This page reflects the Apache Grails project's self-assessment of their maturity according to the - ASF Project Maturity Model. + ASF Project + Maturity Model.
Code
@@ -19,31 +20,38 @@CD10
The project produces Open Source software for distribution to the public at no charge.
-All code is under the Apache license (or compatible 3rd party licenses) and available from ASF distribution channels and GitHub.
+All code is under the Apache license (or compatible 3rd party licenses) and available from ASF distribution + channels and GitHub.
CD20
Anyone can quickly discover and access the project's code.
-The code is available under ASF/GitHub, and the project’s website contains instructions on how to obtain it.
+The code is available under ASF/GitHub, and the project’s website contains instructions on how to obtain it. +
CD30
Anyone using standard, widely available tools can build the code reproducibly.
-The project includes instructions on required prerequisites and instructions on how to build the software.
+The project includes instructions on required prerequisites and instructions on how to build the software. +
CD40
-The complete history of the project's code is available via a source code control system, which allows anyone to recreate any released version.
+The complete history of the project's code is available via a source code control system, which allows anyone + to recreate any released version.
-The latest code is available from ASF/GitHub, and previous versions have been tagged. Previous releases since joining are archived at the ASF and available for download.
+The latest code is available from ASF/GitHub, and previous versions have been tagged. Previous releases since + joining are archived at the ASF and available for download.
CD50
-The source code control system establishes the provenance of each line of code in a reliable way, based on strong authentication of the committer.
+The source code control system establishes the provenance of each line of code in a reliable way, based on + strong authentication of the committer.
-When third parties contribute code, commit messages provide reliable information about the code provenance. All code is committed via version control. The LICENSE file also lists 3rd party code and its license.
+When third parties contribute code, commit messages provide reliable information about the code provenance. + All code is committed via version control. The LICENSE file also lists 3rd party code and its license.
Licenses and Copyright
@@ -55,9 +63,12 @@LC10
LC20
-Libraries that are mandatory dependencies of the project's code do not create more restrictions than the Apache License does.
+Libraries that are mandatory dependencies of the project's code do not create more restrictions than the + Apache License does.
-Extensive work has been done on third-party licenses for both the source release and convenience binaries. One issue with a Hibernate dependency has been discussed and is subject to further resolution but isn't the sole mandatory option for this functionality. +
Extensive work has been done on third-party licenses for both the source release and convenience binaries. + One issue with a Hibernate dependency has been discussed and is subject to further resolution but isn't the + sole mandatory option for this functionality. Further work is expected to remove the licensing issue with this dependency.
LC30
@@ -68,13 +79,15 @@LC30
LC40
-Committers are bound by an Individual Contributor Agreement (the "Apache iCLA") that defines which code they may commit and how they need to identify code that is not their own.
+Committers are bound by an Individual Contributor Agreement (the "Apache iCLA") that defines which code they + may commit and how they need to identify code that is not their own.
All committers have signed ICLAs.
LC50
-The project clearly defines and documents the copyright ownership of everything that the project produces.
+The project clearly defines and documents the copyright ownership of everything that the project produces. +
The LICENSE and NOTICE files list additional information needed here.
@@ -82,39 +95,48 @@Releases
RE10
-Releases consist of source code, distributed using standard and open archive formats that are expected to stay readable in the long term.
+Releases consist of source code, distributed using standard and open archive formats that are expected to + stay readable in the long term.
Releases are source code and are performed and distributed in the standard ASF way.
RE20
-The project's PMC (Project Management Committee, see CS10) approves each software release to make the release an act of the Foundation.
+The project's PMC (Project Management Committee, see CS10) approves each software release to make the release + an act of the Foundation.
Each release has been voted on, following ASF policy, by the PPMC.
RE30
-Releases are signed and/or distributed along with digests that anyone can reliably use to validate the downloaded archives.
+Releases are signed and/or distributed along with digests that anyone can reliably use to validate the + downloaded archives.
Releases are signed and the release area on the website includes hashes and links to KEYs files.
RE40
-The project can distribute convenience binaries alongside source code, but they are not Apache Releases, they are provided with no guarantee.
+The project can distribute convenience binaries alongside source code, but they are not Apache Releases, they + are provided with no guarantee.
-Convenience binaries are distributed alongside source releases. Their LICENSE and NOTICE files are correct.
+Convenience binaries are distributed alongside source releases. Their LICENSE and NOTICE files are correct. +
RE50
-The project documents a repeatable release process so that someone new to the project can independently generate the complete set of artifacts required for a release.
+The project documents a repeatable release process so that someone new to the project can independently + generate the complete set of artifacts required for a release.
-Releases have been made by several release managers and the project includes documentation on how to make a release. The last release included a standard incubating DISCLAIMER. There is some minor work to be done on documenting the release process and improving the release scripts.
+Releases have been made by several release managers and the project includes documentation on how to make a + release. The last release included a standard incubating DISCLAIMER. There is some minor work to be done on + documenting the release process and improving the release scripts.
Quality
QU10
-The project is open and honest about the quality of its code. Various levels of quality and maturity for various modules are natural and acceptable as long as they are clearly communicated.
+The project is open and honest about the quality of its code. Various levels of quality and maturity for + various modules are natural and acceptable as long as they are clearly communicated.
All code is reviewed by at least one committer before being merged and must pass CI checks.
@@ -126,21 +148,25 @@QU20
QU30
-The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.
+The project provides a well-documented, secure and private channel to report security issues, along with a + documented way of responding to them.
The project uses the standard way of reporting ASF security issues.
QU40
-The project puts a high priority on backwards compatibility and aims to document any incompatible changes and provide tools and documentation to help users transition to new features.
+The project puts a high priority on backwards compatibility and aims to document any incompatible changes and + provide tools and documentation to help users transition to new features.
-All PRs, including information on if there are breaking changes, and release notes on each release, also include this.
+All PRs, including information on if there are breaking changes, and release notes on each release, also + include this.
QU50
The project strives to respond to documented bug reports in a timely manner.
-The large majority of issues and PRs are dealt with quickly, although a number of outstanding older issues from pre-ASF days remain.
+The large majority of issues and PRs are dealt with quickly, although a number of outstanding older issues + from pre-ASF days remain.
Community
@@ -148,35 +174,46 @@CO10
The project has a well-known homepage that points to all the information required by ASF policy.
-The Grails website (https://grails.apache.org) is well known and contains all the information needed by ASF policy. (A couple of points need fixing before this is actually true, but they are well-known and simple.)
+The Grails website (https://grails.apache.org) is well known and contains all the information needed by ASF + policy. (A couple of points need fixing before this is actually true, but they are well-known and simple.) +
CO20
-The community welcomes contributions from anyone who acts in good faith, respectfully, and adds value to the project.
+The community welcomes contributions from anyone who acts in good faith, respectfully, and adds value to the + project.
-Several hundred folks have contributed to the core Grails project during its lifespan and more on plugins. More than 20 folks have contributed to the core project since incubation started. Several contributors have been made committers and PMC members since the start of incubation.
+Several hundred folks have contributed to the core Grails project during its lifespan and more on plugins. + More than 20 folks have contributed to the core project since incubation started. Several contributors have + been made committers and PMC members since the start of incubation.
CO30
-Contributions include source code, documentation, constructive bug reports, constructive discussions, marketing and generally anything that adds value to the project.
+Contributions include source code, documentation, constructive bug reports, constructive discussions, + marketing and generally anything that adds value to the project.
-The project values all forms of contribution and has accepted code, documentation fixes/improvements, bug reports etc.
+The project values all forms of contribution and has accepted code, documentation fixes/improvements, bug + reports etc.
CO40
-The community strives to be meritocratic and gives more rights and responsibilities to contributors who, over time, add value to the project.
+The community strives to be meritocratic and gives more rights and responsibilities to contributors who, over + time, add value to the project.
Several contributors have been made committers and PPMC members since the start of incubation.
CO50
-The project documents how contributors can earn more rights, such as commit access or decision power, and applies these principles consistently.
+The project documents how contributors can earn more rights, such as commit access or decision power, and + applies these principles consistently.
-Several contributors have been made committers and PMC members since the start of incubation. These committers have been based on merit and come from several different employers.
+Several contributors have been made committers and PMC members since the start of incubation. These + committers have been based on merit and come from several different employers.
CO60
-The community operates based on the consensus of its members (see CS10), who have decision power. Dictators, benevolent or not, are not welcome in Apache projects.
+The community operates based on the consensus of its members (see CS10), who have decision power. Dictators, + benevolent or not, are not welcome in Apache projects.
The project’s direction is set by the PMC, there is no BDFY.
@@ -184,19 +221,23 @@CO70
The project strives to answer user questions in a timely manner.
-User questions on GitHub and the mailing list are usually answered promptly. There is room for improvement in a few isolated cases.
+User questions on GitHub and the mailing list are usually answered promptly. There is room for improvement in + a few isolated cases.
Consensus Building
CS10
-The project maintains a public list of its contributors who have decision power. The project's PMC (Project Management Committee) consists of those contributors.
+The project maintains a public list of its contributors who have decision power. The project's PMC (Project + Management Committee) consists of those contributors.
-The PPMC and committer list are kept up to date when new people are added. There is no public list of the PMC on the site, but it is available via several ASF services.
+The PPMC and committer list are kept up to date when new people are added. There is no public list of the PMC + on the site, but it is available via several ASF services.
CS20
-Decisions require a consensus among PMC members and are documented on the project's main communications channel. The PMC takes community opinions into account, but the PMC has the final word.
+Decisions require a consensus among PMC members and are documented on the project's main communications + channel. The PMC takes community opinions into account, but the PMC has the final word.
Votes on releases and other major decisions are conducted on the mailing list.
@@ -208,15 +249,21 @@CS30
CS40
-In Apache projects, vetoes are only valid for code commits. The person exercising the veto must justify it with a technical explanation, as per the Apache voting rules defined in CS30.
+In Apache projects, vetoes are only valid for code commits. The person exercising the veto must justify it + with a technical explanation, as per the Apache voting rules defined in CS30.
-There have been no code vetos. Most significant code contributions use RTC, so this reduces the number of possible vetos. The code is reviewed, and feedback is acted on before it is merged.
+There have been no code vetos. Most significant code contributions use RTC, so this reduces the number of + possible vetos. The code is reviewed, and feedback is acted on before it is merged.
CS50
-All "important" discussions happen asynchronously in written form on the project's main communications channel. Offline, face-to-face or private discussions that affect the project are also documented on that channel.
+All "important" discussions happen asynchronously in written form on the project's main communications + channel. Offline, face-to-face or private discussions that affect the project are also documented on that + channel.
-There is discussion on the mailing list, and in GitHub issues and discussions. This is asynchronous. There are regular online meetings where anyone is welcome and a summary of discussions is brought back to the mailing list. +
There is discussion on the mailing list, and in GitHub issues and discussions. This is asynchronous. There + are regular online meetings where anyone is welcome and a summary of discussions is brought back to the + mailing list. There are no offline meetings or discussions where private decisions are made.
Independence
@@ -237,28 +284,33 @@Trademark and Branding
TB10
-The project uses "Apache Foo™" as the project and software product name consistently, with appropriate trademark attributions.
+The project uses "Apache Foo™" as the project and software product name consistently, with appropriate + trademark attributions.
The project uses Apache Grails and complies with ASF trademark policy.
TB20
-The project's primary homepage is at projectname.apache.org. When exceptions exist to use alternate domains for any purpose, any non-apache.org domain names are owned by the ASF.
+The project's primary homepage is at projectname.apache.org. When exceptions exist to use alternate domains + for any purpose, any non-apache.org domain names are owned by the ASF.
-The project's website is at http://grails.apache.org.
+The project's website is at https://grails.apache.org.
TB30
-The ASF has trademark rights, including any registrations, to the project name, logo, and any other major branding elements.
+The ASF has trademark rights, including any registrations, to the project name, logo, and any other major + branding elements.
-The name Grails and its logo is a registered trademark and agreement has been reached to transfer the trademarks to the ASF upon successful graduation.
+The name Grails and its logo is a registered trademark and agreement has been reached to transfer the + trademarks to the ASF upon successful graduation.
TB40
-The project monitors for any major misuses of their project's brand by others, and reports any potential misuses to Brand Management.
+The project monitors for any major misuses of their project's brand by others, and reports any potential + misuses to Brand Management.
There have been no significant misuses of the project’s brand.