On Wed, Feb 10, 2021 at 11:03:39PM -0500, Nathan Hartman wrote: > On Wed, Feb 10, 2021 at 7:51 PM Private List Moderation < > mod-priv...@gsuite.cloud.apache.org> wrote: > > When I checked the download page, there were no links for versions 1.10.7 > > or 1.14.1. > > i.e. the 2 announce mails were telling people to download versions that > > were not on the download page. > > > > As such, I felt I had to reject the announce email. > > > > It looks as though the page has since been updated. > > > > > That was a race condition.
Worse, it's a chicken-and-egg problem which is documented here: http://subversion.apache.org/docs/community-guide/releasing.html#releasing-release """ NOTE: We announce the release before updating the website since the website update links to the release announcement sent to the announce@ mailing list. """ Notwithstanding that, yes, I did actually forget to update the download page immediately after posting the announcements. dsahlberg kindly reminded me of this. It still don't see how this is a reason for blocking a legitimate release annoucement. Instead of rejecting the annoucement outright you could have mailed us on dev@ with a question like "This looks incomplete. Are you sure you want to post this annoucement?". That would have been helpful, but moderation rejection is not helpful. Not everyone relies on the download pages to find our releases. At the moment I sent the announcement at least one distribution (Suse Linux) already had RPMs with the security fix ready to go because we had sent security pre-notifications in private about a week earlier. Cheers, Stefan