I'd like to go ahead and I offer to do a 3.13.1 to tidy up any rough edges.
Reason: At this point, 3.13.0 RC 3 or 3.13.1 isn't much different in
terms of work needed from my side. I hope it isn't much on the
reviewers' side either.
How does getting 3.13.0 out, wait for a short period of time to see if
anything turns up, then do 3.13.1 sound?
By x.x.1, I mean specific changes only (fixes and safe/contained
changes), and certainly no new modules.
I'd also like to find a way for more automated tests to catch things
early (won't we all?!).
Andy
On 9/25/19 9:00 PM, Aaron Coburn wrote:
Checksums and signatures all look good.
The full source release builds (and tests) for me under both JDK8 and JDK11
OSGi provisioning works
One issue I found -- and this isn't necessarily a blocker because it
appears that it existed before: the jena-dboe-storage artifact has an empty
Automatic-Module-Name header. That is, the header is present with no value
(as opposed to there being no such header in the MANIFEST). As such, that
means that any JPMS-based (JDK11 modules) build will have trouble with that
module. It also appears that this issue existed in the 3.12 release; the
reason I'm encountering it now is that the tdb2 module now depends on
jena-dboe-storage instead of jena-dboe-trans-data:
https://github.com/apache/jena/commit/340f4fbc38b58577e722c6e9762cd89195d43d0c#diff-57239f2bc267be000618f917613a89c9L44
I am happy to supply a patch to fix this. It's up to you whether you'd like
that to go into the 3.13 release
Cheers, Aaron
On Wed, 25 Sep 2019 at 13:15, Andy Seaborne <[email protected]> wrote:
[x] +1 Approve the release (binding)
On 25/09/2019 18:15, Andy Seaborne wrote:
Hi,
Here is a vote on a release of Apache Jena 3.13.0.
This is the second proposed release candidate.
There was a last minute upgrade of Jackson jars (core and databind) to
2.9.10 due to an alert from the GitHub security scan.
The SHACL tests have been moved to have them added to source-release
after the issue in RC 1.
JENA-1763 :: commit : https://github.com/apache/jena/commit/adce00cf
The deadline for the vote is Saturday, 28th Sept, 2019 at 20:00 UTC
==== Release changes:
== Major items
JENA-1733: A SHACL engine
JENA-1693: Add Aggregate Function MEDIAN and MODE (from Marco)
JENA-1731: Fuseki endpoint configuration
JENA-1695: DB storage refactoring
JENA-1718: Remove jena-spatial from the build
JENA-1760: Retire jena-maven-tools
== JIRA
Other JIRA:
https://s.apache.org/jena-3.13.0-jira
== Updates
FasterXML jackson:: 2.9.9 -> 2.9.10
jsonld-java :: 0.12.3 -> 0.12.5
JENA-1754: Apache Commons Compress :: 1.18 -> 1.19 (Brad Hards)
JENA-1756: Dependency updates.
micrometer :: 1.1.3->1.2.1
Apache Commons Lang3 :: 3.4->3.9
Apache Commons CSV :: 1.5 -> 1.7
Apache HttpClient :: 4.5.5 -> 4.5.10
Apache Commons Collections4 :: 4.1 -> 4.4
==== Release Vote
Everyone, not just committers, is invited to test and vote.
Please download and test the proposed release.
Staging repository:
https://repository.apache.org/content/repositories/orgapachejena-1033
Proposed dist/ area:
https://dist.apache.org/repos/dist/dev/jena/
Keys:
https://svn.apache.org/repos/asf/jena/dist/KEYS
Git commit (browser URL):
https://github.com/apache/jena/commit/ec5b9011
Git Commit Hash:
ec5b9011be4a6e9c8303bf8bce1e7d79d5a0eb6e
Git Commit Tag:
jena-3.13.0
Please vote to approve this release:
[ ] +1 Approve the release
[ ] 0 Don't care
[ ] -1 Don't release, because ...
This vote will be open until at least
Saturday, 28th Sept, 2019 at 20:00 UTC
If you expect to check the release but the time limit does not work
for you, please email within the schedule above with an expected time
and we can extend the vote period.
Thanks,
Andy
Checking needed:
+ are the GPG signatures fine?
+ are the checksums correct?
+ is there a source archive?
+ can the source archive really be built?
(NB This requires a "mvn install" first time)
+ is there a correct LICENSE and NOTICE file in each artifact
(both source and binary artifacts)?
+ does the NOTICE file contain all necessary attributions?
+ have any licenses of dependencies changed due to upgrades?
if so have LICENSE and NOTICE been upgraded appropriately?
+ does the tag/commit in the SCM contain reproducible sources?
