subject:"\[VOTE\] Release Apache Daffodil \(incubating\) 2.1.0\-rc3"

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-05-11 Thread John D. Ament

I'm fine with it then, consider my vote a +1

On Fri, May 11, 2018, 1:32 PM Dave Fisher  wrote:

>
> > On May 11, 2018, at 8:04 AM, John D. Ament 
> wrote:
> >
> > My understanding is that we have confirmed there are Cat-X files in the
> > release.  I don't believe we can approve a release going out with known
> > Cat-X files.
> >
> > Justin, Dave, thoughts?  I'd be happy to switch my vote if there's a
> shared
> > understanding.
>
> My thoughts are:
> (1) Incubating podlings have a DISCLAIMER for a reason. I would suggest
> that the podling share that there are minimal licensing issues that anyone
> planning on depending on this release in a commercial setting should be
> aware.
> (2) I am confident that these will be removed and then brought brought
> back once licensed properly.
> (3) We took a long time reviewing this and I would rather have the podling
> move ahead.
> (4) The Incubator has been lenient on first release in the past.
>
> If others disagree then please say so by Monday.
>
> Regards,
> Dave
>
> >
> > John
> >
> > On Fri, May 11, 2018 at 7:11 AM Steve Lawrence 
> wrote:
> >
> >> The only copyrights in LICENSE are related to BSD, W3C, and OGF
> >> licenses. My understanding is that it is optional to add the copyrights
> >> of these permissive licenses to the NOTICE [1]. And it's actually
> >> preferred to not add them so as to keep the NOTICE as small as possible.
> >> Maybe my understanding of this is wrong?
> >>
> >> Regarding RPM diff, I've looked at the RPM vs tgz daffodil jars and the
> >> internal class files all have the same md5sum. Doing a binary diff, it
> >> looks like the only differences is the file modification time of the
> >> class files--the contents are the same. I suspect the sbt plugin
> >> building our rpm is moving files around or something and changing the
> >> modification time, even though the file content isn't changing. We'll
> >> look into this for the next release and see if it's something we can
> >> fix. These jars really should have the same hash.
> >>
> >> The other issues we plan the resolve in the next release.
> >>
> >> Thanks,
> >> - Steve
> >>
> >> [1] https://www.apache.org/dev/licensing-howto.html#permissive-deps
> >>
> >>
> >>
> >> On 05/10/2018 07:42 PM, Dave Fisher wrote:
> >>> Hi -
> >>>
> >>> +1 (binding) with a couple of areas for improvement.
> >>>
> >>> Source - hashes and signatures are good.
> >>>
> >>> I’m finally reviewing this release and in looking at the NOTICE and
> >> LICENSE
> >>> there are many copyrights/required notices that are in the LICENSE
> >> instead of
> >>> the NOTICE. Breaking these apart properly is difficult, but needs to be
> >> done
> >>> before your next release.
> >>>
> >>> RAT Check:
> >>>
> >>
> ./daffodil-lib/src/main/scala/org/apache/daffodil/util/UniquenessCache.scala
> >>>   ./daffodil-lib/src/main/scala/passera/numerics/package.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/package.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/SmallUInt.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/UByte.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/UInt.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/ULong.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/Unsigned.scala
> >>>   ./daffodil-lib/src/main/scala/passera/unsigned/UShort.scala
> >>> I recognize that all of these have headers that have been copied to the
> >> LICENSE.
> >>>
> >>> Binaries - hashes and signatures are good.
> >>> LICENSE and NOTICE are more correct in the Binaries than the Source.
> >>> Tgz and Zip unpack identical project jars, but for the NPM they are the
> >> same
> >>> size but diff reports they are not identical. I’m going to think of
> this
> >> as an
> >>> artifact of how I unpacked rpm2cpio | cpio
> >>>
> >>> TO DO:
> >>> (1) Fix Source NOTICE and LICENSE
> >>> (2) Handle the 2 test files.
> >>> (3) Improve Rat Check. Probably by including sbt-rat in project with
> >>> addSbtPlugin("org.musigma" % "sbt-rat" % "0.5.1”) and updating
> >> .rat-excludes.
> >>>
> >>> Regards,
> >>> Dave
> >>>
>  On May 10, 2018, at 11:39 AM, John D. Ament   > wrote:
> 
>  Justin/Steve,
> 
>  Apologies as its very confusing looking at this email thread trying to
>  understand what the current state of the vote is.
> 
>  From what I understand:
> 
>  - Two files were included in the release that are Cat-X
>  - These were supposed to be relicensed, but doesn't sound like that
> >> happened
> 
>  Or was it corrected that these two files are UoI NCSA licensed?  If
> >> these
>  files are Cat-X I would also vote a -1 since we cannot release with
> >> clear
>  Cat-X contents (we can release with Cat-X dependencies, but the
> >> contents can't
>  be Cat-X).
> 
>  Thanks,
> 
>  John
> 
>  On 2018/04/30 11:52:22, Steve Lawrence   > wrote:
>

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-05-11 Thread Dave Fisher


> On May 11, 2018, at 8:04 AM, John D. Ament  wrote:
> 
> My understanding is that we have confirmed there are Cat-X files in the
> release.  I don't believe we can approve a release going out with known
> Cat-X files.
> 
> Justin, Dave, thoughts?  I'd be happy to switch my vote if there's a shared
> understanding.

My thoughts are:
(1) Incubating podlings have a DISCLAIMER for a reason. I would suggest that 
the podling share that there are minimal licensing issues that anyone planning 
on depending on this release in a commercial setting should be aware.
(2) I am confident that these will be removed and then brought brought back 
once licensed properly.
(3) We took a long time reviewing this and I would rather have the podling move 
ahead.
(4) The Incubator has been lenient on first release in the past.

If others disagree then please say so by Monday.

Regards,
Dave

> 
> John
> 
> On Fri, May 11, 2018 at 7:11 AM Steve Lawrence  wrote:
> 
>> The only copyrights in LICENSE are related to BSD, W3C, and OGF
>> licenses. My understanding is that it is optional to add the copyrights
>> of these permissive licenses to the NOTICE [1]. And it's actually
>> preferred to not add them so as to keep the NOTICE as small as possible.
>> Maybe my understanding of this is wrong?
>> 
>> Regarding RPM diff, I've looked at the RPM vs tgz daffodil jars and the
>> internal class files all have the same md5sum. Doing a binary diff, it
>> looks like the only differences is the file modification time of the
>> class files--the contents are the same. I suspect the sbt plugin
>> building our rpm is moving files around or something and changing the
>> modification time, even though the file content isn't changing. We'll
>> look into this for the next release and see if it's something we can
>> fix. These jars really should have the same hash.
>> 
>> The other issues we plan the resolve in the next release.
>> 
>> Thanks,
>> - Steve
>> 
>> [1] https://www.apache.org/dev/licensing-howto.html#permissive-deps
>> 
>> 
>> 
>> On 05/10/2018 07:42 PM, Dave Fisher wrote:
>>> Hi -
>>> 
>>> +1 (binding) with a couple of areas for improvement.
>>> 
>>> Source - hashes and signatures are good.
>>> 
>>> I’m finally reviewing this release and in looking at the NOTICE and
>> LICENSE
>>> there are many copyrights/required notices that are in the LICENSE
>> instead of
>>> the NOTICE. Breaking these apart properly is difficult, but needs to be
>> done
>>> before your next release.
>>> 
>>> RAT Check:
>>> 
>> ./daffodil-lib/src/main/scala/org/apache/daffodil/util/UniquenessCache.scala
>>>   ./daffodil-lib/src/main/scala/passera/numerics/package.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/package.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/SmallUInt.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/UByte.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/UInt.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/ULong.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/Unsigned.scala
>>>   ./daffodil-lib/src/main/scala/passera/unsigned/UShort.scala
>>> I recognize that all of these have headers that have been copied to the
>> LICENSE.
>>> 
>>> Binaries - hashes and signatures are good.
>>> LICENSE and NOTICE are more correct in the Binaries than the Source.
>>> Tgz and Zip unpack identical project jars, but for the NPM they are the
>> same
>>> size but diff reports they are not identical. I’m going to think of this
>> as an
>>> artifact of how I unpacked rpm2cpio | cpio
>>> 
>>> TO DO:
>>> (1) Fix Source NOTICE and LICENSE
>>> (2) Handle the 2 test files.
>>> (3) Improve Rat Check. Probably by including sbt-rat in project with
>>> addSbtPlugin("org.musigma" % "sbt-rat" % "0.5.1”) and updating
>> .rat-excludes.
>>> 
>>> Regards,
>>> Dave
>>> 
 On May 10, 2018, at 11:39 AM, John D. Ament >>> > wrote:
 
 Justin/Steve,
 
 Apologies as its very confusing looking at this email thread trying to
 understand what the current state of the vote is.
 
 From what I understand:
 
 - Two files were included in the release that are Cat-X
 - These were supposed to be relicensed, but doesn't sound like that
>> happened
 
 Or was it corrected that these two files are UoI NCSA licensed?  If
>> these
 files are Cat-X I would also vote a -1 since we cannot release with
>> clear
 Cat-X contents (we can release with Cat-X dependencies, but the
>> contents can't
 be Cat-X).
 
 Thanks,
 
 John
 
 On 2018/04/30 11:52:22, Steve Lawrence >>> > wrote:
> Hi all,
> 
> We are still need at least one more +1. We'd really appreciate if if
>> you
> could take a look.
> 
> Thanks,
> - Steve
> 
> On 04/09/2018 07:24 PM, Steve Lawrence wrote:
>> The Apache Daffodil community has voted and approved the proposed
>> release of Apache Daffodil (i

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-05-11 Thread Dave Fisher

Hi -

> On May 11, 2018, at 4:11 AM, Steve Lawrence  wrote:
> 
> The only copyrights in LICENSE are related to BSD, W3C, and OGF
> licenses. My understanding is that it is optional to add the copyrights
> of these permissive licenses to the NOTICE [1]. And it's actually
> preferred to not add them so as to keep the NOTICE as small as possible.
> Maybe my understanding of this is wrong?

My understanding is that the if the license writes that the copyright notice 
needs to be retained then it needs to go into the NOTICE. But that is not 
completely clear here. [2]

However there is a legal JIRA for this. [3] And this paragraph makes things 
clear. [4]

So you are apparently cool.

> 
> Regarding RPM diff, I've looked at the RPM vs tgz daffodil jars and the
> internal class files all have the same md5sum. Doing a binary diff, it
> looks like the only differences is the file modification time of the
> class files--the contents are the same. I suspect the sbt plugin
> building our rpm is moving files around or something and changing the
> modification time, even though the file content isn't changing. We'll
> look into this for the next release and see if it's something we can
> fix. These jars really should have the same hash.

I don’t think timestamp differences are a concern now that you have explained 
things. Thank you!

> The other issues we plan the resolve in the next release.

We should discuss the various test files that the project wishes to have 
properly relicensed on dev@daffodil.

Regards,
Dave

> 
> Thanks,
> - Steve
> 
> [1] https://www.apache.org/dev/licensing-howto.html#permissive-deps 
> 

[2] http://www.apache.org/legal/resolved.html#required-third-party-notices 

[3] https://issues.apache.org/jira/browse/LEGAL-59 

[4] https://www.apache.org/dev/licensing-howto.html#mod-notice 



> 
> 
> 
> On 05/10/2018 07:42 PM, Dave Fisher wrote:
>> Hi -
>> 
>> +1 (binding) with a couple of areas for improvement.
>> 
>> Source - hashes and signatures are good.
>> 
>> I’m finally reviewing this release and in looking at the NOTICE and LICENSE
>> there are many copyrights/required notices that are in the LICENSE instead of
>> the NOTICE. Breaking these apart properly is difficult, but needs to be done
>> before your next release.
>> 
>> RAT Check:
>>   
>> ./daffodil-lib/src/main/scala/org/apache/daffodil/util/UniquenessCache.scala
>>   ./daffodil-lib/src/main/scala/passera/numerics/package.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/package.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/SmallUInt.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/UByte.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/UInt.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/ULong.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/Unsigned.scala
>>   ./daffodil-lib/src/main/scala/passera/unsigned/UShort.scala
>> I recognize that all of these have headers that have been copied to the 
>> LICENSE.
>> 
>> Binaries - hashes and signatures are good.
>> LICENSE and NOTICE are more correct in the Binaries than the Source.
>> Tgz and Zip unpack identical project jars, but for the NPM they are the same
>> size but diff reports they are not identical. I’m going to think of this as 
>> an
>> artifact of how I unpacked rpm2cpio | cpio
>> 
>> TO DO:
>> (1) Fix Source NOTICE and LICENSE
>> (2) Handle the 2 test files.
>> (3) Improve Rat Check. Probably by including sbt-rat in project with
>> addSbtPlugin("org.musigma" % "sbt-rat" % "0.5.1”) and updating .rat-excludes.
>> 
>> Regards,
>> Dave
>> 
>>> On May 10, 2018, at 11:39 AM, John D. Ament >> > wrote:
>>> 
>>> Justin/Steve,
>>> 
>>> Apologies as its very confusing looking at this email thread trying to
>>> understand what the current state of the vote is.
>>> 
>>> From what I understand:
>>> 
>>> - Two files were included in the release that are Cat-X
>>> - These were supposed to be relicensed, but doesn't sound like that happened
>>> 
>>> Or was it corrected that these two files are UoI NCSA licensed?  If these
>>> files are Cat-X I would also vote a -1 since we cannot release with clear
>>> Cat-X contents (we can release with Cat-X dependencies, but the contents 
>>> can't
>>> be Cat-X).
>>> 
>>> Thanks,
>>> 
>>> John
>>> 
>>> On 2018/04/30 11:52:22, Steve Lawrence >> > wrote:
 Hi all,
 
 We are still need at least one more +1. We'd really appreciate if if you
 could take a look.
 
 Thanks,
 - Steve
 
 On 04/09/2018 07:24 PM, Steve Lawrence wrote:
> The Apache Daffodil community has voted and approved the proposed
> release of Apache Daffodil (incubating) 2.1.0-rc3.
> 
> We now

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-05-11 Thread John D. Ament

My understanding is that we have confirmed there are Cat-X files in the
release.  I don't believe we can approve a release going out with known
Cat-X files.

Justin, Dave, thoughts?  I'd be happy to switch my vote if there's a shared
understanding.

John

On Fri, May 11, 2018 at 7:11 AM Steve Lawrence  wrote:

> The only copyrights in LICENSE are related to BSD, W3C, and OGF
> licenses. My understanding is that it is optional to add the copyrights
> of these permissive licenses to the NOTICE [1]. And it's actually
> preferred to not add them so as to keep the NOTICE as small as possible.
> Maybe my understanding of this is wrong?
>
> Regarding RPM diff, I've looked at the RPM vs tgz daffodil jars and the
> internal class files all have the same md5sum. Doing a binary diff, it
> looks like the only differences is the file modification time of the
> class files--the contents are the same. I suspect the sbt plugin
> building our rpm is moving files around or something and changing the
> modification time, even though the file content isn't changing. We'll
> look into this for the next release and see if it's something we can
> fix. These jars really should have the same hash.
>
> The other issues we plan the resolve in the next release.
>
> Thanks,
> - Steve
>
> [1] https://www.apache.org/dev/licensing-howto.html#permissive-deps
>
>
>
> On 05/10/2018 07:42 PM, Dave Fisher wrote:
> > Hi -
> >
> > +1 (binding) with a couple of areas for improvement.
> >
> > Source - hashes and signatures are good.
> >
> > I’m finally reviewing this release and in looking at the NOTICE and
> LICENSE
> > there are many copyrights/required notices that are in the LICENSE
> instead of
> > the NOTICE. Breaking these apart properly is difficult, but needs to be
> done
> > before your next release.
> >
> > RAT Check:
> >
> ./daffodil-lib/src/main/scala/org/apache/daffodil/util/UniquenessCache.scala
> >./daffodil-lib/src/main/scala/passera/numerics/package.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/package.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/SmallUInt.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/UByte.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/UInt.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/ULong.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/Unsigned.scala
> >./daffodil-lib/src/main/scala/passera/unsigned/UShort.scala
> > I recognize that all of these have headers that have been copied to the
> LICENSE.
> >
> > Binaries - hashes and signatures are good.
> > LICENSE and NOTICE are more correct in the Binaries than the Source.
> > Tgz and Zip unpack identical project jars, but for the NPM they are the
> same
> > size but diff reports they are not identical. I’m going to think of this
> as an
> > artifact of how I unpacked rpm2cpio | cpio
> >
> > TO DO:
> > (1) Fix Source NOTICE and LICENSE
> > (2) Handle the 2 test files.
> > (3) Improve Rat Check. Probably by including sbt-rat in project with
> > addSbtPlugin("org.musigma" % "sbt-rat" % "0.5.1”) and updating
> .rat-excludes.
> >
> > Regards,
> > Dave
> >
> >> On May 10, 2018, at 11:39 AM, John D. Ament  >> > wrote:
> >>
> >> Justin/Steve,
> >>
> >> Apologies as its very confusing looking at this email thread trying to
> >> understand what the current state of the vote is.
> >>
> >> From what I understand:
> >>
> >> - Two files were included in the release that are Cat-X
> >> - These were supposed to be relicensed, but doesn't sound like that
> happened
> >>
> >> Or was it corrected that these two files are UoI NCSA licensed?  If
> these
> >> files are Cat-X I would also vote a -1 since we cannot release with
> clear
> >> Cat-X contents (we can release with Cat-X dependencies, but the
> contents can't
> >> be Cat-X).
> >>
> >> Thanks,
> >>
> >> John
> >>
> >> On 2018/04/30 11:52:22, Steve Lawrence  >> > wrote:
> >>> Hi all,
> >>>
> >>> We are still need at least one more +1. We'd really appreciate if if
> you
> >>> could take a look.
> >>>
> >>> Thanks,
> >>> - Steve
> >>>
> >>> On 04/09/2018 07:24 PM, Steve Lawrence wrote:
>  The Apache Daffodil community has voted and approved the proposed
>  release of Apache Daffodil (incubating) 2.1.0-rc3.
> 
>  We now kindly request the Incubator PMC members review and vote on
> this
>  incubator release.
> 
>  Daffodil is an open source implementation of the DFDL specification
> that
>  uses DFDL schemas to parse fixed format data into an infoset, which is
>  most commonly represented as either XML or JSON. This allows the use
> of
>  well-established XML or JSON technologies and libraries to consume,
>  inspect, and manipulate fixed format data in existing solutions.
>  Daffodil is also capable of the reverse by serializing or "unparsing"
> an
>  XML or JSON infoset back to the original data format.
> 
>  Vote thread:
>

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-05-11 Thread Steve Lawrence

The only copyrights in LICENSE are related to BSD, W3C, and OGF
licenses. My understanding is that it is optional to add the copyrights
of these permissive licenses to the NOTICE [1]. And it's actually
preferred to not add them so as to keep the NOTICE as small as possible.
Maybe my understanding of this is wrong?

Regarding RPM diff, I've looked at the RPM vs tgz daffodil jars and the
internal class files all have the same md5sum. Doing a binary diff, it
looks like the only differences is the file modification time of the
class files--the contents are the same. I suspect the sbt plugin
building our rpm is moving files around or something and changing the
modification time, even though the file content isn't changing. We'll
look into this for the next release and see if it's something we can
fix. These jars really should have the same hash.

The other issues we plan the resolve in the next release.

Thanks,
- Steve

[1] https://www.apache.org/dev/licensing-howto.html#permissive-deps

On 05/10/2018 07:42 PM, Dave Fisher wrote:
> Hi -
> 
> +1 (binding) with a couple of areas for improvement.
> 
> Source - hashes and signatures are good.
> 
> I’m finally reviewing this release and in looking at the NOTICE and LICENSE 
> there are many copyrights/required notices that are in the LICENSE instead of 
> the NOTICE. Breaking these apart properly is difficult, but needs to be done 
> before your next release.
> 
> RAT Check:
>
> ./daffodil-lib/src/main/scala/org/apache/daffodil/util/UniquenessCache.scala
>./daffodil-lib/src/main/scala/passera/numerics/package.scala
>./daffodil-lib/src/main/scala/passera/unsigned/package.scala
>./daffodil-lib/src/main/scala/passera/unsigned/SmallUInt.scala
>./daffodil-lib/src/main/scala/passera/unsigned/UByte.scala
>./daffodil-lib/src/main/scala/passera/unsigned/UInt.scala
>./daffodil-lib/src/main/scala/passera/unsigned/ULong.scala
>./daffodil-lib/src/main/scala/passera/unsigned/Unsigned.scala
>./daffodil-lib/src/main/scala/passera/unsigned/UShort.scala
> I recognize that all of these have headers that have been copied to the 
> LICENSE.
> 
> Binaries - hashes and signatures are good.
> LICENSE and NOTICE are more correct in the Binaries than the Source.
> Tgz and Zip unpack identical project jars, but for the NPM they are the same 
> size but diff reports they are not identical. I’m going to think of this as 
> an 
> artifact of how I unpacked rpm2cpio | cpio
> 
> TO DO:
> (1) Fix Source NOTICE and LICENSE
> (2) Handle the 2 test files.
> (3) Improve Rat Check. Probably by including sbt-rat in project with 
> addSbtPlugin("org.musigma" % "sbt-rat" % "0.5.1”) and updating .rat-excludes.
> 
> Regards,
> Dave
> 
>> On May 10, 2018, at 11:39 AM, John D. Ament > > wrote:
>>
>> Justin/Steve,
>>
>> Apologies as its very confusing looking at this email thread trying to 
>> understand what the current state of the vote is.
>>
>> From what I understand:
>>
>> - Two files were included in the release that are Cat-X
>> - These were supposed to be relicensed, but doesn't sound like that happened
>>
>> Or was it corrected that these two files are UoI NCSA licensed?  If these 
>> files are Cat-X I would also vote a -1 since we cannot release with clear 
>> Cat-X contents (we can release with Cat-X dependencies, but the contents 
>> can't 
>> be Cat-X).
>>
>> Thanks,
>>
>> John
>>
>> On 2018/04/30 11:52:22, Steve Lawrence > > wrote:
>>> Hi all,
>>>
>>> We are still need at least one more +1. We'd really appreciate if if you
>>> could take a look.
>>>
>>> Thanks,
>>> - Steve
>>>
>>> On 04/09/2018 07:24 PM, Steve Lawrence wrote:
 The Apache Daffodil community has voted and approved the proposed
 release of Apache Daffodil (incubating) 2.1.0-rc3.

 We now kindly request the Incubator PMC members review and vote on this
 incubator release.

 Daffodil is an open source implementation of the DFDL specification that
 uses DFDL schemas to parse fixed format data into an infoset, which is
 most commonly represented as either XML or JSON. This allows the use of
 well-established XML or JSON technologies and libraries to consume,
 inspect, and manipulate fixed format data in existing solutions.
 Daffodil is also capable of the reverse by serializing or "unparsing" an
 XML or JSON infoset back to the original data format.

 Vote thread:
 https://lists.apache.org/thread.html/10811e8f520bf100a9250a3ae0610633e9018e0ae8fc422e2c0f097a@%3Cdev.daffodil.apache.org%3E

 Result thread:
 https://lists.apache.org/thread.html/54a3e681b25f084e0dc46e19764cd19507ff502b927516093a3bd667@%3Cdev.daffodil.apache.org%3E

 All distribution packages, including signatures, digests, etc. can be
 found at:

 https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/

 Staging artifacts can be found at:

 https://reposito

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-05-10 Thread Dave Fisher

Hi -

+1 (binding) with a couple of areas for improvement.

Source - hashes and signatures are good.

I’m finally reviewing this release and in looking at the NOTICE and LICENSE 
there are many copyrights/required notices that are in the LICENSE instead of 
the NOTICE. Breaking these apart properly is difficult, but needs to be done 
before your next release.

RAT Check:
  ./daffodil-lib/src/main/scala/org/apache/daffodil/util/UniquenessCache.scala
  ./daffodil-lib/src/main/scala/passera/numerics/package.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/package.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/SmallUInt.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/UByte.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/UInt.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/ULong.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/Unsigned.scala
  ./daffodil-lib/src/main/scala/passera/unsigned/UShort.scala
I recognize that all of these have headers that have been copied to the LICENSE.

Binaries - hashes and signatures are good.
LICENSE and NOTICE are more correct in the Binaries than the Source.
Tgz and Zip unpack identical project jars, but for the NPM they are the same 
size but diff reports they are not identical. I’m going to think of this as an 
artifact of how I unpacked rpm2cpio | cpio

TO DO:
(1) Fix Source NOTICE and LICENSE
(2) Handle the 2 test files.
(3) Improve Rat Check. Probably by including sbt-rat in project with 
addSbtPlugin("org.musigma" % "sbt-rat" % "0.5.1”) and updating .rat-excludes.

Regards,
Dave

> On May 10, 2018, at 11:39 AM, John D. Ament  wrote:
> 
> Justin/Steve,
> 
> Apologies as its very confusing looking at this email thread trying to 
> understand what the current state of the vote is.
> 
> From what I understand:
> 
> - Two files were included in the release that are Cat-X
> - These were supposed to be relicensed, but doesn't sound like that happened
> 
> Or was it corrected that these two files are UoI NCSA licensed?  If these 
> files are Cat-X I would also vote a -1 since we cannot release with clear 
> Cat-X contents (we can release with Cat-X dependencies, but the contents 
> can't be Cat-X).
> 
> Thanks,
> 
> John
> 
> On 2018/04/30 11:52:22, Steve Lawrence  wrote:
>> Hi all,
>> 
>> We are still need at least one more +1. We'd really appreciate if if you
>> could take a look.
>> 
>> Thanks,
>> - Steve
>> 
>> On 04/09/2018 07:24 PM, Steve Lawrence wrote:
>>> The Apache Daffodil community has voted and approved the proposed
>>> release of Apache Daffodil (incubating) 2.1.0-rc3.
>>> 
>>> We now kindly request the Incubator PMC members review and vote on this
>>> incubator release.
>>> 
>>> Daffodil is an open source implementation of the DFDL specification that
>>> uses DFDL schemas to parse fixed format data into an infoset, which is
>>> most commonly represented as either XML or JSON. This allows the use of
>>> well-established XML or JSON technologies and libraries to consume,
>>> inspect, and manipulate fixed format data in existing solutions.
>>> Daffodil is also capable of the reverse by serializing or "unparsing" an
>>> XML or JSON infoset back to the original data format.
>>> 
>>> Vote thread:
>>> https://lists.apache.org/thread.html/10811e8f520bf100a9250a3ae0610633e9018e0ae8fc422e2c0f097a@%3Cdev.daffodil.apache.org%3E
>>> 
>>> Result thread:
>>> https://lists.apache.org/thread.html/54a3e681b25f084e0dc46e19764cd19507ff502b927516093a3bd667@%3Cdev.daffodil.apache.org%3E
>>> 
>>> All distribution packages, including signatures, digests, etc. can be
>>> found at:
>>> 
>>> https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/
>>> 
>>> Staging artifacts can be found at:
>>> 
>>> https://repository.apache.org/content/repositories/orgapachedaffodil-1002/
>>> 
>>> This release has been signed with PGP key 033AE661, corresponding to
>>> slawre...@apache.org, which is included in the repository's KEYS file.
>>> This key can be found on keyservers, such as:
>>> 
>>> http://pgp.mit.edu/pks/lookup?op=get&search=0x033AE661
>>> 
>>> It is also listed here:
>>> 
>>> https://people.apache.org/keys/committer/slawrence.asc
>>> 
>>> The release candidate has been tagged in git with v2.1.0-rc3.
>>> 
>>> For reference, here is a list of all closed JIRAs tagged with 2.1.0:
>>> 
>>> https://issues.apache.org/jira/browse/DAFFODIL-1897?jql=project%20%3D%20DAFFODIL%20AND%20fixVersion%20%3D%202.1.0%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC
>>> 
>>> For a summary of the changes in this release, see:
>>> 
>>> https://daffodil.apache.org/releases/2.1.0/
>>> 
>>> Please review and vote. The vote will be open for at least 72 hours.
>>> 
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>> 
>>> Thanks,
>>> - Steve
>>> 
>> 
>> 
>> -
>> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
>> For additional commands, e-mail: genera

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-04-09 Thread Steve Lawrence

The VOTE to release rc3 of Apache Daffodil (incubating) 2.1.0 is now
closed. With a total of +4, and NO -1 votes, the VOTE passes. Overall
vote breakdown is as follows:

+1 Steve Lawrence
+1 Mike Beckerle
+1 Josh Adams
+1 Dave Thompson

Thanks to everyone who voted. I'll open the VOTE thread on the Incubator
general list shortly.

- Steve


On 04/06/2018 08:00 AM, Steve Lawrence wrote:
> Hi all,
> 
> I'd like to call a vote to release Apache Daffodil (incubating) 2.1.0-rc3.
> 
> All distribution packages, including signatures, digests, etc. can be
> found at:
> 
> https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/
> 
> Staging artifacts can be found at:
> 
> https://repository.apache.org/content/repositories/orgapachedaffodil-1002/
> 
> This release has been signed with PGP key 033AE661, corresponding to
> slawre...@apache.org, which is included in the repository's KEYS file.
> This key can be found on keyservers, such as:
> 
> http://pgp.mit.edu/pks/lookup?op=get&search=0x033AE661
> 
> It is also listed here:
> 
> https://people.apache.org/keys/committer/slawrence.asc
> 
> The release candidate has been tagged in git with v2.1.0-rc3.
> 
> For reference, here is a list of all closed JIRAs tagged with 2.1.0:
> 
> https://issues.apache.org/jira/browse/DAFFODIL-1897?jql=project%20%3D%20DAFFODIL%20AND%20fixVersion%20%3D%202.1.0%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC
> 
> For a summary of the changes in this release, see:
> 
> https://daffodil.apache.org/releases/2.1.0/
> 
> Please review and vote. The vote will be open for at least 72 hours.
> 
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
> 
> My vote: +1
> 
> Thanks,
> - Steve
>

RE: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-04-09 Thread Dave Thompson

+1 from me also.

Dave

-Original Message-
From: Steve Lawrence [mailto:slawre...@apache.org] 
Sent: Friday, April 6, 2018 8:01 AM
To: dev@daffodil.apache.org
Subject: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Hi all,

I'd like to call a vote to release Apache Daffodil (incubating) 2.1.0-rc3.

All distribution packages, including signatures, digests, etc. can be found at:

https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/

Staging artifacts can be found at:

https://repository.apache.org/content/repositories/orgapachedaffodil-1002/

This release has been signed with PGP key 033AE661, corresponding to 
slawre...@apache.org, which is included in the repository's KEYS file.
This key can be found on keyservers, such as:

http://pgp.mit.edu/pks/lookup?op=get&search=0x033AE661

It is also listed here:

https://people.apache.org/keys/committer/slawrence.asc

The release candidate has been tagged in git with v2.1.0-rc3.

For reference, here is a list of all closed JIRAs tagged with 2.1.0:

https://issues.apache.org/jira/browse/DAFFODIL-1897?jql=project%20%3D%20DAFFODIL%20AND%20fixVersion%20%3D%202.1.0%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC

For a summary of the changes in this release, see:

https://daffodil.apache.org/releases/2.1.0/

Please review and vote. The vote will be open for at least 72 hours.

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)

My vote: +1

Thanks,
- Steve

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-04-06 Thread Joshua Adams

+1 from me as well.

Josh

On Apr 6, 2018 8:00 AM, Steve Lawrence  wrote:
Hi all,

I'd like to call a vote to release Apache Daffodil (incubating) 2.1.0-rc3.

All distribution packages, including signatures, digests, etc. can be
found at:

https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/

Staging artifacts can be found at:

https://repository.apache.org/content/repositories/orgapachedaffodil-1002/

This release has been signed with PGP key 033AE661, corresponding to
slawre...@apache.org, which is included in the repository's KEYS file.
This key can be found on keyservers, such as:

http://pgp.mit.edu/pks/lookup?op=get&search=0x033AE661

It is also listed here:

https://people.apache.org/keys/committer/slawrence.asc

The release candidate has been tagged in git with v2.1.0-rc3.

For reference, here is a list of all closed JIRAs tagged with 2.1.0:

https://issues.apache.org/jira/browse/DAFFODIL-1897?jql=project%20%3D%20DAFFODIL%20AND%20fixVersion%20%3D%202.1.0%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC

For a summary of the changes in this release, see:

https://daffodil.apache.org/releases/2.1.0/

Please review and vote. The vote will be open for at least 72 hours.

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)

My vote: +1

Thanks,
- Steve

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-04-06 Thread Mike Beckerle

+1 from me.

From: Steve Lawrence 
Sent: Friday, April 6, 2018 8:00:30 AM
To: dev@daffodil.apache.org
Subject: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Hi all,

I'd like to call a vote to release Apache Daffodil (incubating) 2.1.0-rc3.

All distribution packages, including signatures, digests, etc. can be
found at:

https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/

Staging artifacts can be found at:

https://repository.apache.org/content/repositories/orgapachedaffodil-1002/

This release has been signed with PGP key 033AE661, corresponding to
slawre...@apache.org, which is included in the repository's KEYS file.
This key can be found on keyservers, such as:

http://pgp.mit.edu/pks/lookup?op=get&search=0x033AE661

It is also listed here:

https://people.apache.org/keys/committer/slawrence.asc

The release candidate has been tagged in git with v2.1.0-rc3.

For reference, here is a list of all closed JIRAs tagged with 2.1.0:

https://issues.apache.org/jira/browse/DAFFODIL-1897?jql=project%20%3D%20DAFFODIL%20AND%20fixVersion%20%3D%202.1.0%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC

For a summary of the changes in this release, see:

https://daffodil.apache.org/releases/2.1.0/

Please review and vote. The vote will be open for at least 72 hours.

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)

My vote: +1

Thanks,
- Steve

[VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

2018-04-06 Thread Steve Lawrence

Hi all,

I'd like to call a vote to release Apache Daffodil (incubating) 2.1.0-rc3.

All distribution packages, including signatures, digests, etc. can be
found at:

https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.1.0-rc3/

Staging artifacts can be found at:

https://repository.apache.org/content/repositories/orgapachedaffodil-1002/

This release has been signed with PGP key 033AE661, corresponding to
slawre...@apache.org, which is included in the repository's KEYS file.
This key can be found on keyservers, such as:

http://pgp.mit.edu/pks/lookup?op=get&search=0x033AE661

It is also listed here:

https://people.apache.org/keys/committer/slawrence.asc

The release candidate has been tagged in git with v2.1.0-rc3.

For reference, here is a list of all closed JIRAs tagged with 2.1.0:

https://issues.apache.org/jira/browse/DAFFODIL-1897?jql=project%20%3D%20DAFFODIL%20AND%20fixVersion%20%3D%202.1.0%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC

For a summary of the changes in this release, see:

https://daffodil.apache.org/releases/2.1.0/

Please review and vote. The vote will be open for at least 72 hours.

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)

My vote: +1

Thanks,
- Steve

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

RE: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

Re: [VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

[VOTE] Release Apache Daffodil (incubating) 2.1.0-rc3

11 matches

Site Navigation

Mail list logo

Footer information