Re: [VOTE] Release Apache Milagro (incubating) Crypto Libraries v1.0.0

[Brian Spector]

Hi, even though my vote is non-binding, as a member of the PPMC I vote:

[ ] +1 approve

Please support our effort to get this release out.

Thanks
Brian

On 21/08/2019, 16:10, "John McCane-Whitney"  wrote:

Hi,

This is a call to vote to release the Apache Milagro (incubating) Crypto 
Libraries v1.0.0.

The Apache Milagro (incubating) community has voted to approve this release 
with 5 x +1 votes.  The vote thread can be found here:


https://lists.apache.org/thread.html/7d788b5f3b293bb5545612d9f8af59a005f6407d57d826a1d2a2a563@%3Cdev.milagro.apache.org%3E

(Note that my original [VOTE] email doesn't render for some reason, but its 
contents can be seen further down in the thread)

And a summary of the result:


https://lists.apache.org/thread.html/6b320894a91d5ac298f71b1fab168127de6e75ba4763ab0b1b896a0f@%3Cdev.milagro.apache.org%3E

This release includes both C and JavaScript libraries tagged as v1.0.0 in 
the following repositories:

Crypto C Library:
https://github.com/apache/incubator-milagro-crypto-c/tags

milagro-crypto-c is a modern cryptographic C library that focuses on 
Elliptic Curve Cryptography but has support for legacy systems that require 
RSA. There is support for three different security levels; 128, 192 and 256 
bit. It has been written only in C and has no external dependencies other than 
an entropy source. Measures have been taken in the code base to prevent side 
channel attacks.  Pairing based cryptography (PBC) is a maturing field that has 
recently gained widespread acceptance. The library supports schemes that make 
use of PBC such as BLS for short signatures and MPIN for multi-factor 
authentication (MFA).

Crypto JavaScript Library:
https://github.com/apache/incubator-milagro-crypto-js/tags

milagro-crypto-js is the JavaScript equivalent of milagro-crypto-c. It has 
all the same functionality, API and even the intermediate calculated values in 
the functions are the same. This library allows you to run MFA using MPIN in 
the browser which, to the best of our knowledge, is the only such 
implementation of MFA in this context.

Both libraries have been under active development for many years and the 
APIs haven't changed in several months. There are extensive tests using third 
party test vectors and the tooling required to deploy this software into a 
modern software project. We believe that the code base has reached the point 
that we can perform general availability (GA) releases.

The compressed archives from these release along with a SHA512 checksum, 
PGP signature and PGP key file are being staged here:

https://dist.apache.org/repos/dist/dev/incubator/milagro

Specifically, for the C library:

Source code archive: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz
SHA512 checksum: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz.sha512
PGP Signature: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz.asc
Keys: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/team.keys

And for the JavaScript library:

Source code archive: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz
SHA512 checksum: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz.sha512
PGP Signature: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz.asc
Keys: 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/team.keys

Please note that the project's website (https://milagro.apache.org) has 
been updated to include the standard Apache incubator disclaimer and 
documentation for the above two libraries.  Please note that download links for 
the above two release have not been included, but will be as soon as the 
release's approval has been completed and the archives are available for public 
download.

We now kindly request that the Incubator PMC members review and vote on 
this incubator release as follows:

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove with the reason

Checklist for reference:

[ ] Download links are valid
[ ] Checksums and PGP signatures are valid
[ ] DISCLAIMER, LICENCE & NOTICE files are included
[ ] Source code archives have correct names matching 

Re: [MENTORS] Mentor guidance document

[Justin Mclean]

Hi,

> Sorry for my top post, but I have some observations about your “guide”.
> (1) It is more a mentoring FAQ than a guide.

Yep agree, and happy to change the name. I was hoping in time it could be 
fleshed out with more general guidance, but that’s probably a long way off.

> (2) You are listing symptoms / policy violations.

What I’m trying to do is to map why we do things in a certain way back to ASF 
values. I think part of the bigger issue here is that it hard to map abstract 
values to concrete actions in a given situation if you don’t have a lot of 
experience. This applies to committers, PPMC members and mentors. 
Meta-cognition is generally the term used, being able to take previous learned 
knowledge and apply it in new contexts.

For people who know the values well it’s becomes unconscious knowledge and that 
make it a) hard to pass on and b) they may be a little confused why it’s not 
obvious to everyone. Experts often make poor teachers because of this.

In general for any given knowledge/skills area a lot of people are shallow 
learners, they learn what they need, just before they need it, and don’t really 
want or need to go too deep. This is a common attribute of adult learners. 
(There are of course exceptions.) Things (which research has show) that can be 
done to best improve that include having the material in multiple formats, 
regular feedback and staggered repetition. You’ll note that the Incubator does 
provide an environment for that to happen and we generally do 2 of those 3 
things well, that not to say improvements can’t be made. I also suggest you 
have a look at Sharan's thesis for some other insights, the incubator actually 
does a far better job than some people may think.

> (3) It would be better to discuss what community problem is causing the 
> particular issue instead of putting the blame on poor mentoring.

I not so sure this is an universal issue with a single cause, the majority of 
podlings have no or few issues and progress well, a few don’t and there’s 
different factors involved in each case. One factor is certainly how far their 
development process is away from the ASF norm. Another may be company or 
cultural values shared by a majority of people on the project. However I do 
think that mentor education is one part of the solution.

> I’m overstating a little but I think this FAQ should tie back to solution 
> using the Apache Way of Governance.
> 
> (A) Consensus Decision Making on a public dev@/general@ Mailing List.
> (B) Community Growth is Recognizing all people providing value to the project 
> as being committed to the project. Trust these people.
> (C) Release Open Source Software following Apache Release and Distribution 
> Policies.
> (D) Brand compliance.

Well those are all well known and easy to follow… yet we have podlings that 
don’t follow these. Perhaps part of that is see above comment regards expert 
knowledge. :-)

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Release Apache Milagro (incubating) Crypto Libraries v1.0.0

[Furkan KAMACI]

Hi,

+1 from me.

I checked:

- Incubating in name
- LICENSE is fine
- NOTICE is fine
- DISCLAIMER exists
- No unexpected binary files
- Code compiles and tests successfully run for both ones

One comment: DISCLAIMER files should be tidied up to be more readable at
next release i.e.:
https://github.com/apache/incubator-druid/blob/master/DISCLAIMER

Kind Regards,
Furkan KAMACI

On Thu, Aug 22, 2019 at 10:26 AM Brian Spector  wrote:

> Hi, even though my vote is non-binding, as a member of the PPMC I vote:
>
> [ ] +1 approve
>
> Please support our effort to get this release out.
>
> Thanks
> Brian
>
> On 21/08/2019, 16:10, "John McCane-Whitney"  wrote:
>
> Hi,
>
> This is a call to vote to release the Apache Milagro (incubating)
> Crypto Libraries v1.0.0.
>
> The Apache Milagro (incubating) community has voted to approve this
> release with 5 x +1 votes.  The vote thread can be found here:
>
>
> https://lists.apache.org/thread.html/7d788b5f3b293bb5545612d9f8af59a005f6407d57d826a1d2a2a563@%3Cdev.milagro.apache.org%3E
>
> (Note that my original [VOTE] email doesn't render for some reason,
> but its contents can be seen further down in the thread)
>
> And a summary of the result:
>
>
> https://lists.apache.org/thread.html/6b320894a91d5ac298f71b1fab168127de6e75ba4763ab0b1b896a0f@%3Cdev.milagro.apache.org%3E
>
> This release includes both C and JavaScript libraries tagged as v1.0.0
> in the following repositories:
>
> Crypto C Library:
> https://github.com/apache/incubator-milagro-crypto-c/tags
>
> milagro-crypto-c is a modern cryptographic C library that focuses on
> Elliptic Curve Cryptography but has support for legacy systems that require
> RSA. There is support for three different security levels; 128, 192 and 256
> bit. It has been written only in C and has no external dependencies other
> than an entropy source. Measures have been taken in the code base to
> prevent side channel attacks.  Pairing based cryptography (PBC) is a
> maturing field that has recently gained widespread acceptance. The library
> supports schemes that make use of PBC such as BLS for short signatures and
> MPIN for multi-factor authentication (MFA).
>
> Crypto JavaScript Library:
> https://github.com/apache/incubator-milagro-crypto-js/tags
>
> milagro-crypto-js is the JavaScript equivalent of milagro-crypto-c. It
> has all the same functionality, API and even the intermediate calculated
> values in the functions are the same. This library allows you to run MFA
> using MPIN in the browser which, to the best of our knowledge, is the only
> such implementation of MFA in this context.
>
> Both libraries have been under active development for many years and
> the APIs haven't changed in several months. There are extensive tests using
> third party test vectors and the tooling required to deploy this software
> into a modern software project. We believe that the code base has reached
> the point that we can perform general availability (GA) releases.
>
> The compressed archives from these release along with a SHA512
> checksum, PGP signature and PGP key file are being staged here:
>
> https://dist.apache.org/repos/dist/dev/incubator/milagro
>
> Specifically, for the C library:
>
> Source code archive:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz
> SHA512 checksum:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz.sha512
> PGP Signature:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz.asc
> Keys:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/team.keys
>
> And for the JavaScript library:
>
> Source code archive:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz
> SHA512 checksum:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz.sha512
> PGP Signature:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz.asc
> Keys:
> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/team.keys
>
> Please note that the project's website (https://milagro.apache.org)
> has been updated to include the standard Apache incubator disclaimer and
> documentation for the above two libraries.  Please note that download links
> for the above two release have not been included, but will be as soon as
> the release's approval has been completed and the 

Re: [VOTE] Release Apache Superset (incubating) 0.34.0 [RC1]

[Craig Russell]

Hi Justin,

> On Aug 21, 2019, at 10:42 PM, Justin Mclean  wrote:
> 
> Hi,
> 
...
>> Oh, mentors, quick question about the [RESULT] post, do I account for both
>> threads (dev@+general@) in it, or just the general@ one?
> 
> Just the IPMC votes.

My understanding of best practice is to combine votes from the two lists. I 
assume that we are voting on the same artifacts on the two lists. And that a 
mentor does not need to vote on both lists.

Let's say you get two +1 mentor votes on dev@ and one additional +1 IPMC member 
vote on general@.

The vote passes but if you only record the general@ vote, it looks like the 
vote failed with only one vote.

Or did you mean something else?

Craig
> 
> Thanks,
> Justin
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
> 

Craig L Russell
c...@apache.org


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Release Apache Milagro (incubating) Crypto Libraries v1.0.0

[Brian Spector]

Thanks, Furkan! We'll get on the disclaimer clean-up asap.

On 22/08/2019, 10:47, "Furkan KAMACI"  wrote:

Hi,

+1 from me.

I checked:

- Incubating in name
- LICENSE is fine
- NOTICE is fine
- DISCLAIMER exists
- No unexpected binary files
- Code compiles and tests successfully run for both ones

One comment: DISCLAIMER files should be tidied up to be more readable at
next release i.e.:
https://github.com/apache/incubator-druid/blob/master/DISCLAIMER

Kind Regards,
Furkan KAMACI

On Thu, Aug 22, 2019 at 10:26 AM Brian Spector  wrote:

> Hi, even though my vote is non-binding, as a member of the PPMC I vote:
>
> [ ] +1 approve
>
> Please support our effort to get this release out.
>
> Thanks
> Brian
>
> On 21/08/2019, 16:10, "John McCane-Whitney"  wrote:
>
> Hi,
>
> This is a call to vote to release the Apache Milagro (incubating)
> Crypto Libraries v1.0.0.
>
> The Apache Milagro (incubating) community has voted to approve this
> release with 5 x +1 votes.  The vote thread can be found here:
>
>
> 
https://lists.apache.org/thread.html/7d788b5f3b293bb5545612d9f8af59a005f6407d57d826a1d2a2a563@%3Cdev.milagro.apache.org%3E
>
> (Note that my original [VOTE] email doesn't render for some reason,
> but its contents can be seen further down in the thread)
>
> And a summary of the result:
>
>
> 
https://lists.apache.org/thread.html/6b320894a91d5ac298f71b1fab168127de6e75ba4763ab0b1b896a0f@%3Cdev.milagro.apache.org%3E
>
> This release includes both C and JavaScript libraries tagged as v1.0.0
> in the following repositories:
>
> Crypto C Library:
> https://github.com/apache/incubator-milagro-crypto-c/tags
>
> milagro-crypto-c is a modern cryptographic C library that focuses on
> Elliptic Curve Cryptography but has support for legacy systems that 
require
> RSA. There is support for three different security levels; 128, 192 and 
256
> bit. It has been written only in C and has no external dependencies other
> than an entropy source. Measures have been taken in the code base to
> prevent side channel attacks.  Pairing based cryptography (PBC) is a
> maturing field that has recently gained widespread acceptance. The library
> supports schemes that make use of PBC such as BLS for short signatures and
> MPIN for multi-factor authentication (MFA).
>
> Crypto JavaScript Library:
> https://github.com/apache/incubator-milagro-crypto-js/tags
>
> milagro-crypto-js is the JavaScript equivalent of milagro-crypto-c. It
> has all the same functionality, API and even the intermediate calculated
> values in the functions are the same. This library allows you to run MFA
> using MPIN in the browser which, to the best of our knowledge, is the only
> such implementation of MFA in this context.
>
> Both libraries have been under active development for many years and
> the APIs haven't changed in several months. There are extensive tests 
using
> third party test vectors and the tooling required to deploy this software
> into a modern software project. We believe that the code base has reached
> the point that we can perform general availability (GA) releases.
>
> The compressed archives from these release along with a SHA512
> checksum, PGP signature and PGP key file are being staged here:
>
> https://dist.apache.org/repos/dist/dev/incubator/milagro
>
> Specifically, for the C library:
>
> Source code archive:
> 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz
> SHA512 checksum:
> 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz.sha512
> PGP Signature:
> 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/apache-milagro-crypto-c-1.0.0-incubating-src.tar.gz.asc
> Keys:
> 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-c-1.0.0-incubating/team.keys
>
> And for the JavaScript library:
>
> Source code archive:
> 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz
> SHA512 checksum:
> 
https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-crypto-js-1.0.0-incubating/apache-milagro-crypto-js-1.0.0-incubating-src.tar.gz.sha512
> PGP Signature:
> 

Re: [VOTE] Release Apache Superset (incubating) 0.34.0 [RC1]

[Alan Gates]

I would call a revote over that, it's not like you're changing anything of
import.  I'd just regen the package with the change, create the new hash,
and let everyone know.  I don't see any reason to drag back through the
voting process on two lists over this.

Alan.

On Wed, Aug 21, 2019 at 10:43 PM Justin Mclean 
wrote:

> Hi,
>
> > Oh here's something. Somewhere inside the source release I have a version
> > string that says "0.34.0rc1" and that now I'm realizing should really say
> > "0.34.0" as it becomes an official release. Now changing that string will
> > make for a different SHA.
>
> That's a bit awkward. It would be best to call a vote again if it needs to
> be changed, given the changes shod be minor it shod be easy to review.
>
> Other IPMC members might have another view. Anyone?
>
> Thanks,
> Justin
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
>
>

[MENTORS] New DISCLAIMER-WIP approved by board

[Justin Mclean]

Hi,

At the recent board meeting, the board has informally approved the use of the 
DISCLAIMER-WIP.

If you use the DISCLAIMER-WIP disclaimer [1] you can make an ASF release that 
doesn't need to follow ASF release policy. You will need to list the reason why 
in this disclaimer. By the time you graduate, you are expected to follow all 
ASF policies.

Note that the release must be legal and follow the licensing conditions of any 
bundled 3rd party software. That means if you accidentally put a binary in the 
release and don't include the relevant licenses, the release is probably going 
to get a -1 vote.

For a full list of what you need to follow to make releases this way, see [2].

If it's your first release and you included 3rd party code, I would strongly 
recommend you use this new disclaimer.

If you use the old DISCLAIMER, then the release needs to follow ASF release 
policy.

Thanks,
Justin

1. http://incubator.apache.org/policy/incubation.html#disclaimers
2. https://issues.apache.org/jira/browse/LEGAL-469
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

[MENTORS] September reporting timeline

[Justin Mclean]

Hi,

The september report [1] timeline is:

Wed September 05Podling reports due by end of day
Sun September 09Shepherd reviews due by end of day
Sun September 09Summary due by end of day
Tue September 11Mentor signoff due by end of day
Wed September 12Report submitted to Board
Wed September 19Board meeting

I note that ApacheCon is on 9-12 September during which time a lot of people 
(including myself) normally involved in creating and signing off reports may be 
very busy so I suggest you try and get the reports in earlier than usual.

Mentors please remind your podlings to work on their reports, preferable in the 
open, a week or so before the deadline.

One of the boards comments on last month report was that a few report were on 
the minimal side and more detail is needed. Mentors can you please help out 
with this. I think we may need to start rejecting reports like this and asking 
the podling to report again next month.

Podlings we're expecting to report this month:
Amaterasu*
BRPC
Crail
Daffodil
Dlab
Druid
Hivemall
Iceberg
IoTdb
Marvin-ai
Myriad
Nemo
Omid
Ponymail
Samoa
SDAP*
Shardingsphere
Singa
Spot
Superset
Tamaya*
Taverna
Tephra
Toree*
Warble

* Podlings that failed to report last month

Thanks,
Justin

1. https://cwiki.apache.org/confluence/display/INCUBATOR/September2019


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

[VOTE] Apache Ratis incubating Release 0.4.0 rc3

[Mukul Kumar Singh]

Hi IPMC,

The Apache Ratis community has voted and approved the proposal to
release Apache Ratis incubating Release 0.4.0 rc3.  We now kindly
request the Incubator PMC members to review and vote on this
source-only incubator release.

Apache Ratis is an open source Java implementation for RAFT consensus
protocol. RAFT is being used successfully as an alternative to Paxos
to implement a consistently replicated log. RAFT is proven to be safe
and is designed to be simpler to understand.

[VOTE] Thread:
https://lists.apache.org/thread.html/ebbecb707e8dbd55aa5c4dfedfec5a5305fda07f6b3cd9e12406acfe@%3Cdev.ratis.apache.org%3E
  


[RESULT][VOTE] Thread:
https://lists.apache.org/thread.html/36857285e8029fe730c3ad0fc86be1d606b1f0b042744944c698bc1d@%3Cdev.ratis.apache.org%3E
  


The git tag to be voted upon:
https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=tag;h=refs/tags/0.4.0-rc3  


The git commit hash:
https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=commit;h=f401c7a3d21ba2ce6fc735891ae9e22ea5628c8d

The source and binary tarballs can be found at:
http://people.apache.org/~msingh/0.4.0-rc3/  


The fingerprint of key to sign release artifacts:
45B0 13F6 29C6 89CC 6EE3 77B0 8D43 C3D9 A8F1 02BD

Release artifacts are signed with one of the keys available at:
https://dist.apache.org/repos/dist/dev/incubator/ratis/KEYS   


This vote will remain open for at least 72 hours.
Please vote on releasing this RC.  Thank you in advance.

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)

Starting with my +1(non-binding).

Regards,
Mukul Kumar Singh

Re: [VOTE] Release Apache Superset (incubating) 0.34.0 [RC1]

[Julian Feinauer]

Hi,

I agree with Alan that its really minor but as the signatures will change I 
would prefer another Vote to have this checked.
If you (as Justin suggests) state your changes clearly in the thread I think 
everybody will easily carry over the vote from the previous thread so its just 
about waiting 72hrs but ensure that everything is alright.

Julian

Am 22.08.19, 19:21 schrieb "Alan Gates" :

I would call a revote over that, it's not like you're changing anything of
import.  I'd just regen the package with the change, create the new hash,
and let everyone know.  I don't see any reason to drag back through the
voting process on two lists over this.

Alan.

On Wed, Aug 21, 2019 at 10:43 PM Justin Mclean 
wrote:

> Hi,
>
> > Oh here's something. Somewhere inside the source release I have a 
version
> > string that says "0.34.0rc1" and that now I'm realizing should really 
say
> > "0.34.0" as it becomes an official release. Now changing that string 
will
> > make for a different SHA.
>
> That's a bit awkward. It would be best to call a vote again if it needs to
> be changed, given the changes shod be minor it shod be easy to review.
>
> Other IPMC members might have another view. Anyone?
>
> Thanks,
> Justin
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
>
>

Re: [VOTE] Apache Ratis incubating Release 0.4.0 rc3

[Arpit Agarwal]

Transferring my vote from the dev@ratis vote thread.

+1 (binding)

- Verified checksums and signatures.
- Verified release source matches git release tag.
- Built from source
- Ran unit tests which passed
- Ran file store example

Regards,
Arpit


> On Aug 22, 2019, at 11:41 AM, Mukul Kumar Singh  
> wrote:
> 
> Hi IPMC,
> 
> The Apache Ratis community has voted and approved the proposal to
> release Apache Ratis incubating Release 0.4.0 rc3.  We now kindly
> request the Incubator PMC members to review and vote on this
> source-only incubator release.
> 
> Apache Ratis is an open source Java implementation for RAFT consensus
> protocol. RAFT is being used successfully as an alternative to Paxos
> to implement a consistently replicated log. RAFT is proven to be safe
> and is designed to be simpler to understand.
> 
> [VOTE] Thread:
> https://lists.apache.org/thread.html/ebbecb707e8dbd55aa5c4dfedfec5a5305fda07f6b3cd9e12406acfe@%3Cdev.ratis.apache.org%3E
>   
> 
> 
> [RESULT][VOTE] Thread:
> https://lists.apache.org/thread.html/36857285e8029fe730c3ad0fc86be1d606b1f0b042744944c698bc1d@%3Cdev.ratis.apache.org%3E
>   
> 
> 
> The git tag to be voted upon:
> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=tag;h=refs/tags/0.4.0-rc3
>   
> The git commit hash:
> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=commit;h=f401c7a3d21ba2ce6fc735891ae9e22ea5628c8d
> 
> The source and binary tarballs can be found at:
> http://people.apache.org/~msingh/0.4.0-rc3/  
> The fingerprint of key to sign release artifacts:
> 45B0 13F6 29C6 89CC 6EE3 77B0 8D43 C3D9 A8F1 02BD
> 
> Release artifacts are signed with one of the keys available at:
> https://dist.apache.org/repos/dist/dev/incubator/ratis/KEYS   
> This vote will remain open for at least 72 hours.
> Please vote on releasing this RC.  Thank you in advance.
> 
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
> 
> Starting with my +1(non-binding).
> 
> Regards,
> Mukul Kumar Singh
> 

Re: [VOTE] Apache Ratis incubating Release 0.4.0 rc3

[Arpit Agarwal]

+Mukul

> On Aug 22, 2019, at 11:52 AM, Arpit Agarwal  wrote:
> 
> Transferring my vote from the dev@ratis vote thread.
> 
> +1 (binding)
> 
> - Verified checksums and signatures.
> - Verified release source matches git release tag.
> - Built from source
> - Ran unit tests which passed
> - Ran file store example
> 
> Regards,
> Arpit
> 
> 
>> On Aug 22, 2019, at 11:41 AM, Mukul Kumar Singh > > wrote:
>> 
>> Hi IPMC,
>> 
>> The Apache Ratis community has voted and approved the proposal to
>> release Apache Ratis incubating Release 0.4.0 rc3.  We now kindly
>> request the Incubator PMC members to review and vote on this
>> source-only incubator release.
>> 
>> Apache Ratis is an open source Java implementation for RAFT consensus
>> protocol. RAFT is being used successfully as an alternative to Paxos
>> to implement a consistently replicated log. RAFT is proven to be safe
>> and is designed to be simpler to understand.
>> 
>> [VOTE] Thread:
>> https://lists.apache.org/thread.html/ebbecb707e8dbd55aa5c4dfedfec5a5305fda07f6b3cd9e12406acfe@%3Cdev.ratis.apache.org%3E
>>  
>> 
>>   
>> >  
>> >
>> 
>> [RESULT][VOTE] Thread:
>> https://lists.apache.org/thread.html/36857285e8029fe730c3ad0fc86be1d606b1f0b042744944c698bc1d@%3Cdev.ratis.apache.org%3E
>>  
>> 
>>   
>> >  
>> >
>> 
>> The git tag to be voted upon:
>> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=tag;h=refs/tags/0.4.0-rc3
>>  
>> 
>>   
>> The git commit hash:
>> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=commit;h=f401c7a3d21ba2ce6fc735891ae9e22ea5628c8d
>>  
>> 
>> 
>> The source and binary tarballs can be found at:
>> http://people.apache.org/~msingh/0.4.0-rc3/  
>> The fingerprint of key to sign release artifacts:
>> 45B0 13F6 29C6 89CC 6EE3 77B0 8D43 C3D9 A8F1 02BD
>> 
>> Release artifacts are signed with one of the keys available at:
>> https://dist.apache.org/repos/dist/dev/incubator/ratis/KEYS   
>> This vote will remain open for at least 72 hours.
>> Please vote on releasing this RC.  Thank you in advance.
>> 
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>> 
>> Starting with my +1(non-binding).
>> 
>> Regards,
>> Mukul Kumar Singh
>> 
> 

Re: [VOTE] Release Apache Myriad 0.4.0 (incubating) [rc1]

[Julian Feinauer]

Hi,

+1 (binding)

I checked:
- incubating in name
- signatures and hashes match
- checked DISCLAIMER, LICENSE and NOTICE
- No unexpected binary
- Can compile from source on macOS Mojave

Julian

Am 21.08.19, 05:15 schrieb "Justin Mclean" :

Hi,

+1 (binding)

I checked:
- incubating in name
- signatures and hashes fine
- DISCLAIMER exists
- LICENSE and NOTICE fine (but see below)
- All source files have ASF header
- No unexpected binary files
- Can compile from source

I think you may have the wrong license in LICENSE for bootstrap as the css 
file [1] refers to the Apache licensed version copyright twitter not the MIT 
licensed version?

Thanks,
Justin

1.  ./myriad-scheduler/src/main/resources/webapp/css/bootstrap-myriad.css


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Apache Ratis incubating Release 0.4.0 rc3

[Justin Mclean]

Hi,

-1 (binding) as the release is not in the correct place [1] and NOTICE is not 
correct. [2][3]

I checked:
- incubating in name
- DISCLAIMER exists
- LICENSE is OK
- NOTICE need more work and incorrectly includes unnecessary copyright 
statements. 
- all have source files ASF headers
- no unexpected binary files
- can compile from source 

You may want to consider using the work in progress disclaimer. [4]

For the NOTICE and any ALv2 included code only needs to be listed if it has a 
NOTICE file (these don’t) [2], MIT should not be listed. [3]

Thanks,
Justin

1. https://incubator.apache.org/policy/incubation.html#releases
2. http://www.apache.org/dev/licensing-howto.html#alv2-dep
3. http://www.apache.org/dev/licensing-howto.html#mod-notice
4. https://incubator.apache.org/policy/incubation.html#disclaimers


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [MENTORS] New DISCLAIMER-WIP approved by board

[John D. Ament]

It's odd that this is addressed to mentors, rather than the podlings
themselves.  However, is the new disclaimer-wip meant to be shown within
the release or on the podlings website or both?

On Thu, Aug 22, 2019 at 9:05 PM Justin Mclean 
wrote:

> Hi,
>
> At the recent board meeting, the board has informally approved the use of
> the DISCLAIMER-WIP.
>
> If you use the DISCLAIMER-WIP disclaimer [1] you can make an ASF release
> that doesn't need to follow ASF release policy. You will need to list the
> reason why in this disclaimer. By the time you graduate, you are expected
> to follow all ASF policies.
>
> Note that the release must be legal and follow the licensing conditions of
> any bundled 3rd party software. That means if you accidentally put a binary
> in the release and don't include the relevant licenses, the release is
> probably going to get a -1 vote.
>
> For a full list of what you need to follow to make releases this way, see
> [2].
>
> If it's your first release and you included 3rd party code, I would
> strongly recommend you use this new disclaimer.
>
> If you use the old DISCLAIMER, then the release needs to follow ASF
> release policy.
>
> Thanks,
> Justin
>
> 1. http://incubator.apache.org/policy/incubation.html#disclaimers
> 2. https://issues.apache.org/jira/browse/LEGAL-469
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
>
>

Re: [MENTORS] September reporting timeline

[justin]

HI,

Oops I most of copied the wrong dates - here are the correct ones:

Wed September 04 -- Podling reports due by end of day
Sun September 08 -- Shepherd reviews due by end of day
Sun September 08 -- Summary due by end of day
Tue September 10 -- Mentor signoff due by end of day
Wed September 11 -- Report submitted to Board
Wed September 18 -- Board meeting

Thanks,
Justin


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [MENTORS] New DISCLAIMER-WIP approved by board

[Justin Mclean]

Hi,

> It's odd that this is addressed to mentors, rather than the podlings
> themselves.

I’m expecting that mentor will pass this information on to podlings that would 
need to use it.

>  However, is the new disclaimer-wip meant to be shown within
> the release or on the podlings website or both?

It’s intended for releases but I don’t see why it couldn’t be both.

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [MENTORS] New DISCLAIMER-WIP approved by board

[Justin Mclean]

Hi,

Does anyone think we should mail this out to all incubating PMC? (e.g private@ 
or dev@). I'm not really sure that I want to spam 50 odd projects like that, 
but it woful be useful in getting this knowledge out there.

Thanks,
Justin
-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Apache Ratis incubating Release 0.4.0 rc3

[Jitendra Pandey]

+1 (binding)

Validated signature for source tar.
Downloaded and built the source.
Ran filestore loadgen example successfully.

On Thu, Aug 22, 2019 at 11:53 AM Arpit Agarwal
 wrote:

> +Mukul
>
> > On Aug 22, 2019, at 11:52 AM, Arpit Agarwal 
> wrote:
> >
> > Transferring my vote from the dev@ratis vote thread.
> >
> > +1 (binding)
> >
> > - Verified checksums and signatures.
> > - Verified release source matches git release tag.
> > - Built from source
> > - Ran unit tests which passed
> > - Ran file store example
> >
> > Regards,
> > Arpit
> >
> >
> >> On Aug 22, 2019, at 11:41 AM, Mukul Kumar Singh <
> mksingh.apa...@gmail.com > wrote:
> >>
> >> Hi IPMC,
> >>
> >> The Apache Ratis community has voted and approved the proposal to
> >> release Apache Ratis incubating Release 0.4.0 rc3.  We now kindly
> >> request the Incubator PMC members to review and vote on this
> >> source-only incubator release.
> >>
> >> Apache Ratis is an open source Java implementation for RAFT consensus
> >> protocol. RAFT is being used successfully as an alternative to Paxos
> >> to implement a consistently replicated log. RAFT is proven to be safe
> >> and is designed to be simpler to understand.
> >>
> >> [VOTE] Thread:
> >>
> https://lists.apache.org/thread.html/ebbecb707e8dbd55aa5c4dfedfec5a5305fda07f6b3cd9e12406acfe@%3Cdev.ratis.apache.org%3E
> <
> https://lists.apache.org/thread.html/ebbecb707e8dbd55aa5c4dfedfec5a5305fda07f6b3cd9e12406acfe@%3Cdev.ratis.apache.org%3E>
> <
> http://mail-archives.apache.org/mod_mbox/ratis-dev/201904.mbox/%3ccanrsqg36zezm9rhefo24j16r4rxwun8hzfucf+ynb__5rah...@mail.gmail.com
> <
> http://mail-archives.apache.org/mod_mbox/ratis-dev/201904.mbox/%3ccanrsqg36zezm9rhefo24j16r4rxwun8hzfucf+ynb__5rah...@mail.gmail.com
> >>
> >>
> >> [RESULT][VOTE] Thread:
> >>
> https://lists.apache.org/thread.html/36857285e8029fe730c3ad0fc86be1d606b1f0b042744944c698bc1d@%3Cdev.ratis.apache.org%3E
> <
> https://lists.apache.org/thread.html/36857285e8029fe730c3ad0fc86be1d606b1f0b042744944c698bc1d@%3Cdev.ratis.apache.org%3E>
> <
> http://mail-archives.apache.org/mod_mbox/ratis-dev/201904.mbox/%3ccanrsqg0asgk5okt2dlkho5zyyjoxf9yrwuzbi9k3n6xxes0...@mail.gmail.com
> <
> http://mail-archives.apache.org/mod_mbox/ratis-dev/201904.mbox/%3ccanrsqg0asgk5okt2dlkho5zyyjoxf9yrwuzbi9k3n6xxes0...@mail.gmail.com
> >>
> >>
> >> The git tag to be voted upon:
> >>
> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=tag;h=refs/tags/0.4.0-rc3
> <
> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=tag;h=refs/tags/0.4.0-rc3>
>
> >> The git commit hash:
> >>
> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=commit;h=f401c7a3d21ba2ce6fc735891ae9e22ea5628c8d
> <
> https://gitbox.apache.org/repos/asf?p=incubator-ratis.git;a=commit;h=f401c7a3d21ba2ce6fc735891ae9e22ea5628c8d
> >
> >>
> >> The source and binary tarballs can be found at:
> >> http://people.apache.org/~msingh/0.4.0-rc3/
> >> The fingerprint of key to sign release artifacts:
> >> 45B0 13F6 29C6 89CC 6EE3 77B0 8D43 C3D9 A8F1 02BD
> >>
> >> Release artifacts are signed with one of the keys available at:
> >> https://dist.apache.org/repos/dist/dev/incubator/ratis/KEYS
> >> This vote will remain open for at least 72 hours.
> >> Please vote on releasing this RC.  Thank you in advance.
> >>
> >> [ ] +1 approve
> >> [ ] +0 no opinion
> >> [ ] -1 disapprove (and reason why)
> >>
> >> Starting with my +1(non-binding).
> >>
> >> Regards,
> >> Mukul Kumar Singh
> >>
> >
>
>

Re: [MENTORS] Mentor guidance document

[Justin Mclean]

Hi,

Just a note to say page has moved to:
https://cwiki.apache.org/confluence/display/INCUBATOR/Mentor+FAQ

Thanks,
Justin

-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [DISCUSS] EasyScheduler incubator proposal

[Sheng Wu]

Hi

I will start the proposal vote soon. Thank everyone's support.

Sheng Wu 吴晟

Apache SkyWalking, Apache ShardingSphere(Incubating), Zipkin
Twitter, wusheng1108


Sheng Wu  于2019年8月20日周二 上午9:56写道：

> Proposal name changed, new WIKI page link,
> https://cwiki.apache.org/confluence/display/INCUBATOR/DolphinSchedulerProposal
>
> Sheng Wu 吴晟
>
> Apache SkyWalking, Apache ShardingSphere(Incubating), Zipkin
> Twitter, wusheng1108
>
>
> Sheng Wu  于2019年8月19日周一 下午11:28写道：
>
>> Hi Justin and Incubator
>>
>> Regarding the project name potential conflict risk, the EasyScheduler
>> community decided to choose a new name.
>> Through a public community vote[1], they are going to use
>> `DolphinScheduler` as the new project name.
>>
>> Later, I will change the proposal and sync update w/ new link to here.
>>
>> Thank you.
>>
>>
>> [1]
>> https://github.com/analysys/EasyScheduler/issues/701#issuecomment-522626780
>>
>> Sheng Wu 吴晟
>>
>> Apache SkyWalking, Apache ShardingSphere(Incubating), Zipkin
>> Twitter, wusheng1108
>>
>>
>> Sheng Wu  于2019年8月18日周日 上午8:29写道：
>>
>>> Hi Justin
>>>
>>> Inline
>>>
>>> Justin Mclean  于2019年8月18日周日 上午7:25写道：
>>>
 Hi,

 Thanks for your proposal, it looks good.

 I have a couple of questions:
 - Re the name, other software exists with the same name e.g. [1] (and
 others) Has the project considered that it may not be able to keep this
 name and what it would do if this was the case?

>>>
>>> Oh, that is new, thanks for pointing that out in first place. From my
>>> perspective, it is better to rename now than later.
>>>
>>>
 - The NOTICE file refers to the The Analysys Foundation [2] what is the
 relation of this group to the project? Has the community agreed to want to
 move the project to the Apache Software Foundation? Is that documented
 anywhere?

>>>
>>> First, the Analysys is a company, not a Foundation.
>>> And Yes.
>>>
>>> In the proposal, we have this.
>>> > Source and Intellectual Property Submission Plan
>>> > As soon as EasyScheduler is approved to join Apache Incubator,
>>> Analysys will provide the Software Grant Agreement(SGA) and intial
>>> committers will submit ICLA(s). The code is already licensed under the
>>> Apache > Software License, version 2.0.
>>>
>>> We have got confirmation from them, SGA will be submitted by Analysys.
>>> This is not documented, but from I known, they will submit the SGA soon
>>> after this proposal accepted. I will make sure the SGA filed before the
>>> repositories transformation.
>>>
>>> At the same time, the community has approved the move too. Here is the
>>> discussion GitHub issue,
>>> https://github.com/analysys/EasyScheduler/issues/638
>>>
>>>
 - I notice the source files header already state “Licensed to the
 Apache Software Foundation”, I assume this is not actually the case. It
 looks to me that the headers may of been replaced, that may make IP
 provenance / clearance harder. A quick glance shows a number of 3rd party
 pieces of code that are likely to be in a releases, inckudeing this not
 listed in your dependancies. Is the project aware of this and what’s
 required here?

>>>
>>> I will check w/ them and get back later.
>>> For dependency list, they replace w/ a short version in the proposal,
>>> considering before the first incubator release, they plan to remove some
>>> dependency libs.
>>> Do we need the whole list? Including every dependency. We used to have
>>> that before.
>>>
>>>
 - It looks like the community mostly discusses things on instant
 messaging are they prepared to move the important bits of that conversation
 over to an ASF mailing list?

>>>
>>> Yes. I have told them this is required, and they will do that.
>>>
>>>

 Thanks,
 Justin

 1. http://easyscheduler.io
 2. https://www.analysys.cn
 -
 To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
 For additional commands, e-mail: general-h...@incubator.apache.org


>>>
>>> Sheng Wu 吴晟
>>>
>>> Apache SkyWalking, Apache ShardingSphere(Incubating), Zipkin
>>> Twitter, wusheng1108
>>>
>>

[VOTE] Accept DolphinScheduler(was EasyScheduler) into Apache Incubator

[Sheng Wu]

Hi all,

After the discussion of DolphinScheduler(was EasyScheduler) proposal
(discussion thread:
https://lists.apache.org/thread.html/d3ac53bddf91391e54f63d042a0b3d60f2aecfbb99780bcc00b4db6e@%3Cgeneral.incubator.apache.org%3E
),
I would like to call a VOTE to accept it into the Apache Incubator.

Please cast your vote:

  [ ] +1, bring DolphinScheduler into Incubator
  [ ] +0, I don't care either way
  [ ] -1, do not bring DolphinScheduler into Incubator, because...

The vote will open at least for 72 hours and only votes from the Incubator
PMC are binding.

==
Abstract

DolphinScheduler is a distributed ETL scheduling engine with powerful DAG
visualization interface. DolphinScheduler focuses on solving the problem of
'complex task dependencies & triggers' in data processing. Just like its
name, we dedicated to making the scheduling system out of the box.

*Current project name of DolphinScheduler is EasyScheduler, will change it
after it is accepted by Incubator.*
Proposal

DolphinScheduler provides many easy-to-use features to accelerate
the engineering efficiency on data ETL workflow job. We propose a new
concept of 'instance of process' and 'instance of task' to let developers
to tuning their jobs on the running state of workflow instead of changing
the task's template. Its main objectives are as follows:

   - Define the complex tasks' dependencies & triggers in a DAG graph by
   dragging and dropping.
   - Support cluster HA.
   - Support multi-tenant and parallel or serial backfilling data.
   - Support automatical failure job retry and recovery.
   - Support many data task types and process priority, task priority and
   relative task timeout alarm.

For now, DolphinScheduler has a fairly huge community in China. It is also
widely adopted by many companies and organizations
 as its ETL scheduling
tool.

We believe that bringing DolphinScheduler into ASF could advance
development of a much more stronger and more diverse open source community.

Analysys submits this proposal to donate DolphinScheduler's source codes
and all related documentations to Apache Software Foundation. The codes are
already under Apache License Version 2.0.

   - Code base: https://www.github.com/analysys/easyscheduler
   - English Documentations: https://analysys.github.io/easyscheduler_docs
   - Chinese Documentations:
   https://analysys.github.io/easyscheduler_docs_cn

Background

We want to find a data processing tool with the following features:

   - Easy to use，developers can build a ETL process with a very simple drag
   and drop operation. not only for ETL developers，people who can't write code
   also can use this tool for ETL operation such as system adminitrator.
   - Solving the problem of "complex task dependencies" , and it can
   monitor the ETL running status.
   - Support multi-tenant.
   - Support many task types: Shell, MR, Spark, SQL (mysql, postgresql,
   hive, sparksql), Python, Sub_Process, Procedure, etc.
   - Support HA and linear scalability.

For the above reasons, we realized that no existing product met our
requirements, so we decided to develop this tool ourselves. We designed
DolphinScheduler at the end of 2017. The first internal use version was
completed in May 2018. We then iterated several internal versions and the
system gradually became stabilized.

Then we open the source code of DolphinScheduler on March 2019. It soon
gained lot's of ETL developers interest and stars on github.
Rationale

Many organizations (>30) (refer to Who is using DolphinScheduler
 ) already benefit
from running DolphinScheduler to make data process pipelines more easier.
More than 100 feature ideas
 come from
DolphinScheduler community. Some 3rd-party projects also plan to integrate
with DolphinScheduler through task plugin, such as Scriptis
, waterdrop
. These will strengthen the
features of DolphinScheduler.
Current StatusMeritocracy

DolphinScheduler was incubated at Analysys in 2017 and open sourced on
GitHub in March 2019. Once open sourced, we have been quickly adopted by
multiple organizations，DolphinScheduler has contributors and users from
many companies; we have set up the Committer Team. New contributors are
guided and reviewed by existed committer members. Contributions are always
welcomed and highly valued.
Community

Now we have set development teams for DolphinScheduler in Analysys, and we
already have external developers who contributed the code. We already have
a user group of more than 1,000 people. We hope to grow the base of
contributors by inviting all those who offer contributions through The
Apache Way. Right now, we make use of github as code hosting as well as
gitter for community communication.
Core Developers

The core developers,