Thanks for the detailed explanation Stephen. I am glad that I have someone experienced like you guiding me as I learn the new responsibility of being a PMC member.
I agree, we don’t need to block the release for the change log irregularities. But let’s do fix them as soon as possible after the release because we don’t want users panicking about (non-existent) backward compatibility issues after reading the release notes. I will keep an eye on this to fix them as soon as the branches re-open. Vote +1 to move ahead with the release. On Sat, Jul 23, 2022 at 2:43 PM Stephen Mallette <[email protected]> wrote: > I'll help Kelvin out with some answers here: > > > 1. I was looking at the commits going in the release and found that we > are missing mention of certain changes in the changelog such as > > https://github.com/apache/tinkerpop/commit/e92d53fa0767fafa4e74f12ca84542d77d7d2976 > , > > https://github.com/apache/tinkerpop/commit/81f884e2782939ddaf338ec87b38ad67690bc0a8 > and > > https://github.com/apache/tinkerpop/commit/ae720befe507cd3385d32e7bd91229bd51758ea8 > . > Please correct me if I am wrong but I would assume that all relevant > changes (even if they are part of RC version of go client) should be added > to the changelog? If you agree, I can do an exhaustive run though the > commits on Monday and fix the change log. > > Most of those links for commits are for gremlin-go. I think that was fine > because we hadn't released gremlin-go yet so CHANGELOG entries on something > that wasn't official (beyond the release candidate) didn't seem necessary. > As for the one Java commit example there, yes, we probably should have > included that. Of course, I think the big error is that we didn't include > gremlin-go at all in the CHANGELOG for 3.5.4. It is however in the Upgrade > Documentation. > > My personal opinion here is that the CHANGELOG omissions should not block > release. Changelog should have been caught during code freeze, though the > official code freeze reminder wasn't sent so maybe this release caught > folks a bit off guard. otoh, i'm not sure how many folks actually do any > sort of reviews during that week aside from the actual release manager so > it wouldn't have been caught anyway. > > What goes into CHANGELOG has always been highly subjective but generally > speaking there should be one or more entries per JIRA and zero or more for > a CTR commit. We tend to avoid entries that deal with tests or > documentation and focus more on user content and refactoring or behavioral > shifts. When I used to keep my eye on TinkerPop on a more daily basis, I'd > try to ensure the CHANGELOG stayed perfect but without someone actively > doing that I imagine it will lose a bit of quality. > > We've had this kind of thing happen before and I usually just make note to > come back and fix the CHANGELOG post release once the branches have > reopened. I would definitely add gremlin-go to 3.5.4 to denote its official > release and tuck in an entry about that "backport" commit you found. Please > feel free to do that when the branches reopen. > > > 2. I performed some sanity checks by downloading the binary and > connecting the server via the console. I observed some warnings while > starting the console but I think those are not release blocking. > > That's a Java 11 warning given Groovy 2.x - it stinks but can't be avoided > I'm afraid. We've been releasing with that since 3.5.x I think > > > 3. Since Kelvin, you are performing the release and signing it, would we > require you to add your public keys > > Kelvin is still working through some setup issues with Apache and build > environment and indeed, his keys should be in that list. In an effort to > not let the release slip further, we signed with my keys. > > > 4. I ran the tests for the 3.5.4 branch and ensured that all tests > passed. I did not verify that the number of tests running for 3.5.4 >= > number of tests running for 3.5.3. > > I'm not sure If i'm crediting it right, but Lyndon/Yang setup codecov for > gremlin-go. I thought the idea was to try to get that running across the > whole project. It would be neat to have those metrics since codecov seems > to be working out for us. > > > 5. I found a broken link in the upgrade documentation. At > https://tinkerpop.apache.org/docs/3.5.4/upgrade/#_gremlin_go, when we > click > on the "here" hyperlink on the line "For full documentation on the > available API to give Gremlin Go a try, click here > < > https://pkg.go.dev/github.com/apache/tinkerpop/gremlin-go/[email protected]/driver > >." > it takes us to a page which says "Oops! We couldn't find “ > github.com/apache/tinkerpop/gremlin-go/v3/[email protected]”. > > That is expected and you will find others like it. Until the VOTE is over > and we official release, we can't expose any convenience binaries for those > versions, so [email protected] won't exist yet until after the vote and the > post-release tasks are completed: > > > https://tinkerpop.apache.org/docs/current/dev/developer/#_post_release_tasks > > If the problem remains after the post-release tasks for some reason, I > typically just manually go edit the HTML and correct it (as well as the > asciidoc separately). > > > 6. https://issues.apache.org/jira/browse/TINKERPOP-2708 (added to 3.5.4 > changelog > < > https://tinkerpop.apache.org/docs/3.5.4/upgrade/#_deprecated_connectonstartup_option_in_gremlin_javascript > >) > is a breaking change for users of gremlin-javascript. Are we sure we want > to introduce a breaking change in a patch version release 3.5.4? > > well spotted. the good news is that i think it's not as bad as it seems. > the actual breaking change occurs in 3.7.0 and not 3.5.4. In 3.5.4 the user > will just get a deprecation warning if they use that feature and normal > usage should remain unchanged. We probably needed a JIRA for 3.5.4 change > and one for 3.7.0 change, but they were squished into one so it's > confusing. My opinion would be to not block release over that. If we were > really bugged by it we could just manually edit the 3.5.4 Upgrade Docs to > remove (or replace) the JIRA reference. Not sure it's necessary though > unless someone feels really strongly about it. > > As an aside, Divij, I know you'd wanted to look in on the release process > while it was happening. Dave was interested too, but Kelvin and I had a > hard time connecting to get these releases out and scheduling was such that > we ended up working on it little 20 to 45 minute increments whenever we > could each find some ad-hoc moments to meet and they were usually deep in > our afternoons (my evenings) which wouldn't have fit your time zone well. > If you choose to pick up the release manager hat next time around, I'd be > happy to schedule in your timezone so you can see how it works. > > Well, I hope I covered everything. Thanks for all your diligence on this > release review! > > > On Sat, Jul 23, 2022 at 6:22 AM Divij Vaidya <[email protected]> > wrote: > > > 5. I found a broken link in the upgrade documentation. At > > https://tinkerpop.apache.org/docs/3.5.4/upgrade/#_gremlin_go, when we > > click on the "here" hyperlink on the line "For full documentation on the > > available API to give Gremlin Go a try, click here > > < > https://pkg.go.dev/github.com/apache/tinkerpop/gremlin-go/[email protected]/driver > >." > > it takes us to a page which says "Oops! We couldn't find “ > > github.com/apache/tinkerpop/gremlin-go/v3/[email protected]”. > > > > 6. https://issues.apache.org/jira/browse/TINKERPOP-2708 (added to 3.5.4 > > changelog > > < > https://tinkerpop.apache.org/docs/3.5.4/upgrade/#_deprecated_connectonstartup_option_in_gremlin_javascript > >) > > is a breaking change for users of gremlin-javascript. Are we sure we want > > to introduce a breaking change in a patch version release 3.5.4? > > > > Divij Vaidya > > > > > > > > On Sat, Jul 23, 2022 at 12:11 PM Divij Vaidya <[email protected]> > > wrote: > > > >> Fixing a typo -> "I am completely *not* sure about this but perhaps..." > >> > >> -- > >> Divij Vaidya > >> > >> > >> > >> On Sat, Jul 23, 2022 at 12:04 PM Divij Vaidya <[email protected]> > >> wrote: > >> > >>> Hey Kelvin > >>> > >>> Thank you for picking up the responsibility for the release process. I > >>> have a couple of questions before I can vote to go ahead with the > release. > >>> > >>> 1. I was looking at the commits going in the release and found that we > >>> are missing mention of certain changes in the changelog such as > >>> > https://github.com/apache/tinkerpop/commit/e92d53fa0767fafa4e74f12ca84542d77d7d2976 > , > >>> > >>> > https://github.com/apache/tinkerpop/commit/81f884e2782939ddaf338ec87b38ad67690bc0a8 > >>> and > >>> > https://github.com/apache/tinkerpop/commit/ae720befe507cd3385d32e7bd91229bd51758ea8 > . > >>> Please correct me if I am wrong but I would assume that all relevant > >>> changes (even if they are part of RC version of go client) should be > added > >>> to the changelog? If you agree, I can do an exhaustive run though the > >>> commits on Monday and fix the change log. > >>> > >>> 2. I performed some sanity checks by downloading the binary and > >>> connecting the server via the console. I observed some warnings while > >>> starting the console but I think those are not release blocking. > >>> > >>> dev-dsk-diviv-1a-190badd5 % ./bin/gremlin.sh > >>> WARNING: An illegal reflective access operation has occurred > >>> WARNING: Illegal reflective access by > >>> org.codehaus.groovy.reflection.CachedClass > >>> > (file:/local/home/diviv/apache-tinkerpop-gremlin-console-3.5.4/lib/groovy-2.5.14-indy.jar) > >>> to method java.lang.Object.finalize() > >>> WARNING: Please consider reporting this to the maintainers of > >>> org.codehaus.groovy.reflection.CachedClass > >>> WARNING: Use --illegal-access=warn to enable warnings of further > illegal > >>> reflective access operations > >>> WARNING: All illegal access operations will be denied in a future > release > >>> > >>> 3. Since Kelvin, you are performing the release and signing it, would > we > >>> require you to add your public keys to > >>> https://dist.apache.org/repos/dist/dev/tinkerpop/KEYS? I am completely > >>> sure about this but perhaps @Stephen Mallette <[email protected]> > might > >>> be able to answer this one. > >>> > >>> dev-dsk-diviv-1a-190badd5 % gpg --verify > >>> apache-tinkerpop-gremlin-console-3.5.4-bin.zip.asc > >>> apache-tinkerpop-gremlin-console-3.5.4-bin.zip > >>> gpg: Signature made Tue 19 Jul 2022 09:27:18 PM UTC using RSA key ID > >>> 01B1989A > >>> gpg: Good signature from "Stephen Mallette <[email protected]>" > >>> gpg: WARNING: This key is not certified with a trusted signature! > >>> gpg: There is no indication that the signature belongs to the > >>> owner. > >>> Primary key fingerprint: 8D8C 72F9 4E0D E6A6 7E1B 87A7 6F38 BF38 01B1 > >>> 989A > >>> > >>> 4. I ran the tests for the 3.5.4 branch and ensured that all tests > >>> passed. I did not verify that the number of tests running for 3.5.4 >= > >>> number of tests running for 3.5.3. > >>> > >>> -- > >>> Divij Vaidya > >>> > >>> > >>> > >>> On Fri, Jul 22, 2022 at 11:52 PM Florian Hockmann < > >>> [email protected]> wrote: > >>> > >>>> I checked the links and everything looks good. Thanks for taking care > >>>> of the releases. > >>>> > >>>> VOTE +1 > >>>> > >>>> ________________________________ > >>>> Von: Kelvin Lawrence <[email protected]> > >>>> Gesendet: Mittwoch, 20. Juli 2022 23:05 > >>>> An: [email protected] > >>>> Betreff: Subject: [VOTE] TinkerPop 3.5.4 Release > >>>> > >>>> Hello, > >>>> > >>>> We are happy to announce that TinkerPop 3.5.4 is ready for release. > >>>> > >>>> The release artifacts can be found at this location: > >>>> https://dist.apache.org/repos/dist/dev/tinkerpop/3.5.4/ > >>>> > >>>> The source distribution is provided by: > >>>> apache-tinkerpop-3.5.4-src.zip > >>>> > >>>> Two binary distributions are provided for user convenience: > >>>> apache-tinkerpop-gremlin-console-3.5.4-bin.zip > >>>> apache-tinkerpop-gremlin-server-3.5.4-bin.zip > >>>> > >>>> The GPG key used to sign the release artifacts is available at: > >>>> https://dist.apache.org/repos/dist/dev/tinkerpop/KEYS > >>>> > >>>> The online docs can be found here: > >>>> https://tinkerpop.apache.org/docs/3.5.4/ (user docs) > >>>> https://tinkerpop.apache.org/docs/3.5.4/upgrade/ (upgrade > >>>> docs) > >>>> https://tinkerpop.apache.org/javadocs/3.5.4/core/ (core > >>>> javadoc) > >>>> https://tinkerpop.apache.org/javadocs/3.5.4/full/ (full > >>>> javadoc) > >>>> https://tinkerpop.apache.org/dotnetdocs/3.5.4/ (.NET API > docs) > >>>> https://tinkerpop.apache.org/jsdocs/3.5.4/ (Javascript API > >>>> docs) > >>>> > >>>> The Git tag can be found here: > >>>> https://github.com/apache/tinkerpop/tree/3.5.4 > >>>> > >>>> The release notes are available here: > >>>> > >>>> https://github.com/apache/tinkerpop/blob/3.5.4/CHANGELOG.asciidoc > >>>> > >>>> The [VOTE] will be open for the next 72 hours --- closing Saturday > >>>> (July > >>>> 23rd 2022) at 21:00 GMT (16:00 US CDT) > >>>> > >>>> My vote is +1. > >>>> > >>>> Thank you very much, > >>>> Kelvin Lawrence > >>>> > >>> > -- Divij Vaidya
