project Management
Committees (PMCs) that we host in line with our
vision of independent, volunteer-run projects.
The Board of Directors and relevant ASF officers also set various
required policies and best practices that our PMCs are expected to follow.
Please see our overview of services provided to Apache projects.
Read the guide for how to escalate serious issues with Apache projects or officers to the appropriate list.
The Board of Directors and relevant policy-setting officers have the established the following policies (MUST) or best practices (SHOULD/MAY) for all Apache PMCs. Questions about any individual policy should be addressed to the appropriate officer and/or to the board.
Provide Community And Project Oversight (Board)
-
Project technical decisions MUST be made on or otherwise reflected in a timely manner on public and archived mailing lists.
-
Project discussions and interactions SHOULD be public in accessible, asynchronous and archived places, unless there are specific documented reasons to hold discussions on private@.
-
Project discussions SHOULD use normal ASF-hosted dev@, user@, and similar mailing lists.
-
Projects MAY use their own documented consensus process, or a VOTE, to decide on any new committers or PMC members.
Operate Independently And For The Public Good (Board)
- Projects MUST govern themselves independently of undue commercial influence, and for the best interests of the project community as a whole.
Provide Regular Reports To The Board (Board)
- Projects MUST provide a quarterly status report to the board.
Follow Software Release Policy (Legal Affairs, Infrastructure Team)
- Projects MUST follow the Release Policy, the Apache Voting Process and the Release Distribution Policy when releasing software artifacts for general public use.
Follow Security Notification Procedure (Security Team)
- Projects SHOULD always work with the Security Team when dealing with vulnerabilities, and MUST follow notification procedures for security issues.
Contributors And Licensing Policy (Legal Affairs)
-
Contributors MUST sign an iCLA before committer access to projects is granted.
-
Projects MUST use the Apache LICENSE, NOTICE, and source headers for code developed and released at Apache.
-
Projects MUST NOT include software with unapproved or restricted licenses in Apache project releases unless following documented exceptions.
-
Projects MAY include software with approved compatible licenses in Apache project releases.
Branding And Trademark Policy (Brand Management)
-
Project websites MUST comply with the Apache Project Branding Requirements.
-
Project PMCs MUST be responsible for maintaining their project's trademarks and brand.
-
Project PMCs MAY include links to relevant technical or corporate websites when they are appropriate to their community.
Infrastructure Policy (Infrastructure Team)
-
Every project's primary source control repository MUST be administered by the Infrastructure Team on ASF maintained services.
-
Project website homepages MUST be static sites served on ASF infrastructure.
Press & Marketing Policy (Press Team)
-
Projects MUST work with VP, Marketing and Publicity on any formal press releases that use ASF boilerplate.
-
Projects SHOULD work with press@ to help coordinate any press, media, or analyst relations.
Fundraising Policies (VP, Fundraising)
- Projects MUST work with VP, Fundraising whenever directly accepting or using financial donations.
Incubator Podling Policies (Incubator PMC)
- Incubator Podlings MUST uphold the applicable Incubator policies set by the Incubator PMC (IPMC). Podlings SHOULD be complying with all Apache project requirements before graduation.