On Tue, May 13, 2014 at 2:49 PM, Sean Owen <so...@cloudera.com> wrote: > On Tue, May 13, 2014 at 9:36 AM, Patrick Wendell <pwend...@gmail.com> wrote: >> The release files, including signatures, digests, etc. can be found at: >> http://people.apache.org/~pwendell/spark-1.0.0-rc5/ > > Good news is that the sigs, MD5 and SHA are all correct. > > Tiny note: the Maven artifacts use SHA1, while the binary artifacts > use SHA512, which took me a bit of head-scratching to figure out. > > If another RC comes out, I might suggest making it SHA1 everywhere? > But there is nothing wrong with these signatures and checksums. > > Now to look at the contents...
This is a bit of drudgery that probably needs to be done too: a review of the LICENSE and NOTICE file. Having dumped the licenses of dependencies, I don't believe these reflect all of the software that's going to be distributed in 1.0. (Good news is there's no forbidden license stuff included AFAICT.) And good news is that NOTICE can be auto-generated, largely, with a Maven plugin. This can be done manually for now. And there is a license plugin that will list all known licenses of transitive dependencies so that LICENSE can be filled out fairly easily. What say? want a JIRA with details?
