Hi, Am Mittwoch, den 02.02.2011, 14:42 +0000 schrieb Richard S. Hall: > I think originally we were more strict on changing the version number > after failed votes, but we've since backed off. The reason for not being > as strict, if I recall, is that people can still download the failed > version while it's available with the signatures and put them up on some > web site and call them official and people wouldn't know because the > signatures are valid. So, what are we really gaining by changing the > version number?
The problem is exactly, that people may grab these packages under vote and put them up. We cancel the vote; rebuild the package with the same version number; succeed and publish. At this point in time we not only have an invalid package uploaded which can be identified as invalid (there is no tag for the failed release and there is no vote success). Rather we have two instances of a package with the same version number in the wild. One is invalid and one is official. But which is which ? I hope I did properly summarize the problem sketched by Roy. Regards Felix > > -> richard > > On 2/2/11 9:01, Guillaume Nodet wrote: > > Last, remember each PMC decides on its own rules to govern its project. > > So the fact Roy sent an email on Jackrabbit doesn't make it an > > official policy for the ASF (and the ASF itself doesn't care about > > such technical details). > > > > I'll re-roll those releases, but I'd like things to be agreed upon > > *and* documented at some point. > > > > On Wed, Feb 2, 2011 at 14:59, Guillaume Nodet<gno...@gmail.com> wrote: > >> On Wed, Feb 2, 2011 at 14:18, Felix Meschberger<fmesc...@adobe.com> wrote: > >>> Hi, > >>> > >>> My vetoes (actually there is no veto in a release vote since this is a > >>> majority vote) > >> I know there's no vetoes in releases, but the goal is usually to > >> gather a consensus. > >> The fact you voted -1 puts a lot of pressure on me if I want to go to > >> the majority in order to have those released ;-) > >> > >>> are grounded on a message Roy Fielding once sent to the > >>> Jackrabbit list [1]: > >>> > >>>> The problem with doing all of our laundry in public is that the public > >>>> often download our unreleased packages even when we tell them not to. > >>>> For that reason, most Apache projects increment the patch-level number > >>>> each time a new package is produced (releases do not need to be > >>>> sequential). > >> I suppose that depends on the definition of "most". Over the dozen of > >> projects I'm involved at the ASF, this is the first time I see that. > >> Maybe for projects like httpd that was the case, but I don't expect > >> many people that aren't felix committers to have downloaded those > >> released in the last 48 hours, so I still stand by the fact that in > >> our case, people are very aware that the jars aren't official yet. > >> > >> Anyway, if that's us becoming an official Felix project policy, I'd > >> like that to be written somewhere. Oral tradition is not really good > >> for newcomers ;-) > >> > >>> Unfortunately I cannot readily find the written rule for this, but this > >>> makes perfect sense to me, which is why I would prefer to get a new > >>> version number. Which is also why I always choose a new version number > >>> for a release vote after I had to cancel a vote. > >>> > >>> Regards > >>> Felix > >>> > >>> [1] http://markmail.org/message/533ybky6pqwwc2is > >>> > >>> Am Mittwoch, den 02.02.2011, 11:16 +0000 schrieb Guillaume Nodet: > >>>> Over the past two years, I've been doing several releases in Felix and > >>>> i've re-rolled some with the same version without any problems. > >>>> I don't see any mention about not reusing the same number twice in the > >>>> release process: > >>>> http://felix.apache.org/site/release-management-nexus.html > >>>> What's the driver behing that ? > >>>> > >>>> Until those releases are published, poeple accessing those are fully > >>>> aware of waht they are, so I don't see that as a problem. > >>>> > >>> > >>> > >> > >> > >> -- > >> Cheers, > >> Guillaume Nodet > >> ------------------------ > >> Blog: http://gnodet.blogspot.com/ > >> ------------------------ > >> Open Source SOA > >> http://fusesource.com > >> > > > >
