I am not sure that I have understood the thread(s) above fully, but it would seem to me that we need to immediately get the correct, signed, voted, *released* 1.0 jar into *both* java-repository and ibibilo. My guess would be that via a combination of pom and .properties config errors, someone published a snapshot (still named 1.0) to java/repository and this got replicated to ibiblio.
I am -1 on pushing out any sort of "emergency" release without proper plan, review and vote. Has anyone run a clirr report on the bogus and real release jar to see what the binary compability problems are in both directions (users of the original jar could be breaking as we speak, IIUC)? I know I may seem to be dicounting the problems of clients using the "bogus" jar. I am not downplaying those problems and feel that we need to acknowledge them on the web page and move with all deliberate speed to develop a release of some kind that matches the API in the bogus jar; but the official apache releases are what we vote on and push out to the mirrors. I don't think it is a good idea to circumvent or change release processes to correct software distribution errors. It goes without saying that we also need to find a way to prevent this from recurring, and also find out immediately if there are other situations like this. Anyone interested in helping to find a solution to this should subscribe to repository@ and discuss the general problem there. Phil --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
