i requested white listing our installer by norton.
if we update the installer before the final release, we'll need to
update the white listing, too.
oh, despite the few nits i posted, i think the release is fine. let's do it!
+1
scott out
On 10/10/2010 6:04 AM, Gav... wrote:
-----Original Message-----
From: Holger Grandy [mailto:[email protected]]
Sent: Thursday, 7 October 2010 12:45 AM
To: [email protected]
Subject: [VOTE] 1.1 release packages
Hello,
I created zips and tar.gzs for the upcoming 1.1 release of Apache Etch.
All files are currently placed in my home directory at
http://people.apache.org/~grandyho/apache-etch-1.1.0-incubating/
Instructions for building the source packages can be found in the
README.txt and
BUILD.txt file and on the website
http://incubator.apache.org/etch/building-trunk.html
Please vote to publish these files on the website:
http://incubator.apache.org/etch/downloads.html
This vote will run for 72 hours.
Thanks for your votes,
Holger
Thanks,
First off, some great Build and Readme files, very detailed.
Some minor points (apologies for the length of some of these):
1. I'm not sure why the BMW Copyright has been added to the Notice.txt file?
The two copyrights in there are for Cisco - which is where the code was
developed
and lived before it came to the ASF. The second copyright is for Apache -
where
the code lives and is developed now. BMW and its employees have provided
CCLA and
ICLAs so I'm not sure the BMW copyright is correct. BMW certainly should be
recognised as a contributor and for provided its employees with time to work
on
the project. I could be wrong however, and I defer this as a question that
should
be raised after the release, I'm not blocking it based on this.
2. ChangeLog.txt seems to be an old version of the file RELEASE_NOTES.txt.
Having
both files included in confusing, especially considering the ChangeLog.txt
seems to
be based on the initial release attempt a year ago and is well outdated. I
would like to
see this file removed and the tarballs re-rolled. This however is a
suggestion and again
I am not going to block based on this.
3. You mention above that you will publish the files to
http://incubator.apache.org/etch/downloads.html .
Please - DO NOT publish the release files to this page. What you do is
publish the files
to the people.apache.org machine to /www/www.apache.org/dist/incubator/etch/
- take a look
at other directories in the /www/www.apache.org/dist/incubator/ for
examples. This ensures
that releases are automatically populated to the official Apache Mirror
sites across the
world for download. You then place links on the above mentioned downloads
page to the
mirrors. Assuming the vote passes, I will help you will this. I will also
see that the
current 1.0.2 files are removed from the downloads page and put into an
archives download
area. There are plenty of examples around but see
http://incubator.apache.org/photark/photark-downloads.html
for example of how they link to the mirrors.
4. You have LICENCE_THIRD_PARTY.txt and NOTICE_THIRD_PARTY.txt files -- both
contain licenses
and notices for the Apache APR project. APR is an Apache Licensed product, I
don't think that counts
as a third party license. I do not think that these files are needed. I will
check this but
I am not holding up the vote because of it.
5. When downloading the Windows exe version Norton FileInsight program
removes it as a threat
to the system. I have pasted the details below for you to examine and
perhaps improve upon
for the next release.
c:\users\gmcdonald\downloads\apache-etch-1.1.0-incubating-windows-x86-setup.
exe
____________________________
____________________________
On computer as of
10/10/2010 at 8:55:28 PM
Last Used:
10/10/2010 at 8:57:50 PM
Startup Item: No
Launched: No
____________________________
____________________________
Very Few Users
Fewer than 10 users in the Norton Community have used this file.
____________________________
Medium
This file risk is medium.
____________________________
Threat Details
There are many indications that this file is untrustworthy and therefore not
safe
____________________________
Origin
Downloaded from
http://people.apache.org/~grandyho/apache-etch-1.1.0-incubating/apache-etch-
1.1.0-incubating-windows-x86-setup.exe
____________________________
http://people.apache.org/~grandyho/apache-etch-1.1.0-incubating/apache-etch-
1.1.0-incubating-windows-x86-setup.exe
SAFE
Downloaded File:
apache-etch-1.1.0-incubating-windows-x86-setup.exe
____________________________
File Actions
File:
c:\users\gmcdonald\downloads\apache-etch-1.1.0-incubating-windows-x86-setup.
exe
Removed
____________________________
Finally, Etch folks, if you are still with me, the above I believe are not
release blockers, so here
is my +1 on releasing. Nice work all.
Gav...
