[RESULT] [VOTE] Approve release Apache UIMA 2.2.1-incubating
This vote has been open for more than a 72 hours. We have 4 binding +1s, no 0s and 1 -1s. Votes were cast by: Ant Elder (+1) Matthieu Riou (+1) Jean Anderson (+1) Martijn Dashorst (+1) Kevan Millar (-1) We will modify the checksum representation for MD5 and SHA1 so that tools can easier verify the release. The vote passes. Thank you all for checking our release! --Michael Baessler Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [RESULT] [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 19, 2007 10:52 AM, Michael Baessler [EMAIL PROTECTED] wrote: ...We have 4 binding +1s, no 0s and 1 -1s I did vote +0 earlier in this thread. Just for the record, as it doesn'n make much of a difference other than express support ;-) -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [RESULT] [VOTE] Approve release Apache UIMA 2.2.1-incubating
We had two additional votes... Now we have 5 binding +1s, one 0s and one -1s. Votes were cast by: Ant Elder (+1) Matthieu Riou (+1) Jean Anderson (+1) Martijn Dashorst (+1) Paul Fremantle (+1) Bertrand Delacretaz(+0) Kevan Millar (-1) Thanks again for your support! -- Michael Baessler Paul Fremantle wrote: I know I'm late but I'd like to add a +1 to the vote. Paul On Dec 19, 2007 10:02 AM, Michael Baessler [EMAIL PROTECTED] wrote: Bertrand Delacretaz wrote: On Dec 19, 2007 10:52 AM, Michael Baessler [EMAIL PROTECTED] wrote: ...We have 4 binding +1s, no 0s and 1 -1s I did vote +0 earlier in this thread. Just for the record, as it doesn'n make much of a difference other than express support ;-) Sorry I missed that! Thanks ! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 17, 2007 5:44 PM, Thilo Goetz [EMAIL PROTECTED] wrote: Kevan Miller wrote: On Dec 17, 2007, at 4:09 AM, Thilo Goetz wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) That's not how I interpret the policy document. It says: To apply the ALv2 to a new software distribution, include one copy of the license text by copying the file: http://www.apache.org/licenses/LICENSE-2.0.txt into a file called LICENSE in the top directory of your distribution. If the distribution is a jar or tar file, try to add the LICENSE file first in order to place it at the top of the archive. That's what we do. Of course we'll make every effort to make our distribution easy to review. However, it does seem that we're ok wrt current policy, and view this as a suggestion for next time. Ok? Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/notice/disclaimer. If that is the consensus opinion here, that's what we'll do. But please put yourself in our shoes. We can only go by the information that is available to us. If this is a rule, it would be great if it could be written down so the next incubator project doesn't have to go through this. I'd be happy to help with the docs. Out of curiosity, I started going through the Apache SVN repo to see what Apache projects complied with this requirement. I stopped after C because I'd already found 4 that didn't comply: Avalon, Cayenne, Cocoon and Commons. Compliant were Activemq, Ant, APR and Beehive. --Thilo I've never considered that the SVN tag for a release is a distribution before, but its an interesting idea. There clearly is not yet consensus among the IPMC on this though or if that tag MUST have LICENSE and NOTICE files in the the top-level directory. As pointed out above many Apache projects don't do this, and looking back at all the recent Incubator poddling releases many of those have not done this either but never the less their vote has passed. So it is a new requirement and I don't think we should be making up policy during a release vote like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out? Kevan, would you withdraw your -1 for this release while we resolve this? ...ant
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Kevan Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/ notice/disclaimer. --kevan Kevan The SVN tag is only a distribution if it is published as that. The fact that SVN is available to anyone via HTTP does not make it a distribution in terms of Apache definitions. Otherwise we could never do any work in SVN unless every single directory has a LICENSE and NOTICE file in it. After all - any directory in SVN is available to the public. The point of a distribution is that it is something that is created by a deliberate act and vote. We haven't been asked to vote on the SVN tag afaik. So I don't agree with your reading. Paul -- Paul Fremantle Co-Founder and VP of Technical Sales, WSO2 OASIS WS-RX TC Co-chair blog: http://pzf.fremantle.org [EMAIL PROTECTED] Oxygenating the Web Service Platform, www.wso2.com
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...There clearly is not yet consensus among the IPMC on this though or if that tag MUST have LICENSE and NOTICE files in the the top-level directory ...So it is a new requirement and I don't think we should be making up policy during a release vote like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Agreed, let's not introduce new rules in flight, especially when, as you indicate, such rules are not followed by existing projects. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 18, 2007, at 12:15 PM, Bertrand Delacretaz wrote: On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...So it is a new requirement and I don't think we should be making up policy during a release vote +1, that's even part of the policy! It is just *so* annoying that this keeps happening. like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Yup. It always gets fuzzy when voting and discussion intermix, but I do count 3 +1 votes and more +1 votes than -1 votes. That typically means the vote passes, so UIMA can release. - Leo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Leo Simons wrote: On Dec 18, 2007, at 12:15 PM, Bertrand Delacretaz wrote: On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...So it is a new requirement and I don't think we should be making up policy during a release vote +1, that's even part of the policy! It is just *so* annoying that this keeps happening. like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Yup. It always gets fuzzy when voting and discussion intermix, but I do count 3 +1 votes and more +1 votes than -1 votes. That typically means the vote passes, so UIMA can release. Right the vote runs for more than 72 hours and we have 3 +1 votes and one -1 vote. The other open issue was the checksum representation for MD5 and SHA1. The representation can be improved and we will do this for the next release. (I already opened a JIRA issue for that). It is just open what we have to do for the current release. -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
For the record, +1 for releasing from me. Martijn On Dec 18, 2007 1:16 PM, Leo Simons [EMAIL PROTECTED] wrote: On Dec 18, 2007, at 12:15 PM, Bertrand Delacretaz wrote: On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...So it is a new requirement and I don't think we should be making up policy during a release vote +1, that's even part of the policy! It is just *so* annoying that this keeps happening. like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Yup. It always gets fuzzy when voting and discussion intermix, but I do count 3 +1 votes and more +1 votes than -1 votes. That typically means the vote passes, so UIMA can release. - Leo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-rc2 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-rc1/
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 18, 2007 3:11 PM, Martijn Dashorst [EMAIL PROTECTED] wrote: For the record, +1 for releasing from me. +0 from me for now: from discussions here I feel like everything's fine, but lack the time to check the release files myself ATM. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 18/12/2007, Michael Baessler [EMAIL PROTECTED] wrote: Leo Simons wrote: On Dec 18, 2007, at 12:15 PM, Bertrand Delacretaz wrote: On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...So it is a new requirement and I don't think we should be making up policy during a release vote +1, that's even part of the policy! It is just *so* annoying that this keeps happening. like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Yup. It always gets fuzzy when voting and discussion intermix, but I do count 3 +1 votes and more +1 votes than -1 votes. That typically means the vote passes, so UIMA can release. Right the vote runs for more than 72 hours and we have 3 +1 votes and one -1 vote. The other open issue was the checksum representation for MD5 and SHA1. The representation can be improved and we will do this for the next release. (I already opened a JIRA issue for that). It is just open what we have to do for the current release. I've created reformatted versions for the src and bin archives in: http://people.apache.org/~sebb/UIMA/ in case that helps. I've not fixed the Maven hashes. I don't know whether the Maven hash-checking can cope with the format or not - and does it ignore hash files with incorrect format or what? If it does not handle the format properly, this could cause download problems. -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: On 18/12/2007, Michael Baessler [EMAIL PROTECTED] wrote: Leo Simons wrote: On Dec 18, 2007, at 12:15 PM, Bertrand Delacretaz wrote: On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...So it is a new requirement and I don't think we should be making up policy during a release vote +1, that's even part of the policy! It is just *so* annoying that this keeps happening. like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Yup. It always gets fuzzy when voting and discussion intermix, but I do count 3 +1 votes and more +1 votes than -1 votes. That typically means the vote passes, so UIMA can release. Right the vote runs for more than 72 hours and we have 3 +1 votes and one -1 vote. The other open issue was the checksum representation for MD5 and SHA1. The representation can be improved and we will do this for the next release. (I already opened a JIRA issue for that). It is just open what we have to do for the current release. I've created reformatted versions for the src and bin archives in: http://people.apache.org/~sebb/UIMA/ in case that helps. Thanks! I've not fixed the Maven hashes. I don't know whether the Maven hash-checking can cope with the format or not - and does it ignore hash files with incorrect format or what? If it does not handle the format properly, this could cause download problems. The hashes for the maven artifacts are generated by maven, in the format that maven wants them. There should be no problem, there hasn't been in the past. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 18/12/2007, Thilo Goetz [EMAIL PROTECTED] wrote: sebb wrote: On 18/12/2007, Michael Baessler [EMAIL PROTECTED] wrote: Leo Simons wrote: On Dec 18, 2007, at 12:15 PM, Bertrand Delacretaz wrote: On Dec 18, 2007 10:37 AM, ant elder [EMAIL PROTECTED] wrote: ...So it is a new requirement and I don't think we should be making up policy during a release vote +1, that's even part of the policy! It is just *so* annoying that this keeps happening. like this as it makes it very frustrating for poddling. How about letting this UIMA release out as-is for now while we work this out?... Yup. It always gets fuzzy when voting and discussion intermix, but I do count 3 +1 votes and more +1 votes than -1 votes. That typically means the vote passes, so UIMA can release. Right the vote runs for more than 72 hours and we have 3 +1 votes and one -1 vote. The other open issue was the checksum representation for MD5 and SHA1. The representation can be improved and we will do this for the next release. (I already opened a JIRA issue for that). It is just open what we have to do for the current release. I've created reformatted versions for the src and bin archives in: http://people.apache.org/~sebb/UIMA/ in case that helps. Thanks! I've not fixed the Maven hashes. I don't know whether the Maven hash-checking can cope with the format or not - and does it ignore hash files with incorrect format or what? If it does not handle the format properly, this could cause download problems. The hashes for the maven artifacts are generated by maven, in the format that maven wants them. There should be no problem, there hasn't been in the past. OK. I thought I'd seen one with the different format, but I've just rechecked one or two and they hold just the hash. Sorry for th diversion. That format would be fine as the bin and src archive hashes too. Having the file name as well is only essential for a file containing multiple hashes. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) That's not how I interpret the policy document. It says: To apply the ALv2 to a new software distribution, include one copy of the license text by copying the file: http://www.apache.org/licenses/LICENSE-2.0.txt into a file called LICENSE in the top directory of your distribution. If the distribution is a jar or tar file, try to add the LICENSE file first in order to place it at the top of the archive. That's what we do. Of course we'll make every effort to make our distribution easy to review. However, it does seem that we're ok wrt current policy, and view this as a suggestion for next time. Ok? --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] yeah, I went to their website and followed the link from there. So did I. The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. this wording was approved in their first release -- iirc there were discussions about what specifically to put there [1] and I had a minor hand in that since they had borrowed wording from derby [2]. I'm not objecting to the wording in the NOTICE file. However, since it refers to another license, I think that needs to be present in the LICENSE file: http://www.apache.org/dev/release.html#distributing-code-under-several-licenses We are not distributing code under several licenses. The only license applicable to UIMA is the AL. The somewhat cryptic (to a non-lawyer) statement in the NOTICE file was put there on request by the IPMC, we didn't have it there originally. To my way of thinking, what it is supposed to say is that some of the code originated with IBM, but has since been relicensed under the Apache License. This exact version of the NOTICE and LICENSE file has been approved for our previous two releases, so I do hope they are still ok. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] Good point, will do next time. [...] There are some problems with the MD5 and SHA1 files. For example, uimaj-2.2.1-incubating-bin.tar.bz2.md5: uimaj-2.2.1-incubating-bin.tar.bz2: 53 20 6A FB 75 1F 07 9D BB 12 82 58 D0 7D CA 4B The hash is spread over two lines and into hex pairs. The normal format is either: 53206afb751f079dbb128258d07dca4b or 53206afb751f079dbb128258d07dca4b *uimaj-2.2.1-incubating-bin.tar.bz2 The SHA1 checksums have the same problem. The PGP signatures are OK, however the format of the existing MD5/SHA1 files means that most (all?) checking programs will have difficulty verifying the checksums. We generate the checksums with gpg --print-md MD5 [fileName] [fileName].md5 and gpg --print-md SHA1 [fileName] [fileName].sha respectively (as described in the release signing FAQ; however, I suggested that text ;-). The advantage of using gpg is that you just need one tool for the various signatures. If there are alternatives, we'll be happy to entertain them (we use maven as our build env). Can you elaborate on what checking programs are commonly used? It was my understanding that the primary signing mechanisms were the PGP signatures, and the checksums were just for quick sanity checks (visual verification, as they are so short). Thanks. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 17, 2007 10:09 AM, Thilo Goetz [EMAIL PROTECTED] wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball,... That's not how I interpret the policy document You might be right about the letter of the policy document, but all kinds of alarms go off in my brain when I see a distribution tarball that doesn't match the SVN tag that it's built from. Automated reproducible builds (including building distribution archives) are IMHO a must in our way of working. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Bertrand Delacretaz wrote: On Dec 17, 2007 10:09 AM, Thilo Goetz [EMAIL PROTECTED] wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball,... That's not how I interpret the policy document You might be right about the letter of the policy document, but all kinds of alarms go off in my brain when I see a distribution tarball that doesn't match the SVN tag that it's built from. Automated reproducible builds (including building distribution archives) are IMHO a must in our way of working. Absolutely. Our build is completely automated and reproducible, including generating the distribution. Here's (a slightly simplified version of) our build script: svn checkout $tag cd $leveldir/uimaj mvn -Duima.build.date=`date` install cd .. cd uimaj-distr mvn assembly:assembly This does everything from svn extract to building the release artifacts (except the signing, that requires some manual intervention because of the release manager's key phrase). I don't think it gets much simpler than that. However, I don't think that addresses your concerns. AIUI, you would like our repository to look exactly like the source distribution. Well, it almost is, except for the files in the top level directory. Those get copied there when we build the distribution. Why? I guess we thought it's cleaner that way, and complies with maven's notion of organizing things. For example, the NOTICE file lives in uimaj-distr/src/main/readme. It's still there in the source distribution, but it's also at the top level. Now if we absolutely must, we can change that. I do admit that I don't quite understand the reason, though, and like it better the way it is ;-) --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 17, 2007 11:08 AM, Thilo Goetz [EMAIL PROTECTED] wrote: Bertrand Delacretaz wrote: ...Automated reproducible builds (including building distribution archives) are IMHO a must in our way of working. Absolutely. Our build is completely automated and reproducible, including generating the distribution. Here's (a slightly simplified version of) our build script:... Ok sorry then, I misunderstood. I thought Marshall was saying that you added the LICENSE/NOTICE files manually to the distribution archive (please bear with me, it's Monday morning here ;-) ...However, I don't think that addresses your concerns. AIUI, you would like our repository to look exactly like the source distribution. Well, it almost is, except for the files in the top level directory That's ok with me, as the automated build recreates the same distribution archive if run from the specified SVN tag. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 17/12/2007, Thilo Goetz [EMAIL PROTECTED] wrote: sebb wrote: On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] yeah, I went to their website and followed the link from there. So did I. The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. this wording was approved in their first release -- iirc there were discussions about what specifically to put there [1] and I had a minor hand in that since they had borrowed wording from derby [2]. I'm not objecting to the wording in the NOTICE file. However, since it refers to another license, I think that needs to be present in the LICENSE file: http://www.apache.org/dev/release.html#distributing-code-under-several-licenses We are not distributing code under several licenses. The only license applicable to UIMA is the AL. The somewhat cryptic (to a non-lawyer) statement in the NOTICE file was put there on request by the IPMC, we didn't have it there originally. To my way of thinking, what it is supposed to say is that some of the code originated with IBM, but has since been relicensed under the Apache License. Sorry, I misread the paragraph originally - I somehow managed to overlook the phrase to the Apache Software Foundation and thought it referred to a standard 3rd party attribution notice. Apologies for the noise on this matter. This exact version of the NOTICE and LICENSE file has been approved for our previous two releases, so I do hope they are still ok. Yes, it's my brian that needs adjusting in this case... --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 17/12/2007, Thilo Goetz [EMAIL PROTECTED] wrote: sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] Good point, will do next time. [...] There are some problems with the MD5 and SHA1 files. For example, uimaj-2.2.1-incubating-bin.tar.bz2.md5: uimaj-2.2.1-incubating-bin.tar.bz2: 53 20 6A FB 75 1F 07 9D BB 12 82 58 D0 7D CA 4B The hash is spread over two lines and into hex pairs. The normal format is either: 53206afb751f079dbb128258d07dca4b or 53206afb751f079dbb128258d07dca4b *uimaj-2.2.1-incubating-bin.tar.bz2 The SHA1 checksums have the same problem. The PGP signatures are OK, however the format of the existing MD5/SHA1 files means that most (all?) checking programs will have difficulty verifying the checksums. We generate the checksums with gpg --print-md MD5 [fileName] [fileName].md5 and gpg --print-md SHA1 [fileName] [fileName].sha respectively (as described in the release signing FAQ; however, I suggested that text ;-). The advantage of using gpg is that you just need one tool for the various signatures. If there are alternatives, we'll be happy to entertain them (we use maven as our build env). Maven can generate the MD5 and SHA1 checksums itself; no need for a separate tool. I'm not familiar with Maven, so I don't know the commands off-hand, but I can probably find them. Can you elaborate on what checking programs are commonly used? The programs for checking MD5s are referenced from a lot of download pages, for example: http://xerces.apache.org/xerces-c/download.cgi and http://myfaces.apache.org/download.html All of these expect checksums which are a single string of hex digits. It was my understanding that the primary signing mechanisms were the PGP signatures, and the checksums were just for quick sanity checks (visual verification, as they are so short). Thanks. Yes, PGP sigs are the primary signing mechanisms. MD5 and SHA1 are not as secure. However they are still useful, particularly for checking that the files have been downloaded successfully. To that end, having a format that can be automatically checked is essential. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: [...] Maven can generate the MD5 and SHA1 checksums itself; no need for a separate tool. I'm not familiar with Maven, so I don't know the commands off-hand, but I can probably find them. Maybe it can, but I was unable to figure out how. We need to create checksums for the artifacts that fall out of the assembly step, and I don't think maven supports creating those. However, Ant can create checksums in the expected format. So we can call an Ant task from Maven to do this. For the purposes of this vote, would it be ok to just modify the existing .md5 and .sha1 files? I would prefer not having to create another release candidate just for that purpose. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 17, 2007, at 4:09 AM, Thilo Goetz wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) That's not how I interpret the policy document. It says: To apply the ALv2 to a new software distribution, include one copy of the license text by copying the file: http://www.apache.org/licenses/LICENSE-2.0.txt into a file called LICENSE in the top directory of your distribution. If the distribution is a jar or tar file, try to add the LICENSE file first in order to place it at the top of the archive. That's what we do. Of course we'll make every effort to make our distribution easy to review. However, it does seem that we're ok wrt current policy, and view this as a suggestion for next time. Ok? Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/ notice/disclaimer. --kevan
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Kevan Miller wrote: On Dec 17, 2007, at 4:09 AM, Thilo Goetz wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) That's not how I interpret the policy document. It says: To apply the ALv2 to a new software distribution, include one copy of the license text by copying the file: http://www.apache.org/licenses/LICENSE-2.0.txt into a file called LICENSE in the top directory of your distribution. If the distribution is a jar or tar file, try to add the LICENSE file first in order to place it at the top of the archive. That's what we do. Of course we'll make every effort to make our distribution easy to review. However, it does seem that we're ok wrt current policy, and view this as a suggestion for next time. Ok? Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/notice/disclaimer. If that is the consensus opinion here, that's what we'll do. But please put yourself in our shoes. We can only go by the information that is available to us. If this is a rule, it would be great if it could be written down so the next incubator project doesn't have to go through this. I'd be happy to help with the docs. Out of curiosity, I started going through the Apache SVN repo to see what Apache projects complied with this requirement. I stopped after C because I'd already found 4 that didn't comply: Avalon, Cayenne, Cocoon and Commons. Compliant were Activemq, Ant, APR and Beehive. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Though I don't necessarily agree with Kevan, the best projects to look at are recently graduated projects as those have been scrutinized by the IPMC, and have been held against the same (though possibly changing) standards as you. For instance you could take a look at Wicket, OpenJPA, ServiceMix, Ode, Roller and Felix. Martijn On Dec 17, 2007 6:44 PM, Thilo Goetz [EMAIL PROTECTED] wrote: Kevan Miller wrote: On Dec 17, 2007, at 4:09 AM, Thilo Goetz wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) That's not how I interpret the policy document. It says: To apply the ALv2 to a new software distribution, include one copy of the license text by copying the file: http://www.apache.org/licenses/LICENSE-2.0.txt into a file called LICENSE in the top directory of your distribution. If the distribution is a jar or tar file, try to add the LICENSE file first in order to place it at the top of the archive. That's what we do. Of course we'll make every effort to make our distribution easy to review. However, it does seem that we're ok wrt current policy, and view this as a suggestion for next time. Ok? Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/notice/disclaimer. If that is the consensus opinion here, that's what we'll do. But please put yourself in our shoes. We can only go by the information that is available to us. If this is a rule, it would be great if it could be written down so the next incubator project doesn't have to go through this. I'd be happy to help with the docs. Out of curiosity, I started going through the Apache SVN repo to see what Apache projects complied with this requirement. I stopped after C because I'd already found 4 that didn't comply: Avalon, Cayenne, Cocoon and Commons. Compliant were Activemq, Ant, APR and Beehive. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-rc2 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-rc1/
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 17/12/2007, Thilo Goetz [EMAIL PROTECTED] wrote: Kevan Miller wrote: On Dec 17, 2007, at 4:09 AM, Thilo Goetz wrote: William A. Rowe, Jr. wrote: Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) That's not how I interpret the policy document. It says: To apply the ALv2 to a new software distribution, include one copy of the license text by copying the file: http://www.apache.org/licenses/LICENSE-2.0.txt into a file called LICENSE in the top directory of your distribution. If the distribution is a jar or tar file, try to add the LICENSE file first in order to place it at the top of the archive. That's what we do. Of course we'll make every effort to make our distribution easy to review. However, it does seem that we're ok wrt current policy, and view this as a suggestion for next time. Ok? Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/notice/disclaimer. If that is the consensus opinion here, that's what we'll do. But please put yourself in our shoes. We can only go by the information that is available to us. If this is a rule, it would be great if it could be written down so the next incubator project doesn't have to go through this. I'd be happy to help with the docs. Out of curiosity, I started going through the Apache SVN repo to see what Apache projects complied with this requirement. I stopped after C because I'd already found 4 that didn't comply: Avalon, Cayenne, Cocoon and Commons. Avalon is defunct, so does not count. Commons looks OK to me; there are NL files in http://svn.apache.org/repos/asf/commons/proper/attributes/trunk/ http://svn.apache.org/repos/asf/commons/proper/commons-build/trunk/ and http://svn.apache.org/repos/asf/commons/proper/vfs/trunk/ to take a few at random The top-level directory: http://svn.apache.org/repos/asf/commons/ is not a project - see the README for details. I agree that Cayenne and Cocoon are non-compliant. Compliant were Activemq, Ant, APR and Beehive. --Thilo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 17, 2007 5:49 PM, Kevan Miller [EMAIL PROTECTED] wrote: Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/ notice/disclaimer. I don't agree with this standpoint as for instance the LICENSE and DISCLAIMER docs can be automatically included into the correct distribution location from officially released bundles. This makes much more sense as it keeps the definition of those documents in one place. This process is repeatable using maven. IMO SVN does not have to mirror an unzipped release (there is no policy directing that, or if there is, please provide a link), as long as it is reproducible from the release tag. Martijn -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-rc2 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-rc1/
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 17/12/2007, Martijn Dashorst [EMAIL PROTECTED] wrote: On Dec 17, 2007 5:49 PM, Kevan Miller [EMAIL PROTECTED] wrote: Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/ notice/disclaimer. I agree with Kevan. I don't agree with this standpoint as for instance the LICENSE and DISCLAIMER docs can be automatically included into the correct distribution location from officially released bundles. This makes much more sense as it keeps the definition of those documents in one place. This process is repeatable using maven. IMO SVN does not have to mirror an unzipped release (there is no policy directing that, or if there is, please provide a link), as long as it is reproducible from the release tag. I have asked about this on the legal discuss list. Regardless of the outcome, I think that there are problems with generating the NOTICE and LICENSE files automatically. Unless the project is pure ASF, there are additional items that may need to be added to the N L files. In any case, I think it's important that these files are carefully considered to ensure that the required entries are present. This is difficult if not impossible if the contents of the N L files are automatically generated. The N L files are unlikely to change frequently, so it really does not save much work (if any) to create them by hand. Having them in the top-level SVN directory seems sensible to me. Martijn -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-rc2 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-rc1/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: On 17/12/2007, Martijn Dashorst [EMAIL PROTECTED] wrote: On Dec 17, 2007 5:49 PM, Kevan Miller [EMAIL PROTECTED] wrote: Your interpretation works if your subversion repository is not a distribution. IMO, it is and should contain appropriate license/ notice/disclaimer. I agree with Kevan. I don't agree with this standpoint as for instance the LICENSE and DISCLAIMER docs can be automatically included into the correct distribution location from officially released bundles. This makes much more sense as it keeps the definition of those documents in one place. This process is repeatable using maven. IMO SVN does not have to mirror an unzipped release (there is no policy directing that, or if there is, please provide a link), as long as it is reproducible from the release tag. I have asked about this on the legal discuss list. Regardless of the outcome, I think that there are problems with generating the NOTICE and LICENSE files automatically. Unless the project is pure ASF, there are additional items that may need to be added to the N L files. In any case, I think it's important that these files are carefully considered to ensure that the required entries are present. This is difficult if not impossible if the contents of the N L files are automatically generated. Just to be clear, in the case of UIMA, these files are *not* being generated (that is, their contents are not being generated) automatically. The only thing that is happening is that our automated build process for building the binary and source distributions from our SVN has a step which copies these files from where they reside in our SVN to the top level, as required in the distribution. The N L files are unlikely to change frequently, so it really does not save much work (if any) to create them by hand. Having them in the top-level SVN directory seems sensible to me. The tools we use for development (Eclipse, mainly) like to have files in projects; we have adopted an organization where our SVN follows this convention. So, for us, it is more convenient to have these files in SVN inside one of our Eclipse projects, where we can then use the standard tooling for maintaining them. -Marshall Martijn -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-rc2 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-rc1/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 17, 2007 10:17 PM, sebb [EMAIL PROTECTED] wrote: Regardless of the outcome, I think that there are problems with generating the NOTICE and LICENSE files automatically. Unless the project is pure ASF, there are additional items that may need to be added to the N L files. In any case, I think it's important that these files are carefully considered to ensure that the required entries are present. This is difficult if not impossible if the contents of the N L files are automatically generated. Generating those files based on some knowledge of the project is something that SHOULD be allowed. For instance, the Wicket project generates the root NOTICE file from sub projects' notice files inside the source tree. This generated file is distributed inside our tar balls and zip files. The same strategy can be applied to the license file. The reason being that dependencies are typically managed at a local level in a multi-module project. Administering the NOTICE and LICENSE files locally is more convenient and less likely to get out of date than putting everything in a central file by hand. (As an aside, Wicket does store the generated files in a separate release branch in the svn repo, but not in the root of trunk). The question is not about wether generating these files is good or not. It is whether svn MUST mirror the released artifact. In my opinion that is not the case: building the distribution should be reproducible based on the release tag. How projects implement that is their prerogative. As incubator we don't have to prescribe these minutiae, but provide oversight on actual distributed artifacts. These are the zips and tarballs our podlings provide. IMO dictating a release procedure is stepping across the boundaries of what a podling/project can evolve themselves. The N L files are unlikely to change frequently, so it really does not save much work (if any) to create them by hand. Having them in the top-level SVN directory seems sensible to me. But sensible does not policy make: I find it sensible to use maven for building a release, but I wouldn't turn that into policy. Martijn -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-rc2 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-rc1/
[DISCUSS] [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: sebb wrote: The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. this wording was approved in their first release -- iirc there were discussions about what specifically to put there [1] and I had a minor hand in that since they had borrowed wording from derby [2]. I'm not objecting to the wording in the NOTICE file. However, since it refers to another license, I think that needs to be present in the LICENSE file: http://www.apache.org/dev/release.html#distributing-code-under-several-licenses The software grant license agreement to which it refers is this : http://www.apache.org/licenses/software-grant.txt I assumed that when outside entities file software grants they always use the software-grant.txt form (or CCLA addendum B in cla-corporate.txt), but I'm probably wrong about that. For this release, I don't think anything needs to be done. Perhaps a broader issue is how apache projects as a whole should reference the code drops that come in via a software grant -- or if it's even necessary to do so since the original copyright is in the NOTICE file. Perhaps that's sufficient? -jean -jean [1] http://tinyurl.com/2jncrq [2] http://tinyurl.com/3bdz9n There are some problems with the MD5 and SHA1 files. For example, uimaj-2.2.1-incubating-bin.tar.bz2.md5: uimaj-2.2.1-incubating-bin.tar.bz2: 53 20 6A FB 75 1F 07 9D BB 12 82 58 D0 7D CA 4B The hash is spread over two lines and into hex pairs. The normal format is either: 53206afb751f079dbb128258d07dca4b or 53206afb751f079dbb128258d07dca4b *uimaj-2.2.1-incubating-bin.tar.bz2 The SHA1 checksums have the same problem. The PGP signatures are OK, however the format of the existing MD5/SHA1 files means that most (all?) checking programs will have difficulty verifying the checksums. I think these problems need to be corrected before release (if necessary by editting the files) On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: I reviewed the rat reports, checked the asc signatures, did a cursory review of DISCLAIMER, NOTICE, and LICENSE files in a couple of the src and bin files, and it all looks good to me. +1 btw, the way you provide the rat reports up front is *very* helpful. -jean Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 15, 2007 9:21 PM, Kevan Miller [EMAIL PROTECTED] wrote: On Dec 15, 2007, at 1:43 PM, sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. The code covered by that software grant would now be covered by the Apache License. I would not expect to find the software grant agreement in the license text/files. Haven't looked into the hash/ checksum issues... On further review, I am changing my vote to a -1. The source code in svn ( https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 ) does not contain a LICENSE, NOTICE, and DISCLAIMER file in the top directory. Refer to http://apache.org/dev/apply-license.html if you have any questions. --kevan That seems a little harsh to me and with some build setups its easier to keep the legal files in a different location. AIUI its only that actual distribution archives which MUST have the legal files in the top level folder. ...ant
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
I reviewed the rat reports, checked the asc signatures, did a cursory review of DISCLAIMER, NOTICE, and LICENSE files in a couple of the src and bin files, and it all looks good to me. +1 btw, the way you provide the rat reports up front is *very* helpful. -jean Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
[Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. There are some problems with the MD5 and SHA1 files. For example, uimaj-2.2.1-incubating-bin.tar.bz2.md5: uimaj-2.2.1-incubating-bin.tar.bz2: 53 20 6A FB 75 1F 07 9D BB 12 82 58 D0 7D CA 4B The hash is spread over two lines and into hex pairs. The normal format is either: 53206afb751f079dbb128258d07dca4b or 53206afb751f079dbb128258d07dca4b *uimaj-2.2.1-incubating-bin.tar.bz2 The SHA1 checksums have the same problem. The PGP signatures are OK, however the format of the existing MD5/SHA1 files means that most (all?) checking programs will have difficulty verifying the checksums. I think these problems need to be corrected before release (if necessary by editting the files) On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: I reviewed the rat reports, checked the asc signatures, did a cursory review of DISCLAIMER, NOTICE, and LICENSE files in a couple of the src and bin files, and it all looks good to me. +1 btw, the way you provide the rat reports up front is *very* helpful. -jean Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 15, 2007, at 1:43 PM, sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. The code covered by that software grant would now be covered by the Apache License. I would not expect to find the software grant agreement in the license text/files. Haven't looked into the hash/ checksum issues... On further review, I am changing my vote to a -1. The source code in svn (https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 ) does not contain a LICENSE, NOTICE, and DISCLAIMER file in the top directory. Refer to http://apache.org/dev/apply-license.html if you have any questions. --kevan
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] yeah, I went to their website and followed the link from there. The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. this wording was approved in their first release -- iirc there were discussions about what specifically to put there [1] and I had a minor hand in that since they had borrowed wording from derby [2]. -jean [1] http://tinyurl.com/2jncrq [2] http://tinyurl.com/3bdz9n There are some problems with the MD5 and SHA1 files. For example, uimaj-2.2.1-incubating-bin.tar.bz2.md5: uimaj-2.2.1-incubating-bin.tar.bz2: 53 20 6A FB 75 1F 07 9D BB 12 82 58 D0 7D CA 4B The hash is spread over two lines and into hex pairs. The normal format is either: 53206afb751f079dbb128258d07dca4b or 53206afb751f079dbb128258d07dca4b *uimaj-2.2.1-incubating-bin.tar.bz2 The SHA1 checksums have the same problem. The PGP signatures are OK, however the format of the existing MD5/SHA1 files means that most (all?) checking programs will have difficulty verifying the checksums. I think these problems need to be corrected before release (if necessary by editting the files) On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: I reviewed the rat reports, checked the asc signatures, did a cursory review of DISCLAIMER, NOTICE, and LICENSE files in a couple of the src and bin files, and it all looks good to me. +1 btw, the way you provide the rat reports up front is *very* helpful. -jean Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] yeah, I went to their website and followed the link from there. So did I. The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. this wording was approved in their first release -- iirc there were discussions about what specifically to put there [1] and I had a minor hand in that since they had borrowed wording from derby [2]. I'm not objecting to the wording in the NOTICE file. However, since it refers to another license, I think that needs to be present in the LICENSE file: http://www.apache.org/dev/release.html#distributing-code-under-several-licenses -jean [1] http://tinyurl.com/2jncrq [2] http://tinyurl.com/3bdz9n There are some problems with the MD5 and SHA1 files. For example, uimaj-2.2.1-incubating-bin.tar.bz2.md5: uimaj-2.2.1-incubating-bin.tar.bz2: 53 20 6A FB 75 1F 07 9D BB 12 82 58 D0 7D CA 4B The hash is spread over two lines and into hex pairs. The normal format is either: 53206afb751f079dbb128258d07dca4b or 53206afb751f079dbb128258d07dca4b *uimaj-2.2.1-incubating-bin.tar.bz2 The SHA1 checksums have the same problem. The PGP signatures are OK, however the format of the existing MD5/SHA1 files means that most (all?) checking programs will have difficulty verifying the checksums. I think these problems need to be corrected before release (if necessary by editting the files) On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: I reviewed the rat reports, checked the asc signatures, did a cursory review of DISCLAIMER, NOTICE, and LICENSE files in a couple of the src and bin files, and it all looks good to me. +1 btw, the way you provide the rat reports up front is *very* helpful. -jean Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[DISCUSS][VOTE] Approve release Apache UIMA 2.2.1-incubating
resend from an email that won't need moderation (sorry for the dup). sebb wrote: On 15/12/2007, Jean T. Anderson [EMAIL PROTECTED] wrote: sebb wrote: The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. this wording was approved in their first release -- iirc there were discussions about what specifically to put there [1] and I had a minor hand in that since they had borrowed wording from derby [2]. I'm not objecting to the wording in the NOTICE file. However, since it refers to another license, I think that needs to be present in the LICENSE file: http://www.apache.org/dev/release.html#distributing-code-under-several-licenses The software grant license agreement to which it refers is this : http://www.apache.org/licenses/software-grant.txt I assumed that when outside entities file software grants they always use the software-grant.txt form (or CCLA addendum B in cla-corporate.txt), but I'm probably wrong about that. For this release, I don't think anything needs to be done. Perhaps a broader issue is how apache projects as a whole should reference the code drops that come in via a software grant -- or if it's even necessary to do so since the original copyright is in the NOTICE file. Perhaps that's sufficient? -jean -jean [1] http://tinyurl.com/2jncrq [2] http://tinyurl.com/3bdz9n - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. -Marshall Kevan Miller wrote: On Dec 15, 2007, at 1:43 PM, sebb wrote: [Eventually found the KEYS file in SVN, but it might be helpful to provide a pointer in the vote mails] The NOTICE file in uimaj-2.2.1-incubating-bin.zip refers to the contributions from IBM: Software Grant License Agreement, informally known as the IBM UIMA License Agreement. however, that license is not in LICENSE, nor is it linked from there. The code covered by that software grant would now be covered by the Apache License. I would not expect to find the software grant agreement in the license text/files. Haven't looked into the hash/checksum issues... On further review, I am changing my vote to a -1. The source code in svn (https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06) does not contain a LICENSE, NOTICE, and DISCLAIMER file in the top directory. Refer to http://apache.org/dev/apply-license.html if you have any questions. --kevan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Marshall Schor wrote: We've put the LICENSE, NOTICES, and DISCLAIMERs into the top directory of the source (and binary) distribution(s), but didn't realize this also needs to be in the top level of the SVN tag, because we didn't know that was considered part of the distribution. Can you please confirm this is the case? In which case, we'll of course comply. Your distribution must correspond to subversion, otherwise it's very hard to track the artifacts in the tarball, where they came from, how they got there, and if they underwent the proper oversight prior to packaging. (Yes, we vote on the prepared tarball, but you can see how discrepancies do create questions.) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
+1 I looked at the rat reports and poked around the src and binaries. All looked good to me. --kevan On Dec 13, 2007, at 6:50 AM, Michael Baessler wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[VOTE] Approve release Apache UIMA 2.2.1-incubating
The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
On Dec 13, 2007 11:50 AM, Michael Baessler [EMAIL PROTECTED] wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/http://people.apache.org/%7Embaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael +1 this looks all fine to me. i did wonder why the jVinci jar doesn't have a uima- prefix or use the org.apache.uima package name but it looks fine in the maven repository so i guess that doesn't matter. ...ant
Re: [VOTE] Approve release Apache UIMA 2.2.1-incubating
Looks good to me as well. [X] +1 Accept to release Apache UIMA 2.2.1 Matthieu On Dec 13, 2007 5:53 AM, ant elder [EMAIL PROTECTED] wrote: On Dec 13, 2007 11:50 AM, Michael Baessler [EMAIL PROTECTED] wrote: The Apache UIMA committers ask the Apache Incubator PMC for permission to publish a new bug fix release of Apache UIMA. This release contains bug fixes of the Apache UIMA 2.2.0 release published in August 2007. For details about the fixes, please have a look at the release notes. We had a vote on uima-dev that resulted in 6 binding +1s (all the committers) and no 0s or -1s. The vote thread is here: http://mail-archives.apache.org/mod_mbox/incubator-uima-dev/200712.mbox/[EMAIL PROTECTED] Please review the release candidate here: http://people.apache.org/~mbaessler/uimaj-2.2.1/06/http://people.apache.org/%7Embaessler/uimaj-2.2.1/06/ http://people.apache.org/%7Embaessler/uimaj-2.2.1/06/ There are subdirectories like: /bin - that contains the binary distribution files /src - that contains the source distribution files /rat - that contains the RAT reports (using RAT 0.5.1) with some comments /eclipseUpdateSite - that contains the eclipse update site artifacts /maven - that contains the Maven artifacts we would like to release to the incubator repository The SVN tag for this release candidate is: https://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.2.1/uimaj-2.2.1-06 Please vote: [ ] +1 Accept to release Apache UIMA 2.2.1 [ ] -1 No, because Thanks! -- Michael +1 this looks all fine to me. i did wonder why the jVinci jar doesn't have a uima- prefix or use the org.apache.uima package name but it looks fine in the maven repository so i guess that doesn't matter. ...ant
