Hi Ate, Thanks for taking time to review. Please see comments below:
On Jun 7, 2012, at 11:30 AM, Ate Douma wrote: > On 06/04/2012 07:19 AM, Suresh Marru wrote: >> Discussion thread for vote on airavata 0.3-incubating release candidate 1. >> >> If you have any questions or feedback or to post results of validating the >> release, please reply to this thread. Once you verify the release, please >> post >> your vote to the VOTE thread. >> >> For reference, the Apache release guide - >> http://www.apache.org/dev/release.html >> Incubator specific release guidelines - >> http://incubator.apache.org/guides/releasemanagement.html >> >> Some tips to validate the release before you vote: >> >> * Download the binary version and run the 5 minute or 10 minute tutorial as >> described in README and website. >> * Download the source files from compressed files and release tag and build >> (which includes tests). > Check, build successfully, including tests. > >> * Verify the distributon for the required LICENSE, NOTICE and DISCLAIMER >> files > > While both the source and primary binary distributions do contain the > required DISCLAIMER file, none of the maven build artifact jars have them, > anymore... > Something must have changed in the build configuration because this looks > like a regression from the previous release where it was OK. Possible > indication/side-effect is that I see all the maven artifacts now have a zero > (0) bytes sized NOTICE.txt file in the root of the jars. Yes I am puzzled as well, the build files did not change from previous iteration. Will investigate what went wrong, sorry did not catch this before calling the vote. > While there have been some new discussions on incubator general@ about what > constitutes (formally/legally) a 'release', and inasmuch binary artifacts are > just a convenience for the community, the missing DISCLAIMER files in the > maven repository artifacts, which are specifically defined as required for > all/any podling release artifact, makes me decide to vote -1 on this > candidate. I agree missing disclaimer is a blocker, will look to fix it tomorrow. > Less critical and not really blocking is that the state of the binary > distribution NOTICE file hasn't been updated or further cleaned up yet, as > commented already on during the previous release candidate vote. > I assume looking into that is/will be planned for a next release candidate... I started a discussion in the legal-discuss regarding this, but some how missed Kevan's reply [1]. I see now he suggested to remove few more NOTICEs, will follow up on that. > Likewise and neither a real issue but again and still a strong suggestion as > also given during the previous vote is to get rid of external maven > repository dependencies This is a bigger beast, I started on it offline and have got all IU based software into maven central but haven't had much progress with third-party non-maven jars. Will have to pass this for this release, but need to push it on. Thanks, Suresh [1] - http://mail-archives.apache.org/mod_mbox/www-legal-discuss/201205.mbox/%3C3DC4F53A-FF48-402A-9B69-2629A6C85E18%40gmail.com%3E > > Regards, Ate > >> * Verify if all the staged files are signed and the signature is verifiable. >> * Verify if the signing key in the project's KEYS file is hosted on a public >> server >> >> Thanks for your time in validating the release and voting, >> Suresh >
signature.asc
Description: Message signed with OpenPGP using GPGMail
