>From my POV, I'd propose to resolve the OAuth token endpoint concern [1] before the initial release.
I guess it might be a rather big refactoring, but this issue is already generally accepted as a security concern in the Iceberg community, so I think it would be preferable to resolve it before the first release. WDYT? Thanks, Dmitri. [1] https://github.com/apache/polaris/issues/12 On Mon, Sep 23, 2024 at 1:22 PM Jean-Baptiste Onofré <j...@nanthrax.net> wrote: > Hi folks, > > As we know from experience, that the first release needs some careful > preparation steps, I would like to propose aiming for the Apache > Polaris release by the end of October (after CoC NA). > > I propose to start from 0.1-incubating (currently we are building > 999-SNAPSHOT :) ). > I already created 0.1 milestone on GitHub. We can rename it if needed. > > The preparation steps would be: > - do the triage on the GitHub issues, assigning issues to the 0.1 milestone > - check the legal (LICENSE, NOTICE, DISCLAIMER, KEYS, etc). I will > start some new checks/updates on that (as I have some experience :) ). > - check distribution and artifact publication (dist.apache.org, > repository.apache.org, ...) > > I have several PRs in preparation, including the release preparation > related PRs. > > As reminder about the process > (https://incubator.apache.org/guides/releasemanagement.html), we need > to do release "internally" to the podling , and then start "again" the > vote on the incubator general mailing list. So it's a "longer" process > comparing to a TLP release. > > What do you think ? > > Thanks, > Regards > JB >
