+1 binding. > + are the GPG signatures fine? > + are the checksums correct? > + is there a source archive?
Yes x 3. > + can the source archive really be built? Yes. > + is there a correct LICENSE and NOTICE file in each artifact Looks good. I did notice: > Portions of this software are from Apache Xerces and were originally based on > the following: > - software copyright (c) 1999, IBM Corporation., http://www.ibm.com. > - software copyright (c) 1999, Sun Microsystems., http://www.sun.com. I haven't kept track of all of our moves around Xerces and its datatype code. Do we still need this, or did we excise all the Xerces-derived stuff? > + does the NOTICE file contain all necessary attributions? Seems to. > + have any licenses of dependencies changed due to upgrades? > if so have LICENSE and NOTICE been upgraded appropriately? Looks fine. > + does the tag/commit in the SCM contain reproducible sources? Yes. ajs6f > On Jan 16, 2020, at 12:34 PM, Andy Seaborne <a...@apache.org> wrote: > > Hi, > > Here is a vote on the release of Apache Jena 3.14.0 > This is the second proposed release candidate. > > The deadline is only 72hours in case there are enough +1 votes and I can do > the final stage on Sunday - otherwise, it is likely to be mid next week. > > ==== Changes from RC1: > > Fix for JENA-1817 > https://github.com/apache/jena/commit/08ca0b83 > > ==== Changes for 3.14.0: > > https://s.apache.org/jena-3.14.0-jira > > ==== Release Vote > > Everyone, not just committers, is invited to test and vote. > Please download and test the proposed release. > > Staging repository: > https://repository.apache.org/content/repositories/orgapachejena-1036 > > Proposed dist/ area: > https://dist.apache.org/repos/dist/dev/jena/ > > Keys: > https://svn.apache.org/repos/asf/jena/dist/KEYS > > Git commit (browser URL): > https://github.com/apache/jena/commit/d0abcd14 > > Git Commit Hash: > d0abcd14f82c36045a3c047941a6518f3bdb56ce > > Git Commit Tag: > jena-3.14.0 > > Please vote to approve this release: > > [ ] +1 Approve the release > [ ] 0 Don't care > [ ] -1 Don't release, because ... > > This vote will be open until at least > > Sunday, 19th January 2020 at 18:00 UTC > > If you expect to check the release but the time limit does not work > for you, please email within the schedule above with an expected time > and we can extend the vote period. > > Thanks, > > Andy > > Checking needed: > > + are the GPG signatures fine? > + are the checksums correct? > + is there a source archive? > > + can the source archive really be built? > (NB This requires a "mvn install" first time) > + is there a correct LICENSE and NOTICE file in each artifact > (both source and binary artifacts)? > + does the NOTICE file contain all necessary attributions? > + have any licenses of dependencies changed due to upgrades? > if so have LICENSE and NOTICE been upgraded appropriately? > + does the tag/commit in the SCM contain reproducible sources?