Re: OFBiz releases EOL (End Of Life) announcement
Le 05/01/2022 à 09:18, Jacques Le Roux a écrit : Le 05/01/2022 à 09:14, Jacques Le Roux a écrit : I have created https://issues.apache.org/jira/browse/OFBIZ-12479 for that I have updated the Jira with a draft proposal, please comment there TIA Jacques
Re: [VOTE] [RESULT] Apache OFBiz 18.12.05 (second attempt)
I have updated our release management guide in Confluence accordingly. Jacopo On Tue, Jan 4, 2022 at 5:16 PM Jacques Le Roux wrote: > > It's up to date: > > *< uses a global content distribution network (CDN) which collects new > releases almost as soon as you post them. The files therefore become > available for download almost immediately. You probably don't need to wait > more than fifteen minutes before announcing a release.>> > > Le 04/01/2022 à 15:56, Jacques Le Roux a écrit : > > I have asked, Greg answered: > > > >< >The experiment is related to usage statistics.>> > > > > So it's official, it's now 15 mins :) I have tried stats. twice (once in > > Nov. one today) it does not work or is really, really, really slow... > > > > I have asked on members if we should not update > > https://infra.apache.org/release-publishing.html#faqs > > > > Jacques > > > > Le 04/01/2022 à 12:29, Jacopo Cappellato a écrit : > >> Thank you Jacques, it is indeed good news. > >> However, I think we should stick to the current workflow, at least > >> until the Infra updates their recommendations here: > >> > >> https://infra.apache.org/release-publishing.html#faqs > >> > >> Thanks, > >> > >> Jacopo > >> > >> > >> On Tue, Jan 4, 2022 at 12:16 PM Jacques Le Roux > >> wrote: > >>> Hi Jacopo, > >>> > >>> 2 months ago the ASF moved from a mirrors architecture to a CDNs > >>> architecture. > >>> > >>> It's described > >>> athttps://fossforce.com/2021/10/apache-foundation-moves-from-mirrors-to-a-cdn-to-distribute-software/ > >>> > >>> In the related members thread* (only accessible to ASF members) Daniel > >>> Gruno said**: > >>> > >>> < >>> commit to svn.>> > >>> > >>> I guess it's the same for Git. > >>> > >>> *https://lists.apache.org/thread/4k6t1702xtctylozt9jzhtq6nqgvs2p2 > >>> **https://lists.apache.org/thread/gfoprg8215sdpx8kwjcpv0z74lfyvmq5 > >>> > >>> Sounds like a nice change, hopefully it will stay. > >>> > >>> Jacques > >>> > >>> Le 03/01/2022 à 09:47, Jacopo Cappellato a écrit : > Thank you, the vote is successful (3 binding votes). > > I am going to publish the release, wait 24 hours to let the release files > propagate through the download mirror network and finally announce the > release and update our site. > > Jacopo > > On Sun, Jan 2, 2022 at 12:29 PM Jacopo Cappellato < > jacopo.cappell...@gmail.com> wrote: > > > This is the second vote thread to release a new bug fix release for the > > release18.12 branch. This new release, "Apache OFBiz 18.12.05" > > supersedes all the previous releases from the same branch. > > > > The release files can be downloaded from here: > > https://dist.apache.org/repos/dist/dev/ofbiz/ > > > > and are: > > * apache-ofbiz-18.12.05.zip > > * KEYS: text file with keys > > * apache-ofbiz-18.12.05.zip.asc: the detached signature file > > * apache-ofbiz-18.12.05.zip.sha512: checksum file > > > > Please download and test the zip file and its signatures (for > > instructions on testing the signatures see [*]). > > > > Vote: > > > > [ +1] release as Apache OFBiz 18.12.05 > > [ -1] do not release > > > > For more details about this process please read [**]. > > [*] > > https://cwiki.apache.org/confluence/display/OFBIZ/Release+Management+Guide+for+OFBiz#ReleaseManagementGuideforOFBiz-Votingonarelease > > [**]http://www.apache.org/foundation/voting.html > >
Re: OFBiz releases EOL (End Of Life) announcement [was Re: [ofbiz-site] branch master updated: More information about security and EOL (End Of Life)]
Hi Michael, That sounds interesting, I propose to create a Jira of maybe even a wiki page for that, maybe a new thread to discuss? Jacques Le 04/01/2022 à 17:58, Michael Brohl a écrit : +1 with a few additions: I think that the project should have a planned roadmap with more or less fixed release dates/cycles and a clear pre-planned EOL plan. We should also specify what EOL means for us and if there is a step between. I think of making bugfixes/backports during main support and only doing security fixes in a phase after that. EOL would then mean ultimately no fixes at all. For new release branches, we should als TRY to plan which features, big changes or deprecations we want to put in and work towards those goals (thinking about major framework changes etc. as we started to discuss recently). We should also think about another release number scheme. The inclusion of the year/month the branch was created makes the first stable release look outdated as we normally have a stabilization time of 2-3 years (which we also could change). Maybe that's a discussion for past-22.x Thanks, Michael Brohl ecomify GmbH - www.ecomify.de Am 04.01.22 um 16:04 schrieb Jacques Le Roux: Hi All, I'd like to discuss about OFBiz releases EOL (End Of Life) announcement. For instance R17.12 is EOL with 17.12.08. I suggest to make it clear on site (if that's not already enough, eg*), to send an email to user ML and maybe talk about it in social-media and the blog. Maybe we could also have a special site page for EOL dates and version of our releases? And some words in https://ofbiz.apache.org/security.html... * https://ofbiz.apache.org/release-notes-17.12.08.html (maybe the de facto standard term EOL (End Of Life) is missing?) Opinions? Jacques Le 04/01/2022 à 11:52, Jacques Le Roux a écrit : I agree Jacopo, Will you handle it? I made those tiny changes after an answer Mark J. Cox made to Mark Thomas in a discussion I read on security-disc...@community.apache.org : MT: <> MC: <> There are at least 340+ TLPs*. So I guess it becomes worrying for the ASF. I don't think we are concerned by those worries. So was just a small effort in this direction. I think though that we should discuss about how to handle EOL announcements. * https://blogs.apache.org/foundation/entry/apache-software-foundation-security-report1 Jacques Le 04/01/2022 à 10:45, Jacopo Cappellato a écrit : Thank you Jacques for adding the statement: however I think it is > time to remove the entire section of 17.12.08 since we have enough > releases out of 18.12 already. The release 17.12.08 will always be > available in the archive. > > Jacopo
Re: OFBiz releases EOL (End Of Life) announcement
Le 05/01/2022 à 09:14, Jacques Le Roux a écrit : I have created https://issues.apache.org/jira/browse/OFBIZ-12479 for that
Re: OFBiz releases EOL (End Of Life) announcement
Hi, I forgot the obvious: we should make an announcement not only on user ML but also on announce@a.o Struts is a good example: https://s.apache.org/qr8ci They even have announceme...@struts.apache.org, not sure we need that. I'll inspire from them to create our 1st announcement for EOL of the 18.12 branch with 17.12.08. Next time we will, like Struts, announce 6 months ago before the definitive announcement. I have created Jacques Le 04/01/2022 à 16:04, Jacques Le Roux a écrit : Hi All, I'd like to discuss about OFBiz releases EOL (End Of Life) announcement. For instance R17.12 is EOL with 17.12.08. I suggest to make it clear on site (if that's not already enough, eg*), to send an email to user ML and maybe talk about it in social-media and the blog. Maybe we could also have a special site page for EOL dates and version of our releases? And some words in https://ofbiz.apache.org/security.html... * https://ofbiz.apache.org/release-notes-17.12.08.html (maybe the de facto standard term EOL (End Of Life) is missing?) Opinions? Jacques Le 04/01/2022 à 11:52, Jacques Le Roux a écrit : I agree Jacopo, Will you handle it? I made those tiny changes after an answer Mark J. Cox made to Mark Thomas in a discussion I read on security-disc...@community.apache.org : MT: <> MC: <> There are at least 340+ TLPs*. So I guess it becomes worrying for the ASF. I don't think we are concerned by those worries. So was just a small effort in this direction. I think though that we should discuss about how to handle EOL announcements. * https://blogs.apache.org/foundation/entry/apache-software-foundation-security-report1 Jacques Le 04/01/2022 à 10:45, Jacopo Cappellato a écrit : Thank you Jacques for adding the statement: however I think it is > time to remove the entire section of 17.12.08 since we have enough > releases out of 18.12 already. The release 17.12.08 will always be > available in the archive. > > Jacopo