Hi Kalle, This is really good stuff - thanks for figuring this stuff out :) I agree that we should go the staged release route for safety, given that we haven't had our first approved release yet.
How do the staged releases work in relation to the site? Or do they? My assumption is that for a staged release, the maven created artifacts go into a special repository in Nexus. Then after the release is approved, someone clicks a button, which moves them to the public repo. Is this correct? Is the site handled differently? - Les On Mon, Feb 8, 2010 at 5:41 PM, Kalle Korhonen <[email protected]> wrote: > I've been looking at deploying the Maven site as secondary form of > documentation (cwiki being primary). After reading through > http://incubator.apache.org/guides/sites.html, I'm still not hyper > convinced that the produced Maven site would need to be fully > committed to svn. I didn't see any project currently in Incubator > who'd be using Maven to the fullest and though Chemistry has deployed > a Maven as their primary sits, it's not in svn and they don't have > distributionmanagement set up at all and Shindig, that graduated last > year, is directly deploying via scp. So, unless I hear otherwise, I'm > going to add this to the master pom: > <distributionManagement> > <site> > <id>incubator.website</id> > <name>Apache Incubator Site</name> > > <url>scp://people.apache.org/www/incubator.apache.org/shiro/site</url> > </site> > </distributionManagement> > > I'm not sure if there's any common ids that should be used. Shindig > uses "apache.website" - I didn't find any documentation on that, does > anyone know better? I already deployed the top pom non-recursively as > a test and verified that the permissions are set correctly (I'm the > owner but write allowed for incubator group). > > I've also taken a look at the rules regarding distributing releases > and it seems that the apache parent pom and the instructions strongly > suggest using staged releases as opposed to blind releases (which we > earlier talked about doing at first). It's a bit more work but gives > us a chance to evaluate the produced binaries before they go out > publicly so I guess it's better to do it right from the beginning. > I'll work on release preparation but I think we are still a week or > two away from being able to release. > > Kalle > > > On Mon, Feb 1, 2010 at 9:41 PM, Kalle Korhonen > <[email protected]> wrote: >> Ha! I knew that would get the ball rolling :) I'll take care of >> SHIRO-59. Agree with everything Les said - API changes would be >> important to get in at this stage. I expect working through the >> release preparation will still take a couple of weeks and we probably >> have a good chance of closing out all of the remaining ones currently >> scheduled in that timeframe - but there's no point holding up the >> release if not. >> >> Kalle >> >> >> On Mon, Feb 1, 2010 at 8:39 PM, Les Hazlewood <[email protected]> wrote: >>> I definitely agree - there are a few critical issues that I'd like to >>> see if we can resolve: >>> >>> - The RememberMeManager acquires the HttpServletRequest/Response pair >>> from the ThreadLocal - I was thinking that might require an API change >>> to the RememberMeManager to accept it as a method argument or in the >>> Subject context map. >>> - 'Run As' is about 50% done. It shouldn't take much longer to finish >>> - As Brian suggested, his patches would be a nice edition for the 1.0 >>> release. >>> >>> I agree that most of the other issues won't be done for the 1.0 >>> release, but that's ok - that's what 1.1 will be for or 1.2 or >>> whatever. It's definitely a good idea to get 1.0 out now to service >>> the community's needs. >>> >>> We're definitely close! >>> >>> Cheers, >>> >>> Les >>> >>> On Mon, Feb 1, 2010 at 10:54 PM, Kalle Korhonen >>> <[email protected]> wrote: >>>> I think it's a high time to do our first release. There's quite a few >>>> smallish organizational and/or configuration items we need to do >>>> before a release, most of them nicely tracked at >>>> http://incubator.apache.org/clutch.html. Color-wise, we are not doing >>>> that bad but we could do better. Don't care about the all green much >>>> but the page is tracking the right items, so I just picked up the >>>> hammer and I'll start swinging. I'll be updating the progress here and >>>> in case I run into issues. I'll first create the distribution area and >>>> publish our site docs there. If there are any open issues any of you >>>> would like to get closed before 1.0.0 better start working on them >>>> now.. I don't think we are going to wait for all of the issues >>>> currently scheduled for 1.0 >>>> (https://issues.apache.org/jira/secure/IssueNavigator.jspa?reset=true&mode=hide&sorter/order=DESC&sorter/field=priority&resolution=-1&pid=12310950&fixfor=12314078) >>>> to be completed unless they are critical/blocker. We'll just schedule >>>> them for a later point release if not done until we are otherwise >>>> ready for 1.0.0. Agree? >>>> >>>> Kalle >>>> >>>> >>>> On Fri, Dec 18, 2009 at 1:19 PM, Les Hazlewood <[email protected]> >>>> wrote: >>>>> Thanks! >>>>> >>>>> On Fri, Dec 18, 2009 at 4:17 PM, Alan D. Cabrera <[email protected]> >>>>> wrote: >>>>>> Done. >>>>>> >>>>>> >>>>>> Regards, >>>>>> Alan >>>>>> >>>>>> On Dec 18, 2009, at 1:06 PM, Les Hazlewood wrote: >>>>>> >>>>>>> In light of this, could you please resolve the following issue? >>>>>>> >>>>>>> https://issues.apache.org/jira/browse/SHIRO-41 >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Les >>>>>>> >>>>>>> On Wed, Dec 16, 2009 at 11:16 AM, Alan D. Cabrera <[email protected]> >>>>>>> wrote: >>>>>>>> >>>>>>>> For artwork it can get complicated but only if you received >>>>>>>> stipulations >>>>>>>> on >>>>>>>> its usage; it doesn't seem that there is any. I think we're good here. >>>>>>>> >>>>>>>> >>>>>>>> Regards, >>>>>>>> Alan >>>>>>>> >>>>>>>> On Dec 16, 2009, at 7:33 AM, Les Hazlewood wrote: >>>>>>>> >>>>>>>>> There is one minor thing I forgot to mention: Jeremy's friend created >>>>>>>>> the old JSecurity shield/lock logo for us. He did the logo for us in >>>>>>>>> return for free website hosting on one of our servers. This is >>>>>>>>> payment for services rendered (he payed us by doing the logo work, the >>>>>>>>> services rendered were the website hosting), so I don't think that we >>>>>>>>> need a CLA/sign-off from him. >>>>>>>>> >>>>>>>>> As I understand it, the shield/lock logo is our intellectual property >>>>>>>>> due to this agreement and we don't need to involve him. IANAL, but I >>>>>>>>> think we're ok. >>>>>>>>> >>>>>>>>> - Les >>>>>>>>> >>>>>>>>> On Wed, Dec 16, 2009 at 10:26 AM, Les Hazlewood >>>>>>>>> <[email protected]> >>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> Yep, it did. Just for clarity's sake: every contributor on the old >>>>>>>>>> JSecurity project came over as a committer to Apache and each also >>>>>>>>>> sent the re-licensing agreement/affirmation at that time. >>>>>>>>>> >>>>>>>>>> Cheers, >>>>>>>>>> >>>>>>>>>> Les >>>>>>>>>> >>>>>>>>>> On Wed, Dec 16, 2009 at 10:22 AM, Alan D. Cabrera >>>>>>>>>> <[email protected]> >>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>> So, back in July Craig sent out a set of emails from committers in >>>>>>>>>>> the >>>>>>>>>>> project stating that re-licensing for ASF. What I am not sure of is >>>>>>>>>>> that >>>>>>>>>>> this covers *all* the original authors from the JSecurity project >>>>>>>>>>> before >>>>>>>>>>> it >>>>>>>>>>> arrived at the Incubator. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Regards, >>>>>>>>>>> Alan >>>>>>>>>>> >>>>>>>>>>> On Dec 8, 2009, at 6:42 AM, Les Hazlewood wrote: >>>>>>>>>>> >>>>>>>>>>>> Craig, can you please just confirm this so we have a clear record >>>>>>>>>>>> of >>>>>>>>>>>> it? >>>>>>>>>>>> >>>>>>>>>>>> Thanks, >>>>>>>>>>>> >>>>>>>>>>>> Les >>>>>>>>>>>> >>>>>>>>>>>> On Tue, Dec 8, 2009 at 9:26 AM, Alan D. Cabrera >>>>>>>>>>>> <[email protected]> >>>>>>>>>>>> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> If Craig has confirmed that all the original authors from >>>>>>>>>>>>> JSecurity >>>>>>>>>>>>> have >>>>>>>>>>>>> filed a license agreement then I think we're good. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Regards, >>>>>>>>>>>>> Alan >>>>>>>>>>>>> >>>>>>>>>>>>> On Dec 7, 2009, at 4:58 PM, Les Hazlewood wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Yep, we're covered. All people who contributed previously to >>>>>>>>>>>>>> JSecurity became committers to Shiro. Before joining the >>>>>>>>>>>>>> incubator, >>>>>>>>>>>>>> we all formally (each) agreed to the transfer. >>>>>>>>>>>>>> >>>>>>>>>>>>>> HTH, >>>>>>>>>>>>>> >>>>>>>>>>>>>> Les >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Mon, Dec 7, 2009 at 5:27 PM, Alan D. Cabrera >>>>>>>>>>>>>> <[email protected]> >>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I recall that agreements were forwarded by current project >>>>>>>>>>>>>>> members. >>>>>>>>>>>>>>> I'm >>>>>>>>>>>>>>> not >>>>>>>>>>>>>>> certain that we covered all the people who contributed to the >>>>>>>>>>>>>>> original >>>>>>>>>>>>>>> project. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>> Alan >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Dec 7, 2009, at 11:40 AM, Les Hazlewood wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> To the best of my knowledge this is all finished - Craig helped >>>>>>>>>>>>>>>> out >>>>>>>>>>>>>>>> with it. I forwarded all the formal statements from all >>>>>>>>>>>>>>>> previous >>>>>>>>>>>>>>>> committers that they fully agree and support of transferring >>>>>>>>>>>>>>>> all >>>>>>>>>>>>>>>> of >>>>>>>>>>>>>>>> their work to the ASF 2.0 license. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Craig, could you please clarify if there's anything else that >>>>>>>>>>>>>>>> needs >>>>>>>>>>>>>>>> to >>>>>>>>>>>>>>>> be >>>>>>>>>>>>>>>> done? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks! >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Les >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Mon, Dec 7, 2009 at 1:31 PM, Alan D. Cabrera >>>>>>>>>>>>>>>> <[email protected]> >>>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Dec 7, 2009, at 7:44 AM, Les Hazlewood wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> I think most people in the Shiro community would agree that >>>>>>>>>>>>>>>>>> we're >>>>>>>>>>>>>>>>>> long >>>>>>>>>>>>>>>>>> overdue for our first release ;) >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> So, to that end, and unless anyone objects, I'm going to >>>>>>>>>>>>>>>>>> take a >>>>>>>>>>>>>>>>>> crack >>>>>>>>>>>>>>>>>> at tagging only what I feel are the most important issues >>>>>>>>>>>>>>>>>> that >>>>>>>>>>>>>>>>>> absolutely must be in to 1.0. When I'm done with that, I'd >>>>>>>>>>>>>>>>>> like >>>>>>>>>>>>>>>>>> to >>>>>>>>>>>>>>>>>> post to this list again to allow people the opportunity to >>>>>>>>>>>>>>>>>> speak-up >>>>>>>>>>>>>>>>>> if >>>>>>>>>>>>>>>>>> they see something that they think should be included but I >>>>>>>>>>>>>>>>>> missed. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> I'm doing this to help us get a little focus on what should >>>>>>>>>>>>>>>>>> concretely >>>>>>>>>>>>>>>>>> define our first release, and to get it out as soon as >>>>>>>>>>>>>>>>>> possible >>>>>>>>>>>>>>>>>> from >>>>>>>>>>>>>>>>>> now. Just my opinion, but I think it'd be great if we can >>>>>>>>>>>>>>>>>> finish >>>>>>>>>>>>>>>>>> all >>>>>>>>>>>>>>>>>> the 1.0 issues (if not actually release) by 1 January. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Please let me know if anyone does not agree with this, >>>>>>>>>>>>>>>>>> otherwise, >>>>>>>>>>>>>>>>>> I'll >>>>>>>>>>>>>>>>>> get started as soon as possible organizing the existing >>>>>>>>>>>>>>>>>> issues. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Sounds great! >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> The only thing that's hazy in my mind is the LGPL vetting. I >>>>>>>>>>>>>>>>> recall >>>>>>>>>>>>>>>>> an >>>>>>>>>>>>>>>>> effort to obtain permission to relicense the code from the >>>>>>>>>>>>>>>>> original >>>>>>>>>>>>>>>>> authors >>>>>>>>>>>>>>>>> but am not sure if it was completed and all the requisite >>>>>>>>>>>>>>>>> permissions >>>>>>>>>>>>>>>>> were >>>>>>>>>>>>>>>>> properly filed. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>>> Alan >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>> >>>>>>>> >>>>>> >>>>>> >>>>> >>>> >>> >> >
