No, the classes weren't expected inside of Guava. Cancelling this release candidate.
I don't believe the protos/certs/keys matter and were part of our prior 1.13.1 release as well[1]. I found out that we stopped validating the contents of the vendored jar as part of the release process and opened up pr/9036[2] to fix our validation. Kai, I will try to add the vendored bytebuddy to the next release, it would be useful if you could help review the PRs related to vendoring. 1: https://repo1.maven.org/maven2/org/apache/beam/beam-vendor-grpc-1_13_1/0.2/beam-vendor-grpc-1_13_1-0.2.jar 2: https://github.com/apache/beam/pull/9036 On Wed, Jul 10, 2019 at 1:34 PM Kai Jiang <[email protected]> wrote: > pull/8357 <https://github.com/apache/beam/pull/8357> proposes to vendor > bytebuddy artifact. > Is it possible to release "beam-vendor-bytebuddy-1_9_3" in next release > candidate? > > Best, > Kai > > On Wed, Jul 10, 2019 at 11:31 AM Kenneth Knowles <[email protected]> wrote: > >> grpc: jar contains certs, keys, protos at the top level; intended? >> >> guava: jar contains classes not in vendored prefix, with prefixes such as >> com/google/j2objc, org/codehaus/mojo, com/google/errorprone, >> org/checkerframework, javax/annotation >> >> On Tue, Jul 9, 2019 at 3:34 PM Lukasz Cwik <[email protected]> wrote: >> >>> Please review the release of the following artifacts that we vendor: >>> * beam-vendor-grpc_1_21_0 >>> * beam-vendor-guava-26_0-jre >>> >>> Hi everyone, >>> Please review and vote on the release candidate #2 for the >>> org.apache.beam:beam-vendor-grpc_1_21_0:0.1 and >>> org.apache.beam:beam-vendor-guava-26_0-jre:0.1, as follows: >>> [ ] +1, Approve the release >>> [ ] -1, Do not approve the release (please provide specific comments) >>> >>> >>> The complete staging area is available for your review, which includes: >>> * the official Apache source release to be deployed to dist.apache.org >>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__dist.apache.org&d=DwMFaQ&c=r2dcLCtU9q6n0vrtnDw9vg&r=w9NQdMas-PbABIe2Vnjx7A&m=XQ3qyG5SAoY6jY4Pv3Bn3fVfQFbjZaIMJovq2d1Y-2c&s=csOeuLf-hGb4WMuN0WlDgcN7dYHjh1S0CGpw5i12sQ4&e=> >>> [1], which is signed with the key with fingerprint >>> EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2], >>> * all artifacts to be deployed to the Maven Central Repository [3], >>> * commit hash "b4efbb23cc5dec80b8bbd8745c62efecdadfa236" [4], >>> >>> The vote will be open for at least 72 hours. It is adopted by majority >>> approval, with at least 3 PMC affirmative votes. >>> >>> Thanks, >>> Luke >>> >>> [1] https://dist.apache.org/repos/dist/dev/beam/vendor/ >>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__dist.apache.org_repos_dist_dev_beam_vendor_&d=DwMFaQ&c=r2dcLCtU9q6n0vrtnDw9vg&r=w9NQdMas-PbABIe2Vnjx7A&m=XQ3qyG5SAoY6jY4Pv3Bn3fVfQFbjZaIMJovq2d1Y-2c&s=vDAP44KBSLriK6epP13aKgiALwJLZ9SKau_naQkkJHg&e=> >>> [2] https://dist.apache.org/repos/dist/release/beam/KEYS >>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__dist.apache.org_repos_dist_release_beam_KEYS&d=DwMFaQ&c=r2dcLCtU9q6n0vrtnDw9vg&r=w9NQdMas-PbABIe2Vnjx7A&m=XQ3qyG5SAoY6jY4Pv3Bn3fVfQFbjZaIMJovq2d1Y-2c&s=xpYP-T_xTF78zcT6jG8fBp4_SBEE1y7TwHvi8n2HbhE&e=> >>> [3] >>> https://repository.apache.org/content/repositories/orgapachebeam-1076/ >>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__repository.apache.org_content_repositories_orgapachebeam-2D1076_&d=DwMFaQ&c=r2dcLCtU9q6n0vrtnDw9vg&r=w9NQdMas-PbABIe2Vnjx7A&m=XQ3qyG5SAoY6jY4Pv3Bn3fVfQFbjZaIMJovq2d1Y-2c&s=sg01Cg5xZfqLbyvPHiggexIjz8xR8wxMVi4d-thIXBo&e=> >>> [4] >>> https://github.com/apache/beam/commit/b4efbb23cc5dec80b8bbd8745c62efecdadfa236 >>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_apache_beam_commit_b4efbb23cc5dec80b8bbd8745c62efecdadfa236&d=DwMFaQ&c=r2dcLCtU9q6n0vrtnDw9vg&r=w9NQdMas-PbABIe2Vnjx7A&m=XQ3qyG5SAoY6jY4Pv3Bn3fVfQFbjZaIMJovq2d1Y-2c&s=IEe6OXABE34s9YIOPvwpwh7CbnWl8YOZTrj6476XWpI&e=> >>> >>
