-
Applying the Apache License, Version 2.0
- Applying the Apache License, Version 2.0
- Contents
- Understanding the 2.0 license
- Applying the license to new software
- Updating Existing Software
-
Frequently Asked Questions (General)
- Where Can I Find More Information?
- Where Can I Find Policy?
- Where do I find a copy of the new license?
- Do I have to have a copy of the license in each source file?
- In my current source files I have attribution notices for other works. Do I put this in each source file now?
- Can/Should individual committers added copyright statements to the NOTICE or source code files?
- Can the LICENSE and NOTICE files be called LICENSE.txt and NOTICE.txt?
- Should the license be included in source files for documentation (e.g. XML that is transformed to HTML)?
- Applying the Apache License, Version 2.0
-
Committers' FAQ
- Committers' FAQ
- Contents
-
General Questions
- I have just been elected a Committer, so what I should do now?
- What Is ApacheCon?
- What Is A Hackathon?
- What Is An Infrathon?
- What Is PlanetApache?
- I need to request some changes to infrastructure?
- Being committed and managing my energy
- What machines do I have access to?
- How Long Will It Take For A CLA To Be Registered?
- How do I start a new project in the ASF?
- Is there a way to see a graph of loads (CPU, I/O, network)?
- What are the responsibilities of a Committer?
- Is there a set term for acting as a Committer? Will I have to be elected again?
- What are the core beliefs of The Apache Way?
- I'm Told That The Host Key Has Changed When I To Login To My Apache Account. What Should I Do?
- How Do I Bring Code Developed Outside Apache To An Existing Project?
- What Do I Need To Keep In Mind When Applying Patches From A Contributor?
- Version Control Questions
-
Mail Questions
- How do I setup my email account?
- How do I request the creation of a new mail list?
- How do I find out how many people are subscribed to a list?
- How do I request changes for mail list moderators?
- I am a moderator and receive these "MODERATE" emails.
- I didn't forward my mail before. How can I download my old mail?
- Where Should Project Business Be Discussed?
- I've Just Made My First Commit. Why Isn't A Commit Message Delivered?
- Committers' FAQ
- Tips for email contributors
-
Contributors Tech Guide
- Contributors Tech Guide
- Contents
- How Open Source Works
- Getting the sources from the Subversion repository
- Providing feedback
- Sending in a Bug Report
- Sending in Patches
- Contributors Tech Guide
-
Handling Cryptography within an ASF Release
-
Handling Cryptography within an ASF Release
- Purpose and Intended Audience
- Overview
- Notification of Updates to this Page
- Check the Export Control Classification Number (ECCN)
- Update the Exports Page with Source Links
- Notify the U.S. Government of the Release
- Inform Users by Including a Crypto Notice in the Distribution's README
-
Frequently Asked Questions
- What is the "PRODUCT NAME/MODEL #" for my product?
- What is the MANUFACTURER?
- What is the NOTIFICATION?
- When is the first time a notification email must be sent?
- What are examples of when a crypto item is publicly accessible through ASF servers?
- Are public contributions of crypto items to the mailing list, JIRA or Bugzilla databases considered exports?
- If we distribute previously exported crypto items, must we still qualify the same item for export?
- If the ASF distributes a particular crypto item within one product under the TSU exception, must the same item requalify for the TSU exception when distributed in a different ASF product?
- If the ASF distributes/exports a crypto item after qualifying it under the TSU exception, must the same product requalify for release of future versions?
- Where must the email's notification URL point to?
- If the notification URL never changes, when are additional notification emails required?
- Is there any BIS requirement to tell users and/or redistributors of our products about the crypto within our products?
- When exporting a product that is not only designed to use some third-party crypto item, but also includes the third-party crypto item, does this require two notifications or one notification with two manufacturers?
- Can the ultimate link to the crypto item's source code point to a non-ASF web page?
- What if the object/binary code being distributed was built with a particular compiler switch?
- Do we ever need to notify the BIS of the location of object/binary files?
- If my project ships a binary that includes libssl/libcrypto, what notifications must be made?
- If my project ships a binary that provides bindings to OpenSSL, but does not include its source or binaries, what notifications must be made?
- Isn't it somewhat weird that I, who am not a U.S. citizen nor resident, should be constrained as to what or how I can commit to an ASF repository by some U.S. law?
- Do digest algorithms such as MD5 and SHA1 require notification?
-
Handling Cryptography within an ASF Release
- Converting from CVS to Subversion at the ASF
- ASF Hardware Wish-List
- ASF Infrastructure mailing lists
- Updating the Infrastructure web site
-
How to be an ASF Infrastructure volunteer
- How to be an ASF Infrastructure volunteer
- The Infrastructure Team
- Getting started
- Care and feeding of your sysadmin
- How to get on well with the Infrastructure team
- We really do need you
- Decision making
- More information and resources
-
Machines List
- Machines List
- Table of contents
- athena.apache.org
- aurora.apache.org
- bia.apache.org
- brutus.apache.org
- ca.apache.org
- clarus.apache.org
- console.apache.org
- eos.apache.org
- eris.apache.org
- fireswamp.apache.org
- gaea.apache.org
- harmonia.apache.org
- helios.apache.org
- hermes.apache.org
- hyperion.apache.org
- loki.apache.org
- minotaur.apache.org
- monitoring.apache.org
- nike.apache.org
- odin.apache.org
- odyne.apache.org
- thor.apache.org
- Machines List
- Step-By-Step Guide To Mirroring Releases
- Apache Mirroring Information
-
Guide for new committers
-
Introduction
- Contents
- I have just been elected as a committer. What does that mean?
- What must I do first?
- Waiting
- Next steps
- Login to shell account
- Configure shell account
- Configure email
- Setting up read/write repository access
- Project website
- OpenPGP public keys
- Apache People
- Committer-only resources
- Apache Labs
- Commit diff emails
- ApacheCon
- Committers home pages
- Warning
- Unofficial Resources
- Improve this guide
-
Introduction
- ASF Nightly Builds
-
Project Management Committee Guide
- Project Management Committee Guide
- Intended Audience
- Contents
- Policy
-
PMC FAQ
- What Is A PMC?
- We've voted a new committer in. Now what?
- We want to grant karma to someone who already has an account.
- We need access to a machine other than people.apache.org.
- We've voted in a new PMC member. Now what?
- What are the duties of the PMC chair and how to perform them?
- How Do We Import Code From An External Source?
- How Do I Search The Archives For Private Lists?
- How Do We Request A Wiki?
- How Do We Request A New Mailing List?
- Where Should Project Business Be Discussed?
- Project Management Committee Guide
- Tasks for Creating a Project
-
Procedures for Creating a Project
- Procedures for Creating an ASF Top-Level Project
- Things that the PMC should do after infrastructure is done
- Notes On Project Mailing Lists (DRAFT)
- Choosing names for ASF projects
- Manage your project web site
- Prospective Machines List
- Release Download Pages (DRAFT)
-
Publishing Releases (DRAFT)
- Contents
- Publishing Releases (DRAFT)
- Description Of Policy
-
Questions About Publishing Releases
- Do I Need Special Karma To Publish A Release?
- I've Just Published A Release: Why Isn't It Available From XYZ?
- What File Permissions Should Be Set On The Release?
- How Can I An Archive Old Release?
- What's The Right Way To Make ASF Jars Available Through the Maven Repository On Ibiblio?
- What Is The ASF Repository?
- How Should A Artifact Be Published To The ASF Repository?
- Guide To The ASF Repository
- Step-By-Step Guide To Uploading To The Repository By Hand
- Creating a repository descriptor for your project
-
Signing Releases
- Signing Releases
- Abstract
- Contents
- Help Wanted!
- Further Reading
- Description Of Policy
- Notes For Projects
- The Basics
-
Questions About Checksums And Signatures
- How Do I Sign A Release?
- What Is an OpenPGP Compatible ASCII Armored Detached Signature?
- What Is OpenPGP?
- What Is Public Key Cryptography?
- What Is An Detached Signature?
- What Is ASCII Armoring?
- What Is An MD5 Checksum?
- What is a SHA checksum?
- What Is A Message Digest Algorithm?
- What Is A Web Of Trust?
- How Do I Link Into A Public Web of Trust?
- What Is A Key Signing Party?
- How Can I Link My Key Into The Apache Web of Trust?
- What Does Verifying A Signature Mean?
- How Can I Check The Integrity Of A Release?
- What Does 'Public Key Not Found' Mean (When Verifying A Signature)?
- What is a Trusted Key?
- What Is The Difference Between A Valid Signature from an Untrusted Key And An Invalid Signature from an Untrusted Key?
- What Is A Public Key Fingerprint?
- Why Infeasible And Not Impossible?
- Where Should I Create The Signatures?
- What Is 'Insecure Memory' And Should I Be Worried?
- What is a Passphrase?
- What Is A Revocation Certificate?
- How Do I Revoke A Key?
- Where Should A Revocation Certificate Be Stored?
- How Do I Distribute A Revocation Certificate?
- What Is The Difference Between Deleting And Revoking A Key?
- Can I Mark A Key As Locally Trusted?
- How Can I Safely Practice Using OpenPGP?
- What Is The Difference Between A Public And A Private Key?
- How Should My Code Signing Private Key Be Protected?
- How Secure Does The Machine Used To Sign Releases Need To Be?
- Which Applications Create OpenPGP Compatible Signatures?
- How Safe Does The Private Key Need To Be?
- What Does 'Isolated Installation' Mean?
- What Key Length Is Recommended?
- How Do You Generate A Code Signing Key?
- What Is A Public Key Server?
- How Do You Upload A Key To A Public Key Server?
- How Can I Ensure My Local Web Of Trust Is Up To Date?
- How Do You Export A Key?
- What Is A Key ID?
- What Is A Sub Key?
- How Do I A Use Sub Key To Sign Emails?
- How Can I Find Out More?
- Is There A Quick Way To Sign Several Distributions?
- Signing Releases
- Release Statistics (DRAFT)
-
Releases FAQ
-
Releases FAQ
- Contents
- Release Questions
- Release Management Questions
-
Release Licensing Questions
- Which Files Must Contain An ASF License Text?
- Is A Full Copy Of The License Required In Each Source File?
- Where Is The Right Place For Attribution Notices?
- What Content Is Appropriate For the NOTICE file?
- Is a NOTICE File Required For Pure ASF Code?
- If A Distribution Contains Code Under Several Licenses, Should It Contain Several License Files?
- Can I Distribute A Raw Artifact?
-
Releases FAQ
- Reporting issues and requesting project resources
-
ASF Jar Repositories
- Disclaimer
- Contents
- Basic information
- A few good rules
-
FAQs about the ASF Jar Repositories
- m1/m2?
- Do I need to deploy to both m1/m2 repositories?
- Can we put third party files in the repositories?
- I'm working on a research branch, can I release to the repositories?
- Do we have an ASF repo we can point Maven/Ant builds at?
- Why not?
- How about repo.apache.org?
- What resources are available?
- How do rsyncs happen?
-
Services List
- Services List
- Zones for ASF projects
-
Apache Developers' C Language Style Guide
- Apache Developers' C Language Style Guide
- Contents
- Introduction
- The Guidelines
- Details and Examples
- Apache Developers' C Language Style Guide
-
Apache Development Information
- Apache Developer Resources --
- Committer email configuration
- Committer SSH Configuration on Windows
-
Committer SSH Access (DRAFT)
- Committer SSH Access (DRAFT)
- Contents
- Introduction
- Help Wanted!
- Available Elsewhere
- Troubleshooting
- FAQ
- Using OpenSSH To Connect To Apache
- Committer SSH Access (DRAFT)
- Source Code Repository