On May 2, 2011, at 2:21 PM, Doug Cutting wrote:
On 05/02/2011 02:05 PM, Arun C Murthy wrote:
As I noted before you were the first one to propose this release off
Yahoo security patch-set in April, 2010:
http://s.apache.org/5Gv
What has changed since? Clearly, the same situation exists today.
I have absolutely no objection in principle to an Apache 0.20 release
including security. I object to the fact that this patchset started
from an arbitrary point and unilaterally applied a large set of
patches
that are not well correlated with Jira, trunk or other 0.20 branches.
Completely untrue.
This patchset started from 0.20.1 has is complete superset of 0.20.1.
We will work towards ensuring it is a complete superset of the last
stable release: 0.20.2.
Also, please note that of the ~450 commits in the branch, only 30 odd
jiras are yet to be committed to trunk:
http://s.apache.org/7Pe. So it's incorrect to state 'lack of
community
involvement'.
This should be easily discoverable from Jira: issues should use the
"fix-for" field to indicate which branches they've been merged to.
This
standard practice has not been observed for over 400 patches
included in
this release candidate.
This seems like parliamentary stalling procedures... sure they don't
have 'fix-for' fields but they've been verified to be true from
external committers:
http://s.apache.org/yX
Are you simply asking for someone to go through the 450 odd jiras and
set 'fix-for' fields?
Assuming the technical inconsistencies are sorted out, are you
willing
to withdraw you objection?
These are not just technical concerns. How I vote on any future
release
candidate will in part depend on how the community is involved in its
production.
I understand they aren't technical concerns.
I asked if you were willing to withdraw your objection if the
technical concerns are satisfied. I think you answered my question -
you will not withdraw your objection even if it's a technical issue.
thanks,
Arun
