thanks Kellen, I get the very same issues. It's probably my fault having copied .md5 and .sha files from the staging repo as I didn't have them within my target directory. I also get the same test failure.
Hence -1 from me too. I'll roll it back, fix the issues and create RC4. Regards, Tommaso Il giorno mer 1 mar 2017 alle ore 17:54 kellen sunderland < kellen.sunderl...@gmail.com> ha scritto: > I have to -1 this release for the time being. For me the signatures and > hashes don't seem to match the binaries downloaded. Could you double check > that they match for you Tommaso? I'm also getting a unit test that fails > when I run 'mvn clean package'. I'm digging a little more into this one, > but suspect a missing file. > > > ------------------------ > Here's what I've checked so far: > > Release artifacts must include incubating in the final file name - YES > Release artifacts must include a disclaimer within the release artifact(s) > as noted - YES > Every ASF release MUST contain one or more source packages, which MUST be > sufficient for a user to build and test the release provided they have > access to the appropriate platform and tools. - NO > -Not building due to failing test (BerkleyLM failure). I'm digging a > bit more into this. > > Every artifact distributed to the public through Apache channels MUST be > accompanied by one file containing an OpenPGP compatible ASCII armored > detached signature and another file containing an MD5 checksum. > - .asc - NO > I get warning: > "gpg --verify joshua-incubating-6.1-src.tar.gz.asc > joshua-incubating-6.1-src.tar.gz > gpg: Signature made Thu Feb 23 09:15:17 2017 CET using RSA key ID > 891768A5 > gpg: Good signature from "Tommaso Teofili <tomm...@apache.org>" > [unknown] > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner." > - .md5 - NO > My md5 of joshua-incubating-6.1-src.tar.gz is > 504976876b01294811293aa45b5400f5, the joshua-incubating-6.1-src.tar.gz.md5 > indicates it should be 22b738eeae45757715080702a5bd2789 > - .sha - NO > My sha of joshua-incubating-6.1-src.tar.gz is > 4AB5BA24301590F36AE6452DACC3F21CBD8B3FEC, the > joshua-incubating-6.1-src.tar.gz.md5 indicates it should be > 2a55b6d341dddc5369b22a4802a86ec40accd0a1 > - KEYS - YES > > On Mon, Feb 27, 2017 at 3:55 AM, Matt Post <p...@cs.jhu.edu> wrote: > > > Hi folks, > > > > First, Tommaso, thank you for pulling this together! > > > > I want to remind everyone that there's a checklist to go through before > > sending your +1. Here's from an email from Tom Barber a while back: > > > > > Hello folks, > > > > > > I see plenty of +1's going through the release vote, which is great to > > see > > > people taking an active role in getting the release shipped. > > > > > > For those of you who are new to the ASF there are a bunch of > requirements > > > to sign off for a release which you can find here: > > > > > > http://incubator.apache.org/guides/releasemanagement.html#check-list < > > http://incubator.apache.org/guides/releasemanagement.html#check-list> > > > > > > My current concern is that people who are new to the incubator are > +1'ing > > > software for release without check all or part of the release cycle. > > Whilst > > > not mandatory, when you +1 a release please can you try to indicate > what > > > you've checked. The reason for this is, the tag Lewis has built off > > isn't > > > the tip of master, so if you're basing your +1 on your day to day > > > development and knowledge of the code base, that's not always whats > > > shipped. Also in the branching process, its possible merges or > > alterations > > > were accidentally made that Lewis has missed (this is very unlikely I > > know > > > but you know, code changes). Also people build software on different > > OS's, > > > versions of OS's etc so just because it builds on Lewis's laptop > doesn't > > > mean it builds on mine, for example. > > > > > > Also regarding licenses, disclaimers etc, people notice different > things > > or > > > interpret stuff differently. its always possible that someone might > miss > > a > > > library etc so its important multiple eyes run over the same stuff. > > > > > > Cheers, > > > > > > Tom > > > > I'm hoping I'll have time to go through this tomorrow. > > > > matt > > > > > > > > > On Feb 25, 2017, at 2:41 AM, Tommaso Teofili < > tommaso.teof...@gmail.com> > > wrote: > > > > > > Hi Folks, > > > Please VOTE on the Apache Joshua 6.1 Release Candidate #3. > > > > > > We solved 36 issues: > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa? > > projectId=12319720&version=12335049 > > > > > > Git source tag (3447715b3aa0a48ed79465d80618bd5a2f7a7558): > > > https://s.apache.org/XIxJ > > > > > > Staging repo: > > > > https://repository.apache.org/content/repositories/orgapachejoshua-1004 > > > > > > Source Release Artifacts: > > > https://dist.apache.org/repos/dist/dev/incubator/joshua/6.1/ > > > > > > PGP release keys (signed using 891768A5): > > > *https://git1-us-west.apache.org/repos/asf?p=incubator- > > joshua.git;a=blob_plain;f=KEYS;h=aa18365bf5c8c8fb17b084f783a75c > > 3a2460a98d;hb=HEAD > > > <https://git1-us-west.apache.org/repos/asf?p=incubator- > > joshua.git;a=blob_plain;f=KEYS;h=aa18365bf5c8c8fb17b084f783a75c > > 3a2460a98d;hb=HEAD>* > > > > > > Vote will be open for 72 hours. > > > Thank you to everyone that is able to VOTE as well as everyone that > > > contributed to Apache Joshua 6.1. > > > > > > [ ] +1, let's get it released!!! > > > [ ] +/-0, fine, but consider to fix few issues before... > > > [ ] -1, nope, because... (and please explain why) > > > > > > Regards, > > > Tommaso > > > > >
