Sorry for the delay on my vote. Sigs checked out- source built without issues and passed all tests. Additional tests as described on RC6 candidate.
I'm +1 binding. Thanks again Andrew!! tg On Wed, Sep 16, 2020 at 12:56 PM Trevor Grant <trevor.d.gr...@gmail.com> wrote: > Away from my computer on vacation- if it's still up next week I can vote. > > On Wed, Sep 16, 2020, 11:27 AM Christofer Dutz <christofer.d...@c-ware.de> > wrote: > >> +1 (non-binding) >> >> Chris >> >> [OK] Download all staged artifacts under the url specified in the release >> vote email into a directory we’ll now call download-dir. >> [MINOR] Verify the signature is correct: Additional Apache tutorial on >> how to verify downloads can be found here. >> [OK] Check if the signature references an Apache email address. >> [MINOR] Verify the SHA512 hashes: >> [OK] Unzip the archive >> [OK] Verify the existence of LICENSE, NOTICE, README files in the >> extracted source bundle. >> [MINOR] Verify the content of LICENSE, NOTICE, README files in the >> extracted source bundle. >> [MINOR] Run RAT externally to ensure there are no surprises. >> [MINOR] Search for SNAPSHOT references >> [OK] Search for Copyright references, and if they are in headers, make >> sure these files containing them are mentioned in the LICENSE file. >> [OK] Build the project according to the information in the README.md file. >> >> Remarks: >> - The signature is correct, but no secure trust chain could be >> established (Possibly worth attending a Key-Signing-Party as soon as they >> are happening again) >> - There are no SHA512 hashes, I validated against the SHA1 hashes instead >> - Two CERN files weren't listed in the LICENSE (KeyTypeValueTypeProcedure >> , ValueTypeComparator) >> - One CERN file still has a double CERN/Apache Header (NegativeBinomial) >> - The community modules all contain SNAPSHOT references as they weren't >> enabled in the release >> - The distribution references SNAPSHOT versions of community modules >> (However not in an always-on profile) >> >> >> >> Am 11.09.20, 19:18 schrieb "Andrew Musselman" < >> andrew.mussel...@gmail.com>: >> >> My bad, RC7 out now! >> >> Binaries: >> >> https://repository.apache.org/content/repositories/orgapachemahout-1066/org/apache/mahout/apache-mahout-distribution/14.1/ >> >> Source: >> >> https://repository.apache.org/content/repositories/orgapachemahout-1066/org/apache/mahout/mahout/14.1/ >> >> On Fri, Sep 11, 2020 at 1:04 AM Christofer Dutz < >> christofer.d...@c-ware.de> >> wrote: >> >> > Hi, >> > >> > Sad to see you didn't merge my changes in "issue/MAHOUT-2117" back >> to >> > master before cutting the next RC :-( >> > >> > So I'm not going to vote this time as the result would be the same >> as last >> > time ... >> > >> > Chris >> > >> > >> > Am 11.09.20, 03:17 schrieb "Trevor Grant" <trevor.d.gr...@gmail.com >> >: >> > >> > Thank you so much for getting this out Andrew. >> > >> > I verified all checksums/sigs. >> > >> > I successfully built the source including all tests. (I did >> this in the >> > public docker container rawkintrevo/mahout-builder-base) >> > >> > I also tested the binaries in the public docker container >> > rawkintrevo/mahoutgui , but bashing into the running container, >> > unpacking >> > both the binary archives, and then aiming and running the mahout >> > example >> > notebook in turn against each of the unpacked binaries from >> each of the >> > archives. I did this in place of spark-shell, as I think it's >> a more >> > elegant solution going forward, but would encourage others to >> test >> > against >> > mahout spark-shell. >> > >> > So given all of that, I give an enthusiastic +1 >> > >> > On Thu, Sep 10, 2020 at 3:37 PM Andrew Musselman < >> a...@apache.org> >> > wrote: >> > >> > > Binaries: >> > > >> > > >> > >> https://repository.apache.org/content/repositories/orgapachemahout-1065/org/apache/mahout/apache-mahout-distribution/14.1/ >> > > >> > > Source: >> > > >> > > >> > >> https://repository.apache.org/content/repositories/orgapachemahout-1065/org/apache/mahout/mahout/14.1/ >> > > >> > > Please check checksums and signatures, run the shell, do some >> > computation, >> > > run your favorite jobs, and let us know how it looks. >> > > >> > > Thanks! >> > > >> > > Best >> > > Andrew >> > > >> > >> > >> >>
