Author: luke1410
Date: Thu Jul 5 21:13:36 2018
New Revision: 1835191
URL: http://svn.apache.org/viewvc?rev=1835191&view=rev
Log:
* docs/community-guide/releasing.part.html
(#tarball-signing): Relax the signing restrictions per the dev-list
discussion -
https://mail-archives.apache.org/mod_mbox/subversion-dev/201806.mbox/%3C20180624062057.GH79457%40ted.stsp.name%3E
Modified:
subversion/site/publish/docs/community-guide/releasing.part.html
Modified: subversion/site/publish/docs/community-guide/releasing.part.html
URL:
http://svn.apache.org/viewvc/subversion/site/publish/docs/community-guide/releasing.part.html?rev=1835191&r1=1835190&r2=1835191&view=diff
==============================================================================
--- subversion/site/publish/docs/community-guide/releasing.part.html (original)
+++ subversion/site/publish/docs/community-guide/releasing.part.html Thu Jul 5
21:13:36 2018
@@ -975,22 +975,19 @@ in the same directory as the tarballs.</
<p>Before a release is officially made public, it must receive three +1 votes
from members of the Subversion PMC. In addition, as a matter of project
-policy (<span class="notice">being revisited: see
-<a
href="https://mail-archives.apache.org/mod_mbox/subversion-dev/201708.mbox/%3C20170812173507.a37xm5lujkdo7jw3%40tarpaulin.shahaf.local2%3E";
->dev@ thread</a></span>),
-we require testing and signatures from at least three PMC members on
+policy, we require testing and signatures from at least three PMC members on
<em>each</em> of the major platforms we support: Windows and *nix.
-For -alpha and -beta releases, we still require at least one +1 vote on each
-major platform we support, but waive the requirement for three signers on each
platform. (The requirement for at least three signers in total remains.)
-Members of the PMC,
-as well as enthusiastic community members are encourages to download the
-tarballs from the preliminary distribution location, run the tests, and then
-provide their signatures. The public keys for these signatures should be
-included in the ASF LDAP instance through
+Members of the PMC, as well as enthusiastic community members are encourages to
+download the tarballs from the preliminary distribution location, run the
+tests, and then provide their signatures. The public keys for these signatures
+should be included in the ASF LDAP instance through
<a href="https://id.apache.org/";>id.apache.org</a>. (A list of the
<a href="https://people.apache.org/keys/group/subversion-pmc.asc";>current
public keys</a> for members of the Subversion PMC is autogenerated from LDAP
-each day.)</p>
+each day.)
+The release manager is encouraged to wait at least 5 days for the signatures
+before rolling the release to allow anybody (planning to) test(ing) the release
+to complete signing the release before it's being rolled.</p>
<p>Signing a tarball means that you assert certain things about it. When
announcing your signature, indicate in the mail what steps you've taken to
