Re: [VOTE] Release Apache Tomcat 11.0.0-M15

[Christopher Schultz]

Mark,

On 12/7/23 10:36, Mark Thomas wrote:
The proposed Apache Tomcat 11.0.0-M15 release is now available for
voting.
Apache Tomcat 11.0.0-M15 is a milestone release of the 11.0.x branch and 
has been made to provide users with early access to the new features in 
Apache Tomcat 11.0.x so that they may provide feedback. The notable 
changes compared to the previous milestone include:

- Background processes for a Container no longer execute while lifecycle
   operations are in progress for that Container.

- Align with the latest additions and changes from the Servlet 6.1
   specification.

- Update the sample.war included in the documentation to use the Jakarta
   EE APIs.

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory. Applications using deprecated APIs may require 
further changes.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M15/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1468

The tag is:
https://github.com/apache/tomcat/tree/11.0.0-M15
a22029c7147b83e4fbced16add744903245d1147


The proposed 11.0.0-M15 release is:
[ ] -1 Broken - do not release
[ ] +1 Alpha  - go ahead and release as 11.0.0-M15

+0 for now

I have only built the release and attempted to verify the build is 
reproducible. There is a bug in the verify-release ant target, which is 
my fault. After fixing that, it is only reporting actual failures of 
hash mismatches. I'm going to take a look at them to see what the issues 
are. Here is a quick reacp of the reproducibility report:

[...]
-require-release-toolchain-versions:
     [echo] Local toolchain versions match release toolchain (Java 
22-ea+26-2112, Ant 1.10.13).

[...]
     [echo]
     [echo] Signature mismatch for 
apache-tomcat-11.0.0-M15-deployer.tar.gz:
     [echo]
     [echo] 
9ffb9b14a868478c3b43baa2cbe2f050035666295a6835ea19e79339e1ce58aa97a723d32827422c190b243ff9d58eda280fdfea63fdff918778849618989f9b 
*apache-tomcat-11.0.0-M15-deployer.tar.gz
     [echo] 
7f7d5cd5412d742d3ed3b7c060f798219f7f0005b87da5fcea71e0a01116616ce51212c6334e9f26316f619dbc10825d4a36ce0813669e5d321c9d5042d99b9d 
*apache-tomcat-11.0.0-M15-deployer.tar.gz
     [echo]
     [echo] Signature mismatch for apache-tomcat-11.0.0-M15-deployer.zip:
     [echo]
     [echo] 
258ac2a8a8f4246351ac971ff5a23b7d6153f91689e7d92e1151d464922d6d59eae3887ad38e913d0617bb9e6a2da1c539451fe0e0cbc6b846492254a2cb0426 
*apache-tomcat-11.0.0-M15-deployer.zip
     [echo] 
a5a2d4ab26e6cc906d1c4bf7c7ef78e0f4b7a67f75e334fd0efd47c8e672abd803f55055e424b88ba7c2aca64730f85817f3bfb7f6221796d90af132b97cd431 
*apache-tomcat-11.0.0-M15-deployer.zip
     [echo]
     [echo] Signature mismatch for 
apache-tomcat-11.0.0-M15-fulldocs.tar.gz:
     [echo]
     [echo] 
7d2c76aa7b87e0f663ebe42ce5324a6b44054c01a52ded6adeeba412d406e496c5ade48d94ed3e76df5401f1f15f0d2d89302020825bdd01654e1d45d0abacaf 
*apache-tomcat-11.0.0-M15-fulldocs.tar.gz
     [echo] 
0224a4931d006fd99455e8e1c47be50379b843fea462aba6e81425020752f421d223e2e2c124aea643c323ad2552d9c9ba299acf94b686f608030a45b909f910 
*apache-tomcat-11.0.0-M15-fulldocs.tar.gz
     [echo]
     [echo] Signature mismatch for 
apache-tomcat-11.0.0-M15-windows-x64.zip:
     [echo]
     [echo] 
d4eccc5b1accf9bc59c36fecf665247d8888f3efed38eb5d62bb82cc430042ae2fc77d8134bdab0547185149dcff231554a26e045528cf6b75e359256d475485 
*apache-tomcat-11.0.0-M15-windows-x64.zip
     [echo] 
9fe74131b163a05f87c619c5ca254ef18ac252f4145192c3402a19e820fd1f73a899d1f179b3fc2d360f0e7faa08a6c43da929dbb4cfde206b8ddf81e38f4cf8 
*apache-tomcat-11.0.0-M15-windows-x64.zip
     [echo]
     [echo] Signature MATCH for apache-tomcat-11.0.0-M15-windows-x86.zip
     [echo]
     [echo]
     [echo] Signature mismatch for apache-tomcat-11.0.0-M15.exe:
     [echo]
     [echo] 
a3716015fd6e8631dd2fdc84f0f09a52e62b04f99328b500632a7f9f045a42bf8197ee1c80ac52edb89f292224fc92d02f859bdd336833cb38d5f7aea728d42d 
*apache-tomcat-11.0.0-M15.exe
     [echo] 
b2286ad2aaa37894913f0c8242e17797f35fe22ea1ce40b0fe6493aba62da2a2106b2e676dad8b696aa1e3e32a57b645cc85b040bb120891eb8392f67f192a3c 
*apache-tomcat-11.0.0-M15.exe
     [echo]
     [echo] Signature mismatch for apache-tomcat-11.0.0-M15.tar.gz:
     [echo]
     [echo] 
2b8a3750dcc5c93fa7de7ac7068e2c68eb0b0fa3e20f98c1b81ef4401525cea10b0a8f0fe5d6706f55148fcd568a6aeb6f2c51e27142aca6058c94b3187e0b58 
*apache-tomcat-11.0.0-M15.tar.gz
     [echo] 
e653908a4f2695edd0222497cafb60a327989e7982bf4f531380e355bde17bc002a3cfd2dd58db5142eacbaf66a260db7dfa968c29a2365528cfe0cba4b74c54 
*apache-tomcat-11.0.0-M15.tar.gz
     [echo]
     [echo] Signature mismatch for apache-tomcat-11.0.0-M15.zip:
     [echo]
     [echo] 
77d7600dfd563bee49669ea38301e7a85691c81623771069f1b82f9e33b1d6d39dee112047ebf52df7572119aa14cdc845794883a883407c4b5cc8bd97c8dde1 
*apache-tomcat-11.0.0-M15.zip
     [echo] 
ea4d631f05a09cd5e8a7ad5f42ddae499d437ef6a89ee3dc2465aa30e8a29451639b907cf1e3e0e986c6969978629a35c8aa954cb5241827a5126b7e4f3080fb 
*apache-tomcat-11.0.0-M15.zip
     [echo]
     [echo] Signature MATCH for apache-tomcat-11.0.0-M15-src.tar.gz
     [echo]
     [echo]
     [echo] Signature MATCH for apache-tomcat-11.0.0-M15-src.zip
     [echo]

The list of matches doesn't make much sense to me. The binary ZIP 
package matches but the tarball does not? If anything, I would have 
expected the opposite.

-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org