Hi folks,
If this actually is a vote thread, here my vote:
-1 (non-binding)
Unfortunately I will have to vote -1 on this one ... up until 5) I think this
is minor, but after that I think these are major issues.
I didn't go that deep into details last time as I thought this was a base
already covered.
somethings I noticed:
1) The name of the source bundle doesn't contain "apache" in it
2) Your keys don't seem to be in the ASF web of trust ... perhaps attending a
Key-Signing party would be a good idea
3) MD5 and SHA1 hashes are considered deprecated and SHA512 should be used
4) I can see the archive contains LICENSE and LICENSE.txt as well as NOTICE and
NOTICE.txt (Perhaps removing the file ending of the NOTICE.txt and the
LICENSE.txt would eliminate this)
5) I see we don't have a RELEASE_NOTES (I usually think it's a good practice to
have that in a project and the release)
6) The NOTICE.txt contains this: Copyright 2009 and onwards The Apache Software
Foundation ... I doubt this is actually ok ... I think the starting year
doesn't have to be present, but the current year probably does)
7) A RAT scan without exclusions shows me: "443 Unknown Licenses" a quick check
shows me that we should do our housekeeping here ... I can't vote +1 on this :-(
I would volunteer to work on the issues I found, if the rest of you are ok with
that.
Chris
Am 16.07.20, 20:46 schrieb "Andrew Musselman" <a...@apache.org>:
14.1 RC6 out now, take it for a spin and let us know if it checks out!
Binaries:
https://repository.apache.org/content/repositories/orgapachemahout-1064/org/apache/mahout/apache-mahout-distribution/14.1/
Source:
https://repository.apache.org/content/repositories/orgapachemahout-1064/org/apache/mahout/mahout/14.1/
