Sorry for the name typo - *Enrico On Fri, Feb 7, 2020 at 2:24 PM Norbert Kalmar <[email protected]> wrote:
> p.s.: These are pretty easy fixes to include/exclude the files Eniroc > mentioned, so on second thought probably worth fixing and do an rc2. > I'll create a jira and start to work on it. We'll see if anything else > comes up or how the vote goes. > > - Norbert > > On Fri, Feb 7, 2020 at 2:20 PM Norbert Kalmar <[email protected]> > wrote: > >> Hi Enrico, >> >> I checked the release, you are right. I mainly did the comparison with >> the 3.5.6 release as there were no changes on file/dependency level really. >> All of these points stand for that release as well. That's why I didn't >> notice or thought of it as release breaking flaw. >> >> In my opinion, we should definitely create a jira to fix these for the >> next 3.5 release, and just go forward with 3.5.7. This is a bugfix release, >> and it does fix a few critical bugs and thirdparty CVEs. >> None of this was introduced with this bugfix version, so from my point of >> view these are not breaking content errors. >> >> On the other hand I am biased I guess due to the fact I made the release >> :) >> So knowing this let me know if anyone thinks this is a -1 for rc1. >> >> Thanks, >> Norbert >> >> On Fri, Feb 7, 2020 at 2:01 PM Enrico Olivelli <[email protected]> >> wrote: >> >>> Hi Norbert, >>> thank you for working on this. >>> >>> I see differences between the contents of the source tarball and the >>> git tag (using Meld, as suggested by Patrick some month ago), namely: >>> - there is not checkstyleSuppressions.xml file, and mvn >>> checkstyle:check fails (it is not bound to the default lifecycle, so >>> mvn clean install still works) >>> - there are ".c" generated files, they should not be part of the source >>> release >>> - there is not "dev" directory >>> - there is not .travis.yml file >>> >>> I am somehow biased because I worked on this stuff for 3.6.0rc0,rc1 and >>> rc2 >>> AKAIK these problems were already present in 3.5.6 so I am not sure >>> these are blocker issues for a release. >>> >>> I am still continuing my tests >>> I just wanted to inform you about my findings, this way we can choose >>> what do to as soon as possible. >>> >>> >>> Enrico >>> >>> >>> Il giorno ven 7 feb 2020 alle ore 13:29 Norbert Kalmar >>> <[email protected]> ha scritto: >>> > >>> > This is the second bugfix release candidate for 3.5.7. It fixes 21 >>> issues, >>> > including third party CVE fixes, potential data loss and potential >>> split >>> > brain if some rare conditions exists. >>> > >>> > (I have signed rc0 with the wrong key - sorry for that). Everything >>> else is >>> > unchanged from rc0. >>> > >>> > The full release notes is available at: >>> > >>> > >>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12346098 >>> > >>> > *** Please download, test and vote by February 11th 2020, 23:59 UTC+0. >>> *** >>> > >>> > Source files: >>> > https://people.apache.org/~nkalmar/zookeeper-3.5.7-candidate-1/ >>> > >>> > Maven staging repo: >>> > >>> https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper/3.5.7/ >>> > >>> > The release candidate tag in git to be voted upon: release-3.5.7-rc1 >>> > (points to the same commit as rc0) >>> > >>> > ZooKeeper's KEYS file containing PGP keys we use to sign the release: >>> > https://www.apache.org/dist/zookeeper/KEYS >>> > >>> > Should we release this candidate? >>> >>
