Re: [VOTE] Release Apache Traffic Control 1.8.0-incubating (RC5)

[Justin Mclean]

Hi,

> is this referring to the tar ball having the name "incubator-trafficcontrol" 
> and just changing that to "incubating-..." would suffice?

Yep that’s what’s required. You might find this check list [1] useful.

Thanks,
Justin

1. http://incubator.apache.org/guides/releasemanagement.html#check-list
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Release Apache Traffic Control 1.8.0-incubating (RC5)

[Dan Kirkwood]

Thanks for the feedback,  Justin..We are working on rectifying these 
issues,  but want clarification on a couple.

On 2016-12-29 17:58 (-0700), Justin Mclean  wrote: 
> Hi,
> 
> -1 (binding) As package names don’t include incubating, release includes 
> non Category A licensed software, files incorrectly having Apache headers, 
> unexpected binary file in release and unable to compile from source.
> 
> I checked:
> - package names do not contain “incubating”

is this referring to the tar ball having the name "incubator-trafficcontrol" 
and just changing that to "incubating-..." would suffice?

> - PGP key is not published (but does match KEYS file)

I think my PGP key is published -- here:  
http://pgp.mit.edu/pks/lookup?search=dangogh%40apache.org=indexShould it 
be published elsewhere?

> - signatures and hashes correct
> - LICENSE has a large number of issues (see below)
> - NOTICE is OK
> - unexpected binary file in release [22]
> - all source files have ASF headers
> - Unable to compile from source
> 
> With most common permissive licenses you need to include the text of the 
> license in full, while this doesn’t have to be in the LICENSE file it’s a 
> good idea to do so or includes a pointer to the full text in the license. [1]
> 
> Given the number of licenses it would also be a good idea (IMO) to use the 
> the short form i.e. pointers to the license, see also [1].
> 
> This would include licenses for:
> - fontawesome
> - bootstrap
> - SortTable
> - jQuery UI
> - jMenu (a better URL would be https://libraries.io/github/alpixel/jMenu)

Unfortunately,  that page also has links to the missing github repo.   We are 
planning to remove or replace  this for the next release.

> - DataTables
> - Underscore
> 
> License is missing license information for:
> - normalize.css (MIT license) inside [5]
> - Probably several things from the contents of this file? see the copyrights 
> inside [3]
> - angular loading bar (MIT license) in here [4]
> - bootstrap vertical tabs (MIT license) also in [4]
> - cropper (MIT licensed) also in [4]
> - this file [5]
> - bootstrap progress bar also in [4]
> - WTFPL license code here [6]
> - MIT licensed handlebars [7]
> - BSD licensed pretty print [8]
> - this dual license (Apache/GPL) file [14]
> - Several font files [16][17][18][19][20][21]
> - files here [23]
> 
> Given the large number of issues it likely I may of missed something. For 
> instance I would double check all of the JS files bundled as some of them 
> don’t seem to be mentioned in license i.e. modernizr [15]
> 
> Other licensing issues:
> - I don’t believe CC by 2.5 licensed WebAppers Progress Bar would be 
> allowed to be bundled in an Apache releases as the license is listed in 
> Category B and can’t in included in source form. [2]
> - For the MaxMind DB GeoLite2 Database under CC share-alike license you would 
> need to get approve from legal discuss [2]
> - Theses files may be under under the perl artistic license (not 100% sure) 
> [9][10][11][12][13] which is not a Category A license.
> 
> These files [6][8] incorrectly have ASF headers, there may be others.
> 
> The source fails to compile with this error:
> [ERROR] Failed to execute goal on project traffic_router_core: Could not 
> resolve dependencies for project 
> com.comcast.cdn.traffic_control.traffic_router:traffic_router_core:war:1.8.0: 
> Could not find artifact jdnssec:jdnssec-tools:jar:0.12 in cloudera 
> (https://repository.cloudera.com/content/repositories/releases) -> [Help 1]
> 
> Thanks,
> Justin
> 
> 1. http://www.apache.org/dev/licensing-howto.html#permissive-deps
> 2. https://www.apache.org/legal/resolved#cc-sa
> 3. 
> ./incubator-trafficcontrol/traffic_server/patches/trafficserver-5.3.2-f914e70.diff
> 4. ./incubator-trafficcontrol/traffic_portal/app/src/styles/main.scss
> 5. ./incubator-trafficcontrol/misc/traffic-control-cdn/css/bootstrap.min.css
> 6. ./incubator-trafficcontrol/traffic_ops/app/public/js/lz-string-1.3.3.js
> 7. ./incubator-trafficcontrol/traffic_ops/app/public/js/handlebars.js
> 8. ./incubator-trafficcontrol/traffic_ops/app/public/js/prettyprint.js
> 9. 
> ./incubator-trafficcontrol/traffic_ops/install/lib/perl5/JSON/backportPP/Compat5005.pm
> 10. 
> ./incubator-trafficcontrol/traffic_ops/install/lib/perl5/JSON/backportPP/Compat5006.pm
> 11. 
> ./incubator-trafficcontrol/traffic_ops/install/lib/perl5/JSON/backportPP.pm
> 12. ./incubator-trafficcontrol/traffic_ops/install/lib/perl5/JSON/PP.pm
> 13 ./incubator-trafficcontrol/traffic_ops/install/lib/perl5/JSON.pm
> 14. ./incubator-trafficcontrol/traffic_ops/app/public/js/select2.js
> 15. ./docs/source/_themes/sphinx_rtd_theme/static/js/modernizr.min.js
> 16. 
> ./incubator-trafficcontrol/docs/source/_themes/sphinx_rtd_theme/static/fonts/Inconsolata-Bold.ttf
> 17. 
> /incubator-trafficcontrol/docs/source/_themes/sphinx_rtd_theme/static/fonts/Inconsolata.ttf
> 18. 
>