[VOTE] Release Apache Maven Archiver version 3.6.2

2024-03-24 Thread Slawomir Jaranowski 
Hi,

We solved 3 issues:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317922=12353577

There are still a couple of issues left in JIRA:
https://issues.apache.org/jira/issues/?jql=project%20%3D%20MSHARED%20AND%20resolution%20%3D%20Unresolved%20AND%20component%20%3D%20maven-archiver

Staging repo:
https://repository.apache.org/content/repositories/maven-2076/
https://repository.apache.org/content/repositories/maven-2076/org/apache/maven/maven-archiver/3.6.2/maven-archiver-3.6.2-source-release.zip

Source release checksum(s):
[NAME-OF]-source-release.zip sha512: [SHA512SUM]

Staging site:
https://maven.apache.org/shared-archives/maven-archiver-LATEST/

Guide to testing staged releases:
https://maven.apache.org/guides/development/guide-testing-releases.html

Vote open for at least 72 hours.

[ ] +1
[ ] +0
[ ] -1

-- 
Sławomir Jaranowski

Re: release of maven-source-plugin

2024-03-24 Thread Gary Gregory 
I'm glad to hear there is nothing fundamentally wrong. Thank you for the
detailed explanation.

Gary


On Sun, Mar 24, 2024, 3:40 PM Romain Manni-Bucau 
wrote:

> Hi,
>
> I think it is fixed for v4 serie.
> Main issue comes from the default v3 pom (
>
> https://github.com/apache/maven/blob/maven-3.9.2/maven-model-builder/src/main/resources/org/apache/maven/model/pom-4.0.0.xml#L113
> )
> which is no more a thing in v4 so the merge of the plugin executions does
> not happen the same and the issue disappeared.
> The easiest is likely to either let the default be merged and not use "jar"
> (implicit jar-no-fork instead) or just not use the default id
> (attach-sources) and skip the default one.
>
> So there is no source plugin issue (as the plugin will never fix it by "bug
> design") so no reason to hold a release IMHO.
>
> Guess it silently overrided the already built artifact for years - until we
> just fail cause it is a broken design - after this change of goal
> https://issues.apache.org/jira/browse/MNG-5940.
>
> So long story short: we are on track and release can be done I think.
>
> Romain Manni-Bucau
> @rmannibucau  |  Blog
>  | Old Blog
>  | Github <
> https://github.com/rmannibucau> |
> LinkedIn  | Book
> <
> https://www.packtpub.com/application-development/java-ee-8-high-performance
> >
>
>
> Le dim. 24 mars 2024 à 18:44, Gary Gregory  a
> écrit :
>
> > Hi All,
> >
> > As long as https://issues.apache.org/jira/browse/MSOURCES-143 is in
> > play, Commons will stay on a pre-3.3.0 version.
> >
> > I re-read the comments, I still don't know what we can do in Commons
> > to address this as this feels like some deep Maven Magic.
> >
> > Gary
> >
> > On Sun, Mar 24, 2024 at 11:48 AM Hervé Boutemy 
> > wrote:
> > >
> > > I'd like to release maven-source-plugin 3.3.1 to drop the umask
> > sensitivity
> > > during Reproducible Builds :)1
> > >
> > > but there are a few issues open
> > >  https://issues.apache.org/jira/projects/MSOURCES/versions/12353471
> > >
> > > they are related to https://issues.apache.org/jira/browse/MSOURCES-121
> :
> > I
> > > don't get what conditions made the build fail previously, but
> > MSOURCES-121
> > > make it fail now always.
> > > Should we just change the ERROR into WARNING?
> > > Should we do something smarter, for example not re-add if it's the same
> > file?
> > > Or warn only if the second file addition is different from the first?
> > Then
> > > replace instead of add?
> > >
> > > Please help clarifying and fixing this issue that seems ignored for a
> > long time
> > >
> > > Regards,
> > >
> > > Hervé
> > >
> > >
> > >
> > > -
> > > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> > > For additional commands, e-mail: dev-h...@maven.apache.org
> > >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> > For additional commands, e-mail: dev-h...@maven.apache.org
> >
> >
>

Re: release of maven-source-plugin

2024-03-24 Thread Romain Manni-Bucau 
Hi,

I think it is fixed for v4 serie.
Main issue comes from the default v3 pom (
https://github.com/apache/maven/blob/maven-3.9.2/maven-model-builder/src/main/resources/org/apache/maven/model/pom-4.0.0.xml#L113)
which is no more a thing in v4 so the merge of the plugin executions does
not happen the same and the issue disappeared.
The easiest is likely to either let the default be merged and not use "jar"
(implicit jar-no-fork instead) or just not use the default id
(attach-sources) and skip the default one.

So there is no source plugin issue (as the plugin will never fix it by "bug
design") so no reason to hold a release IMHO.

Guess it silently overrided the already built artifact for years - until we
just fail cause it is a broken design - after this change of goal
https://issues.apache.org/jira/browse/MNG-5940.

So long story short: we are on track and release can be done I think.

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le dim. 24 mars 2024 à 18:44, Gary Gregory  a
écrit :

> Hi All,
>
> As long as https://issues.apache.org/jira/browse/MSOURCES-143 is in
> play, Commons will stay on a pre-3.3.0 version.
>
> I re-read the comments, I still don't know what we can do in Commons
> to address this as this feels like some deep Maven Magic.
>
> Gary
>
> On Sun, Mar 24, 2024 at 11:48 AM Hervé Boutemy 
> wrote:
> >
> > I'd like to release maven-source-plugin 3.3.1 to drop the umask
> sensitivity
> > during Reproducible Builds :)1
> >
> > but there are a few issues open
> >  https://issues.apache.org/jira/projects/MSOURCES/versions/12353471
> >
> > they are related to https://issues.apache.org/jira/browse/MSOURCES-121:
> I
> > don't get what conditions made the build fail previously, but
> MSOURCES-121
> > make it fail now always.
> > Should we just change the ERROR into WARNING?
> > Should we do something smarter, for example not re-add if it's the same
> file?
> > Or warn only if the second file addition is different from the first?
> Then
> > replace instead of add?
> >
> > Please help clarifying and fixing this issue that seems ignored for a
> long time
> >
> > Regards,
> >
> > Hervé
> >
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> > For additional commands, e-mail: dev-h...@maven.apache.org
> >
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> For additional commands, e-mail: dev-h...@maven.apache.org
>
>

Re: release of maven-source-plugin

2024-03-24 Thread Gary Gregory 
Hi All,

As long as https://issues.apache.org/jira/browse/MSOURCES-143 is in
play, Commons will stay on a pre-3.3.0 version.

I re-read the comments, I still don't know what we can do in Commons
to address this as this feels like some deep Maven Magic.

Gary

On Sun, Mar 24, 2024 at 11:48 AM Hervé Boutemy  wrote:
>
> I'd like to release maven-source-plugin 3.3.1 to drop the umask sensitivity
> during Reproducible Builds :)1
>
> but there are a few issues open
>  https://issues.apache.org/jira/projects/MSOURCES/versions/12353471
>
> they are related to https://issues.apache.org/jira/browse/MSOURCES-121: I
> don't get what conditions made the build fail previously, but MSOURCES-121
> make it fail now always.
> Should we just change the ERROR into WARNING?
> Should we do something smarter, for example not re-add if it's the same file?
> Or warn only if the second file addition is different from the first? Then
> replace instead of add?
>
> Please help clarifying and fixing this issue that seems ignored for a long 
> time
>
> Regards,
>
> Hervé
>
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> For additional commands, e-mail: dev-h...@maven.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

release of maven-source-plugin

2024-03-24 Thread Hervé Boutemy 
I'd like to release maven-source-plugin 3.3.1 to drop the umask sensitivity 
during Reproducible Builds :)1

but there are a few issues open
 https://issues.apache.org/jira/projects/MSOURCES/versions/12353471

they are related to https://issues.apache.org/jira/browse/MSOURCES-121: I 
don't get what conditions made the build fail previously, but MSOURCES-121 
make it fail now always.
Should we just change the ERROR into WARNING?
Should we do something smarter, for example not re-add if it's the same file? 
Or warn only if the second file addition is different from the first? Then 
replace instead of add?

Please help clarifying and fixing this issue that seems ignored for a long time

Regards,

Hervé



-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: User friendly release notes

2024-03-24 Thread Timothy Stone 

On 3/13/24 7:05 PM, Andres Almiray wrote:

First, I’d suggest following a commit message convention. You may define your 
own or follow an existing one such as 
https://www.conventionalcommits.org/en/v1.0.0/


+1


Next, use a tool that can read, parse, and format commit messages. You’ll find 
plenty of options out there. I can pitch https://jreleaser.org/ 


Not familiar with jreleaser. I will say that mixed technology pipelines 
have worked well for us, with Node managing many aspects of versioning 
and providing previous/next versions to the Maven Release Plugin via the 
pipeline environment.



Cheers
Andres

Sent from my primitive tricorder


On 13 Mar 2024, at 23:58, Slawomir Jaranowski  wrote:

Hi,

Today's facts:

- We manage our issues in jira and all officala release notes are also in
jira.
- We sent an email in text  format to announce mailing list.
- In project documentation we don't have a release notes

But as we see in:
https://lists.apache.org/thread/pzd36lo6rtfn7c5s0x60xbj296xt1mvf
today it is not a user-friendly way.



... snip



Any other propositions, ideas ?

--
Sławomir Jaranowski




--
Timothy Stone
=
Some call me ... Tim.
Husband, Father, Blogger, OSS, Wargamer, Home Brewer, and D
Find me on GitLab | GitHub | Linked In | MeWe | GnuPG


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release Apache Maven GPG Plugin 3.2.2

2024-03-24 Thread Slawomir Jaranowski 
+1

sob., 23 mar 2024 o 23:06 Tamás Cservenák  napisał(a):

> Howdy,
>
> Note: this is a bugfix release for
> https://issues.apache.org/jira/browse/MGPG-113
>
> We solved 3 issues:
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317521=12354419
>
> There are still a couple of issues left in JIRA:
> https://issues.apache.org/jira/projects/MGPG/issues
>
> Staging repo:
> https://repository.apache.org/content/repositories/maven-2075/
>
> Source release checksum SHA512:
>
> 1bb3d9dbf6992ec58b6f08f8cd39d8f002c0ac7be4b7197bbb54057152824a400acebd77e6366e20c5d30a10575be1607e66bdf3a5667c2efef812826b877d8c
>
> Staging site:
> https://maven.apache.org/plugins-archives/maven-gpg-plugin-LATEST/
>
> Guide to testing staged releases:
> https://maven.apache.org/guides/development/guide-testing-releases.html
>
> Vote open for at least 72 hours.
>
> [ ] +1
> [ ] +0
> [ ] -1
>


-- 
Sławomir Jaranowski