I have successfully built the files, but I'm not ready to vote because I have a few questions.
I am following Andy's "quick and not complete summary of what a VOTE entails": (1) How do I verify that the commit id in the downloaded files matches that in the VOTE email? (I've looked on the internet, but have yet to find anything helpful.) (2) Are the "binary artifacts" in the target folders? Which files are considered "binary artifacts?" (3) How do I verify that the build produces the binaries? By visual inspection? What am I looking for? (4) How do I check the dependencies? Regarding the build output: Since this is the first time I've done this, I don't know what's okay to ignore. Here is a summary of the warning messages I received when I ran mvn clean install. I sent the output to two different files using the following command (Windows 10/ GitBash): mvn clean install > output1.txt 2> output2.txt. I appreciate any insight. ** taverna-parent-2: Build successful. The errors file was empty and the console file had one warning about an empty jar. ** taverna language: Build successful. Warnings, some with multiple occurrences. --------------------- language output1 file --------------------- (1) Empty jar warning (2) Lots of JavaDoc warnings -- @return tag has no arguments, illegal characters, can't find configurationsFor(Activity,Profile) etc. (3) Private references -- Export org.apache.taverna.scufl2.ucfpackage, has 1, private references [org.apache.taverna.scufl2.ucfpackage.impl.odfdom.pkg.manifest], (4) Program names are deprecated -- e.g., The usage of program name (workflowmaker) is deprecated. Please use program.id instead. (5) Private packages -- Unused Private-Package instructions, no such package(s) on the class path: [!*] (6) Relative URIs -- Relative URIs are not permitted in RDF: specifically <ont-policy.rdf> (7) Overlapping classes -- for example, xpp3_min-1.1.4c.jar, xmlpull-1.1.3.1.jar define 2 overlapping classes: - org.xmlpull.v1.XmlPullParserException - org.xmlpull.v1.XmlPullParser --------------------- language output2 file --------------------- (1) Unexpected failure of setLastModifiedTime on root -- java.nio.file.oSuchFileException: (2) Unexpected exception-- java.nio.file.NoSuchFileException: test.txt at com.sun.nio.zipfs.ZipFileSystem.newFileChannel (ZipFileSystem.java:709) [and about 30 more in list] (3) log4j - no appenders could be found for logger ... Please initialize the log4j system properly. log4j (4) Expected literal -- Expected literal. not -183cb345:1532e6bc46e:-7ffe (5) Skipping aggregation -- Skipping aggregation without URI: 266e243ce4d408285e522380c4484af0 (6) Ignoring unsupported PropertyResource -- (from wfbundle 0.2.0 or older) for Configuration "Hello" [beanshell:script: null] (7) Could not translate link -- for example, ... More than one link to non-merged port InputProcessorPort "inputlist" (8) Unknown T2 activity or dispatch layer -- http://ns.taverna.org.uk/2010/xml/t2flow/raven/undefined/net.sf.taverna.t2.workflowmodel.processor.dispatch.layers.Parallelize, install supporting T2Parser (9) Invalid output port binding -- unknown processor port: value->value in Processor "alternates" (10) Ambiguous owl:versionInfo -- there is more than one owl:Ontology element. ** taverna osgi: Build successful. Warnings. --------------------- osgi output1 file --------------------- (1) Deprecated @component -- for example, Deprecated @component for project field in org.apache.taverna.mavenplugin.TavernaProfileDeployMojo.: replace with @parameter name="${project}" @readonly (2) Several sets of JavaDoc errors. --------------------- osgi output2 file --------------------- (1) log4j warning -- no appenders could be found for logger... Please initialize the log4j system properly. log4j ----------------------------------------------------------------------- Thank you. On Mon, Feb 29, 2016 at 3:16 AM Stian Soiland-Reyes <[email protected]> wrote: > Looking back at OASIS license I am not sure now. > > I've made > https://issues.apache.org/jira/browse/TAVERNA-925 > to clarify. > > As far as I can see why are fine legally to distribute the ODF spec > files as we have not modified them, however it would seem to be > against ASF policy: > > _____________ Errors file > http://www.apache.org/legal/resolved.html#no-modification > > > I believe that as we are legally OK against OASIS, and we are still an > incubating project with DISCLAIMER, this policy breach should not be a > blocker for this release - but it would have to be sorted before the > first proper ASF release of Taverna Language. > > Other views? Mentors? > > On 29 February 2016 at 01:18, Gale Naylor <[email protected]> > wrote: > > More on LICENSES > > Apache includes Creative Commons Attribution licenses in their "weak > > copyleft" list and (though I don't understand why) Apache suggests > > attaching "an appropriate and prominent label to the distribution ... for > > example in a README." (http://www.apache.org/legal/resolved.html). > Should > > we have some kind of notice in the scufl2-wfdesc and robundle (etc.) > README > > files that flags the embedded CCA licenses? > > > > Also, I have yet to independently verify this, but I presume it was > > determined earlier that the oa.rdf (robundle) W3C CCLA license is okay, > as > > well as the Open-document (robundle) OASIS license/notification. > > > > Thanks, > > > > Gale > > > > On Sun, Feb 28, 2016 at 3:02 PM Gale Naylor <[email protected] > > > > wrote: > > > >> RE: LICENSES > >> Now I've come across this set of statements: "These third party notices > >> vary from license to license. Apache releases should contain a copy of > each > >> license, usually contained in the LICENSE document." ( > >> http://apache.org/legal/resolved.html#required-third-party-notices.) > But > >> maybe this is saying: Apache releases should contain a copy of each (3rd > >> party) license, which is usually contained in the *3rd party* LICENSE > >> document? (Rather than saying the notice should be in the Apache LICENSE > >> document, which is what I thought at first. Can anyone shed light on > this? > >> > >> On Sun, Feb 28, 2016 at 2:54 PM Gale Naylor < > [email protected]> > >> wrote: > >> > >>> Thank you very much for the details, Andy. I'm doing my best to come up > >>> to speed on all this. > >>> > >>> A question: > >>> In looking at the LICENSE files, and the Apache documentation ( > >>> http://www.apache.org/legal/src-headers.html#notice), I'm wondering > >>> about the Taverna Language License, which contains several copyright > >>> notices. The documentation I referenced says: "Use the NOTICE file to > >>> collect copyright notices and required attributions." Am I > misinterpreting > >>> this? Should these copyright notices be in the NOTICE file? (Profuse > >>> apologies if this was already discussed when I was less up-to-speed.) > >>> > >>> Gale > >>> > >>> On Sun, Feb 28, 2016 at 2:19 AM Andy Seaborne <[email protected]> wrote: > >>> > >>>> On 27/02/16 23:33, Stian Soiland-Reyes wrote: > >>>> > Use this thread to discuss any issues with RC5 which is currently > >>>> > under VOTE. If needed we'll also make Jira issues. > >>>> > > >>>> > Under the corresponding [VOTE] thread - only reply with your vote, > >>>> > e.g. "+1". It is a single vote for releasing all three artifacts at > >>>> > once. > >>>> > > >>>> > >>>> Releases are the high point a project. > >>>> > >>>> PPMC members - feel morally obliged to vote! > >>>> > >>>> Everyone else - help out - it's not "devs and users" - it's > "community". > >>>> > >>>> Don't forget what really matters when you vote +1 is that the release > >>>> meets the Apache requirements and then any additional local community > >>>> norms. > >>>> > >>>> A quick and not complete summary of what a VOTE entails: > >>>> > >>>> ** Source > >>>> > >>>> The source artifact is the thing being released. > >>>> Binaries and git are secondary. > >>>> > >>>> People voting must download the source artifact and check it. > >>>> > >>>> do the signatures on the source archive check out? > >>>> does the commit id lead to the same sources? > >>>> > >>>> ** ASF licensing policy > >>>> > >>>> Much of this code being is released for the first time so LICENSE and > >>>> NOTICE are mostly new. > >>>> > >>>> does the NOTICE file contain all necessary attributions? > >>>> is there a correct LICENSE and NOTICE file in each artifact (both > source > >>>> and binary artifacts)? > >>>> > >>>> ** Build > >>>> > >>>> does the build of the source artifact actually produce the binaries? > >>>> check the dependencies. > >>>> > >>>> ** Process > >>>> > >>>> Support the release manager! > >>>> > >>>> The minimum is 3 +1 votes with a majority in favour. > >>>> The RM decides about what to do about comments. > >>>> > >>>> Does the quality level meet the group norms? > >>>> ("can we live with it?" and not "is it perfect?") > >>>> > >>>> > >>>> https://www.apache.org/dev/release.html > >>>> > >>>> Andy > >>>> > >>>> > > > > -- > Stian Soiland-Reyes > Apache Taverna (incubating), Apache Commons RDF (incubating) > http://orcid.org/0000-0001-9842-9718 >
