To test this PR locally , perform a dry-run of mvn -Psigned_release release:prepare
Verify target/apache-pirk-0.1.0-incubating-sources.jar and target/apache-pirk-0.1.0-incubating.jar On Mon, Aug 15, 2016 at 6:29 PM, Suneel Marthi <[email protected]> wrote: > I fixed issues 5 and 6 below. > > I had to override <maven-source-plugin> which was being inherited from > parent POM. > > For 6, the test material u r seeing is from src/test not from test/. We > should consider moving those to test/ for the next release, otherwise I > don't think its a blocker for this release. > > Will be pushing a PR soon. > > > On Mon, Aug 15, 2016 at 7:35 AM, Tim Ellison <[email protected]> > wrote: > >> On 14/08/16 04:19, Ellison Anne Williams wrote: >> > Hi, >> > >> > This is the vote for release 0.1.0 of Apache Pirk (incubating). >> > >> > The vote will be going for at least 72 hours and will be closed on >> Wednesday >> > , >> > August 16, 2016. >> > >> > The artifacts can be downloaded here: https://repository.apache. >> > org/content/repositories/orgapachepirk-1001/org/apache/ >> > pirk/apache-pirk/0.1.0-incubating/ >> > >> > All JIRAs completed for this release are tagged with 'FixVersion = >> 0.1.0'. >> > You can view them here: https://issues.apache.org/jira >> /browse/PIRK-47?jql= >> > project%20%3D%20PIRK%20AND%20fixVersion%20%3D0.1.0 >> > >> > The artifacts have been signed with Key : 1FD8849B >> > >> > Please vote accordingly: >> > >> > [ ] +1, accept RC as the official 0.1.0 release >> > [ ] +0, I don't care either way, >> > [ ] -1, do not accept RC as the official 0.1.0 release because... >> > >> > Thanks! >> > >> > Ellison Anne >> > >> >> Wow, you guys have had a busy weekend. >> >> Looking at the files in that directory... >> >> (1) Principal release artefact: >> apache-pirk-0.1.0-incubating-source-release.zip >> - sig & sums check ok. >> - EAW's pub key is in LDAP, KEYS file, etc. >> - build and test ok on Oracle Java 8b91, RHEL6. >> - Notice, License files ok. >> - RAT checks pass. >> >> (2) JavaDocs: >> apache-pirk-0.1.0-incubating-javadoc.jar >> - sig and sums check ok. >> - Notice and Licence files ok (in META-INF/). >> - JavaDocs render ok. >> >> (3) Maven pom file: >> - sig and sums check ok. >> - references to license and notices ok. >> - not checked building with it, but oking >> as minimal diff with project pom. >> >> (4) Dependency combined binary convenience: >> apache-pirk-0.1.0-incubating-exe.jar >> - sig and sums check ok. >> - not tested >> ** notices and license files confusion. >> ** not passing on notices for included dependencies. >> >> jar contains >> /LICENSE-junit.txt >> JUnit license >> /LICENSE.txt >> BSD license (from Hamcrest) >> /license/* >> contains ALv2, and other license and NOTICE file for XML APIs. >> /META-INF/LICENSE >> ALv2 >> /META-INF/LICENSE.txt >> ALv2 (with reference to org.apache.commons.math3.ml.neuralnet) >> /META-INF/license/* >> licenses for a variety of dependencies, including >> LICENSE.jboss-logging.txt -> LGPLv2 >> /META-INF/NOTICE >> Pirk (only) notice file. >> /META-INF/NOTICE.txt >> Commons Math notice file. >> >> (5) Pirk-only Source JAR >> apache-pirk-0.1.0-incubating-sources.jar >> - sig and sums check ok. >> - Notice and Licence files ok (in META-INF/). >> - Contains JMH generated source code >> org.apache.pirk.benchmark.generated.* >> org.openjdk.jmh.infra.generated.* >> ** Are we clear on the license for these files? >> ** Fails RAT checks due to unspecified licenses on these files. >> - Not tried compiling / further testing. >> >> (6) Pirk-only Binary JAR >> apache-pirk-0.1.0-incubating.jar >> - sig and sums check ok. >> - Notice and Licence files ok (in META-INF/). >> - FYI contains an empty directory (/org/openjdk/). >> - FYI contains a subset of test material. >> - No further testing. >> >> >> I have to vote -1 (binding) on these artefacts due to the issues >> identified in (4) and possibly (5). >> >> Notably: >> (i) we indicate there is LGPLv2.1 material in this release. If true >> this is contrary to ASF's policy [1], if not then the license text >> should be removed. >> >> (ii) we are not passing through the required NOTICES for Pirk's >> dependencies as required by their terms. >> >> Pirk's transitive JAR has deep dependencies, so if we are redistributing >> them we must include their notice files too. Our JAR has a number of >> NOTICE files, but they are not comprehensive. Better to have a single >> complete NOTICE file, e.g. [2]. >> >> (iii) we should clarify the licence of generated JMH files, and exclude >> them for the RAT check or remove them from the artefacts as required. >> >> [1] http://www.apache.org/legal/resolved.html#category-x >> [2] https://github.com/apache/spark/blob/master/NOTICE >> >> >> p.s. I appreciate that (4) is potentially a significant effort to >> resolve, but the convenience JAR is not essential to a release, so we >> may consider dropping that from the release artefacts this time round. >> Just a thought. >> >> Regards, >> Tim >> > >
