The pull request for Flink-web looks good to me +1 (non binding) from me
On Wed, Dec 15, 2021 at 8:19 PM Yun Gao <yungao...@aliyun.com.invalid> wrote: > > Ah actually we may have to merge another commit into the release > > branches for that to be the case for 1.11/1.12. > > > Anyway, I still wouldn't block the release on that. > > Yes, it should only be cases for 1.11 / 1.12~ With a double check the > other two versions contains the doc modification. Very thanks for the > explanation~ > > Best, > Yun > > > > ------------------------------------------------------------------ > From:Yun Gao <yungao...@aliyun.com> > Send Time:2021 Dec. 16 (Thu.) 09:14 > To:dev <dev@flink.apache.org>; Yun Gao <yungao...@aliyun.com.INVALID>; > Stephan Ewen <ewenstep...@gmail.com> > Subject:Re: [VOTE] Release 1.11.6/1.12.7/1.13.5/1.14.2, release candidate > #1 > > Hi Chesnay, > > Very thanks for the explanation! > > Then +1 (non-binding) > > * Verifies the binary distributions could run successfully with the > example jobs. > * Verifies the new tags only contains the log4j version bump PRs. > * The latest blog post and release notes looks good to me. > > Very thanks for driving the emergency releases! > > Best, > Yun > > > > ------------------------------------------------------------------ > From:Chesnay Schepler <ches...@apache.org> > Send Time:2021 Dec. 16 (Thu.) 09:03 > To:dev <dev@flink.apache.org>; Yun Gao <yungao...@aliyun.com.INVALID>; > Stephan Ewen <ewenstep...@gmail.com> > Subject:Re: [VOTE] Release 1.11.6/1.12.7/1.13.5/1.14.2, release candidate > #1 > > That's not a problem as far as I'm concerned, because the documentation > of these releases is never actually published anywhere. > The documentation at nightlies.apache.org will reference 2.16.0. > > On 16/12/2021 02:01, Yun Gao wrote: > > Hi, > > > > May I have a double confirmation that it seems we still have log4j > version written as > > 2.15.0 in dev/project-configuration.md in the commit corresponding to > release tags, > > which seems to be not consistent with the PR in the github, is it > expected and would it > > have influence? > > > > Best, > > Yun > > > > > > > > ------------------Original Mail ------------------ > > Sender:Stephan Ewen <ewenstep...@gmail.com> > > Send Date:Thu Dec 16 08:34:10 2021 > > Recipients:dev <dev@flink.apache.org> > > Subject:Re: [VOTE] Release 1.11.6/1.12.7/1.13.5/1.14.2, release > candidate #1 > > +1 (binding) > > > > > > > > - Verified commit history, looks good > > > > => stumbled over the changes in the "create_release_branch.sh ", > > > > which are present in each release commit. [1] > > > > => agree that these are not an issue, because this is an out-of-band > > > > release > > > > - Release notes for 1.14.2 are off, contain incorrect entry > "FLINK-25222: > > > > Remove NetworkFailureProxy used for Kafka connector tests" > > > > - Checked that released binaries and jars reference correct Scala > versions > > > > - Ran streaming examples against binary releases for 1.12.7, 1.13.5, > > > > 1.14.2. Execution logs look correct. > > > > - Other checks (licenses, no binaries) carry over from previous > releases > > > > > > > > [1] > > > > > https://github.com/apache/flink/commit/6fd4b1c0ef2ddd12751889218445ce0e60ff6c80#diff-94c70ce1a0abddcd83314c83b46080d8edbcd919b737f316cd6f72006d464074 > > > > > > > > > > > > On Wed, Dec 15, 2021 at 5:54 PM Seth Wiesman wrote: > > > > > > > >> +1 (non-binding) > >> - Checked diff of all versions and verified dep upgrade > >> - Verified checksum and signatures > >> - Built 1.14 from source > >> - checked blog post > >> Seth > >> On Wed, Dec 15, 2021 at 10:22 AM Yu Li wrote: > >>> +1 > >>> * Verified checksums and signatures > >>> * Reviewed website PR > >>> - Minor: left a comment to mention CVE-2021-45046 > >>> * Checked and confirmed new tags only contain log4j version bump > >>> * Checked release notes and found no issues > >>> - I've moved FLINK-25317 to 1.14.3 > >>> Thanks for driving these releases Chesnay! > >>> Best Regards, > >>> Yu > >>> On Wed, 15 Dec 2021 at 21:29, Chesnay Schepler > >> wrote: > >>>> FYI; the publication of the python release for 1.11/1.12 will be > >> delayed > >>>> because we hit the project size limit on pypi again, and increasing > >> that > >>>> limit may take a while. > >>>> On the positive side, this gives us more time to fix the mac builds. > >>>> On 15/12/2021 03:55, Chesnay Schepler wrote: > >>>>> Hi everyone, > >>>>> This vote is for the emergency patch releases for 1.11, 1.12, 1.13 > >> and > >>>>> 1.14 to address CVE-2021-44228/CVE-2021-45046. > >>>>> It covers all 4 releases as they contain the same changes (upgrading > >>>>> Log4j to 2.16.0) and were prepared simultaneously by the same person. > >>>>> (Hence, if something is broken, it likely applies to all releases) > >>>>> Note: 1.11/1.12 are still missing the Python Mac releases. > >>>>> Please review and vote on the release candidate #1 for the versions > >>>>> 1.11.6, 1.12.7, 1.13.5 and 1.14.2, as follows: > >>>>> [ ] +1, Approve the releases > >>>>> [ ] -1, Do not approve the releases (please provide specific > >> comments) > >>>>> The complete staging area is available for your review, which > >> includes: > >>>>> * JIRA release notes [1], > >>>>> * the official Apache source releases and binary convenience releases > >>>>> to be deployed to dist.apache.org [2], which are signed with the key > >>>>> with fingerprint C2EED7B111D464BA [3], > >>>>> * all artifacts to be deployed to the Maven Central Repository [4], > >>>>> * source code tags [5], > >>>>> * website pull request listing the new releases and adding > >>>>> announcement blog post [6]. > >>>>> The vote will be open for at least 24 hours. The minimum vote time > >> has > >>>>> been shortened as the changes are minimal and the matter is urgent. > >>>>> It is adopted by majority approval, with at least 3 PMC affirmative > >>>>> votes. > >>>>> Thanks, > >>>>> Chesnay > >>>>> [1] > >>>>> 1.11: > >> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12351056 > >>>>> 1.12: > >> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12351057 > >>>>> 1.13: > >> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12351058 > >>>>> 1.14: > >> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12351059 > >>>>> [2] > >>>>> 1.11: https://dist.apache.org/repos/dist/dev/flink/flink-1.11.6-rc1/ > >>>>> 1.12: https://dist.apache.org/repos/dist/dev/flink/flink-1.12.7-rc1/ > >>>>> 1.13: https://dist.apache.org/repos/dist/dev/flink/flink-1.13.5-rc1/ > >>>>> 1.14: https://dist.apache.org/repos/dist/dev/flink/flink-1.14.2-rc1/ > >>>>> [3] https://dist.apache.org/repos/dist/release/flink/KEYS > >>>>> [4] > >>>>> 1.11: > >> https://repository.apache.org/content/repositories/orgapacheflink-1460 > >>>>> 1.12: > >> https://repository.apache.org/content/repositories/orgapacheflink-1462 > >>>>> 1.13: > >> https://repository.apache.org/content/repositories/orgapacheflink-1459 > >>>>> 1.14: > >> https://repository.apache.org/content/repositories/orgapacheflink-1461 > >>>>> [5] > >>>>> 1.11: > >> https://github.com/apache/flink/releases/tag/release-1.11.6-rc1 > >>>>> 1.12: > >> https://github.com/apache/flink/releases/tag/release-1.12.7-rc1 > >>>>> 1.13: > >> https://github.com/apache/flink/releases/tag/release-1.13.5-rc1 > >>>>> 1.14: > >> https://github.com/apache/flink/releases/tag/release-1.14.2-rc1 > >>>>> [6] https://github.com/apache/flink-web/pull/489 > -- Israel Ekpo Lead Instructor, IzzyAcademy.com https://izzyacademy.com/
