kou edited a comment on issue #279: URL: https://github.com/apache/arrow-julia/issues/279#issuecomment-1023959150
@quinnj Thanks for proposing new release process! It seems that this process doesn't satisfy https://www.apache.org/legal/release-policy.html (see also https://infra.apache.org/release-publishing.html ). We should follow the release policy because https://www.apache.org/legal/release-policy.html#why . See also: https://infra.apache.org/release-publishing.html > Every Apache Software Foundation project software release must meet requirements for content , process , and publication. These requirements ensure that Apache contributors and users benefit from appropriate legal protection the ASF provides, and reflect the Foundation's goals of open, collaborative software development. I understand that source archive is not necessary for Julia package because Julia users don't use source package. There is no problem that Julia developers test a release candidate by Git commit hash. Julia developers don't need to vote. (It will be useful to verify a release candidate but it's optional.) Apache Arrow PMC https://arrow.apache.org/committers/ need to vote. PMC members use source archive to verify license https://infra.apache.org/release-publishing.html#valid , signs https://infra.apache.org/release-publishing.html#signing and so on. > * If the vote does pass, we increment the Project.toml version number matching the voted proposal, commit the change, then call `@JuliaRegistrator register()` on the commit that incremented the version. This starts the Julia General Registry release process. We need to call `@JuliaRegistrator register()` after vote by Apache Arrow PMC not Julia developers. > We can then either enhance JuliaTagBot or create a new/separate GitHub Action or just a release script that uploads the final release source code to the apache bin @kou mentioned in #278. I think that we need to use a release script because we need to store OpenPGP private key and ASF password to GitHub when we use JuliaTagBot or a new GitHub Action. At least I don't want to store my OpenPGP private key and passphrase of it to GitHub... See also: https://infra.apache.org/release-signing#where > I'm actually not sure how you would go about testing a raw source tarball of a package easily in Julia, other than having to manually unzip, create a directory in your `/.julia/dev` environment, rename a bunch of things(?) because it would probably conflict with your existing Arrow package. I'm sorry but I'm not familiar with Julia. How do you run tests uncommited code in normal development? Do Julia developers need to commit and run `add Arrow@HASH` to run test? > Do you also think it's ok to use a GitHub issue/discussion for the release voting? As I mentioned elsewhere, I just find it much easier to follow when there's a centralized place I can visit to see all activity that has happened. Umm... https://www.apache.org/foundation/voting.html doesn't say "we must use mailing list for vote". We may be able to use GitHub issue/discussion for it. (I know you don't like mailing list but...) we need to ask this on mailing list. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
