Re: [VOTE] Release Maven 3.1.1

2013-10-03 Thread Fred Cooke 
+1 even if I'm late to the epic party. Love the sebbaliser, great work, and
sense of humour, Jason! Dislike his lack of enthusiasm for the name. I'd
have bragged about it for years if you'd called it the fredaliser :-)
Unfortunately I am too busy to continue nagging. Good on sebb for picking
up the slack and keeping the pressure on.


On Mon, Sep 30, 2013 at 10:39 PM, Robert Scholte rfscho...@apache.orgwrote:

 +1

 Op Wed, 25 Sep 2013 17:22:45 +0200 schreef Jason van Zyl ja...@tesla.io:


  Anyone else going to give the release a whirl?

 On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:

  Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved
 so I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/**secure/ReleaseNote.jspa?**
 projectId=10500version=18968https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/**content/repositories/maven-**065/https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/**content/repositories/maven-**
 065/org/apache/maven/apache-**maven/3.1.1/https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/**content/repositories/maven-**
 065/org/apache/maven/apache-**maven/3.1.1/apache-maven-3.1.**1-bin.ziphttps://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/**content/repositories/maven-**
 065/org/apache/maven/apache-**maven/3.1.1/apache-maven-3.1.**
 1-bin.tar.gzhttps://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/**content/repositories/maven-**
 065/org/apache/maven/apache-**maven/3.1.1/apache-maven-3.1.**1-src.ziphttps://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/**content/repositories/maven-**
 065/org/apache/maven/apache-**maven/3.1.1/apache-maven-3.1.**
 1-src.tar.gzhttps://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b**
 72cd57ed4d

 Staging site:
 http://people.apache.org/~**jvanzyl/maven-3.1.1/http://people.apache.org/~jvanzyl/maven-3.1.1/

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team
 Thanks,







 Thanks,

 Jason

 --**
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 --**---







 --**--**-
 To unsubscribe, e-mail: 
 dev-unsubscribe@maven.apache.**orgdev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-30 Thread Hervé BOUTEMY 
+1

Regards,

Hervé

Le mercredi 25 septembre 2013 08:22:45 Jason van Zyl a écrit :
 Anyone else going to give the release a whirl?
 
 On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:
  Hi,
  
  Maven Core ITs are good, and the license/notice issue has been resolved so
  I'm rolling 3.1.1 again.
  
  Here is a link to Jira with 6 issues resolved:
  https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=
  18968
  
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
  
  The distributable binaries and sources for testing can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache/ma
  ven/apache-maven/3.1.1/
  
  Specifically the zip, tarball, and source archives can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache/ma
  ven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  aven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  aven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  aven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
  
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
  
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
  
  Vote open for 72 hours.
  
  [ ] +1
  [ ] +0
  [ ] -1
  
  Thanks,
  
  The Maven Team
  Thanks,
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-30 Thread Robert Scholte 

+1

Op Wed, 25 Sep 2013 17:22:45 +0200 schreef Jason van Zyl ja...@tesla.io:


Anyone else going to give the release a whirl?

On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:


Hi,

Maven Core ITs are good, and the license/notice issue has been resolved  
so I'm rolling 3.1.1 again.


Here is a link to Jira with 6 issues resolved:
https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

Staging repo:
https://repository.apache.org/content/repositories/maven-065/

The distributable binaries and sources for testing can be found here:
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

Specifically the zip, tarball, and source archives can be found here:
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

Source release checksum(s):
apache-maven-3.1.1-src.zip sha1:  
2251357aa47129674df578e787504b72cd57ed4d


Staging site:
http://people.apache.org/~jvanzyl/maven-3.1.1/

Vote open for 72 hours.

[ ] +1
[ ] +0
[ ] -1

Thanks,

The Maven Team
Thanks,








Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-26 Thread Wayne Fay 
+1 binding
Finally gave it a shot last night after your reminder email, works
well on various projects I tested it with.

Wayne

On Wed, Sep 25, 2013 at 5:22 PM, Jason van Zyl ja...@tesla.io wrote:
 Anyone else going to give the release a whirl?

 On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d

 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team
 Thanks,







 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-26 Thread Tamás Cservenák 
+1 tried on Nexus builds (with modded nx plugin in build, that updates
Aether to Eclipse one).


On Thu, Sep 26, 2013 at 8:21 AM, Wayne Fay wayne...@gmail.com wrote:

 +1 binding
 Finally gave it a shot last night after your reminder email, works
 well on various projects I tested it with.

 Wayne

 On Wed, Sep 25, 2013 at 5:22 PM, Jason van Zyl ja...@tesla.io wrote:
  Anyone else going to give the release a whirl?
 
  On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:
 
  Hi,
 
  Maven Core ITs are good, and the license/notice issue has been resolved
 so I'm rolling 3.1.1 again.
 
  Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
 
  The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
  Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1:
 2251357aa47129674df578e787504b72cd57ed4d
 
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
 
  Vote open for 72 hours.
 
  [ ] +1
  [ ] +0
  [ ] -1
 
  Thanks,
 
  The Maven Team
  Thanks,
 
 
 
 
 
 
 
  Thanks,
 
  Jason
 
  --
  Jason van Zyl
  Founder,  Apache Maven
  http://twitter.com/jvanzyl
  -
 
 
 
 
 
 
 

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-26 Thread jieryn 
Greetings,

On Wed, Sep 25, 2013 at 11:05 PM, Jason van Zyl ja...@tesla.io wrote:
 Does 3.1.0 not display this behaviour?

 On Sep 25, 2013, at 6:41 PM, jieryn jie...@gmail.com wrote:
 Archive for required library:
 '$HOME/.m2/repository/$GROUPID/$ARTIFACTID/$VERSION/$FINALNAME.jar' in
 project 'test' cannot be read or is not a valid ZIP file

We've run about 2000 builds on Jenkins using 3.1.0 and none have
failed in that manner. On my workstation, where I am seeing the
problem, I have run perhaps thousands of builds using 3.1.0 and I
don't remember seeing the problem..

Other folks are reporting these errors on the Apache Archiva mailing
lists. However, without any evidence to support it, I do not think it
is immediately an Archiva problem--I think it is 3.1.1. Given how
seldom I have seen it, and how easy it is to fix after the fact (just
rm -rf $(dirname $bad.jar)) maybe the best thing to flush out this one
is to complete 3.1.1 release.

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-26 Thread Kristian Rosenvold 
Did you/can you check the contents of the bad jars ?

Kristian

2013/9/26 jieryn jie...@gmail.com:
 Greetings,

 On Wed, Sep 25, 2013 at 11:05 PM, Jason van Zyl ja...@tesla.io wrote:
 Does 3.1.0 not display this behaviour?

 On Sep 25, 2013, at 6:41 PM, jieryn jie...@gmail.com wrote:
 Archive for required library:
 '$HOME/.m2/repository/$GROUPID/$ARTIFACTID/$VERSION/$FINALNAME.jar' in
 project 'test' cannot be read or is not a valid ZIP file

 We've run about 2000 builds on Jenkins using 3.1.0 and none have
 failed in that manner. On my workstation, where I am seeing the
 problem, I have run perhaps thousands of builds using 3.1.0 and I
 don't remember seeing the problem..

 Other folks are reporting these errors on the Apache Archiva mailing
 lists. However, without any evidence to support it, I do not think it
 is immediately an Archiva problem--I think it is 3.1.1. Given how
 seldom I have seen it, and how easy it is to fix after the fact (just
 rm -rf $(dirname $bad.jar)) maybe the best thing to flush out this one
 is to complete 3.1.1 release.

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-25 Thread Jason van Zyl 
Anyone else going to give the release a whirl?

On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-25 Thread Kristian Rosenvold 
+1
Den 25. sep. 2013 17:23 skrev Jason van Zyl ja...@tesla.io følgende:

 Anyone else going to give the release a whirl?

 On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:

  Hi,
 
  Maven Core ITs are good, and the license/notice issue has been resolved
 so I'm rolling 3.1.1 again.
 
  Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
 
  The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
  Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
 
  Vote open for 72 hours.
 
  [ ] +1
  [ ] +0
  [ ] -1
 
  Thanks,
 
  The Maven Team
  Thanks,
 
 
 
 
 
 

 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -

Re: [VOTE] Release Maven 3.1.1

2013-09-25 Thread Hervé BOUTEMY 
I didn't have any problem in my tests

but the release reference documentation staging is still missing: I tried to 
continue helping on IRC, but couldn't get in touch with you thses last 2 days
Tell me if anything prevents you from publishing the doc

Regards,

Hervé

Le mercredi 25 septembre 2013 08:22:45 Jason van Zyl a écrit :
 Anyone else going to give the release a whirl?
 
 On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:
  Hi,
  
  Maven Core ITs are good, and the license/notice issue has been resolved so
  I'm rolling 3.1.1 again.
  
  Here is a link to Jira with 6 issues resolved:
  https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=
  18968
  
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
  
  The distributable binaries and sources for testing can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache/ma
  ven/apache-maven/3.1.1/
  
  Specifically the zip, tarball, and source archives can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache/ma
  ven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  aven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  aven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  aven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
  
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
  
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
  
  Vote open for 72 hours.
  
  [ ] +1
  [ ] +0
  [ ] -1
  
  Thanks,
  
  The Maven Team
  Thanks,
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-25 Thread Mark Derricutt 
For the record - +1 Non Binding after I fixed my broken .m2 :)

Lets roll this baby!

On 26/09/2013, at 3:22 AM, Jason van Zyl ja...@tesla.io wrote:

 Anyone else going to give the release a whirl?

-- Mark Derricutt ( m...@talios.com )
 — twitter: https://twitter.com/talios
 — podcast: http://www.illegalargument.com
 — blog: http://www.theoryinpractice.net
 — google+: http://gplus.to/talios



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [VOTE] Release Maven 3.1.1

2013-09-25 Thread jieryn 
Greetings,

On Sun, Sep 8, 2013 at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

I can not definitively say that this is because of Apache Maven 3.1.1,
but I'm seeing something strange with builds since using it widely.
I'm seeing errors of the type:

Archive for required library:
'$HOME/.m2/repository/$GROUPID/$ARTIFACTID/$VERSION/$FINALNAME.jar' in
project 'test' cannot be read or is not a valid ZIP file

Where I've replaced the real contents with standard $variables,
because it is happening for many artifacts. I use Apache Archiva
1.4-M4, but nothing has changed on that side. The only other variable
I can conceive is that sometimes I am fetching all artifacts through
the corporate Apache Archiva, and other times directly from Maven
central.

Any ideas?

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-25 Thread Jason van Zyl 
Does 3.1.0 not display this behaviour?

On Sep 25, 2013, at 6:41 PM, jieryn jie...@gmail.com wrote:

 Greetings,
 
 On Sun, Sep 8, 2013 at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 I can not definitively say that this is because of Apache Maven 3.1.1,
 but I'm seeing something strange with builds since using it widely.
 I'm seeing errors of the type:
 
 Archive for required library:
 '$HOME/.m2/repository/$GROUPID/$ARTIFACTID/$VERSION/$FINALNAME.jar' in
 project 'test' cannot be read or is not a valid ZIP file
 
 Where I've replaced the real contents with standard $variables,
 because it is happening for many artifacts. I use Apache Archiva
 1.4-M4, but nothing has changed on that side. The only other variable
 I can conceive is that sometimes I am fetching all artifacts through
 the corporate Apache Archiva, and other times directly from Maven
 central.
 
 Any ideas?
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-22 Thread Mark Derricutt 
On 22/09/2013, at 9:28 AM, Jason van Zyl ja...@tesla.io wrote:

 A check is performed to ensure that each file in the source archive is 
 present in the release revision 

Should that not be the other way around? That every file in the git clone 
should be in the source archive?  Or vice versa, that should be neither more, 
or less files?

Mark

--
Mark Derricutt — twitter — podcast — blog — google+



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [VOTE] Release Maven 3.1.1

2013-09-22 Thread sebb 
On 22 September 2013 08:13, Mark Derricutt m...@talios.com wrote:
 On 22/09/2013, at 9:28 AM, Jason van Zyl ja...@tesla.io wrote:

 A check is performed to ensure that each file in the source archive is
 present in the release revision


 Should that not be the other way around? That every file in the git clone
 should be in the source archive?  Or vice versa, that should be neither
 more, or less files?

The point of checking the source archive against the SCM tag is to
ensure that all the files in the source release have got the correct
license clearance.
It is assumed that license conditions are checked when content is
added to SCM, because that is in the CLA signed by committers.

If there are files in the SCM tag that are not in the source release,
that is generally not a problem as far as licensing is concerned
(thought it's possible that the NOTICE/LICENSE files might need
adjusting to take account of the missing files).

Of course the missing files may be important for the functioning of
the code - that is a separate matter.

Ideally the two file sets agree, with the possible exception of some
files that only belong in SCM, e.g. .gitignore is not needed in the
source archive, and it does not make much sense to release a DOAP
file. There may be some other SCM-only files. But I agree any
discrepancies need to be investigated.

 Mark

 --
 Mark Derricutt — twitter — podcast — blog — google+


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-22 Thread sebb 
On 22 September 2013 05:03, Jason van Zyl ja...@tesla.io wrote:

 On Sep 21, 2013, at 7:44 PM, sebb seb...@gmail.com wrote:

 On 22 September 2013 03:09, Jason van Zyl ja...@tesla.io wrote:
 On Sep 21, 2013, at 6:16 PM, sebb seb...@gmail.com wrote:

 On 21 September 2013 23:09, Jason van Zyl ja...@tesla.io wrote:

 It would still be automated.
 However the source data would come form the vote e-mail, which makes
 more sense to me.


 If it were generated I would agree. Manually making an email is not 
 automated or consistent.

 I don't care how the e-mail is created; it can be automated.

 What matters is that the content is understandable and complete.


 Ok, then we agree. We should try to keep the vote email threads for the 
 votes. I think what you asked for was the impetus for the tool I made and it 
 helped do a more complete audit than I've ever done manually. But the SCM 
 coordinates are not a requirement for the release email currently and if 
 we're going to discuss that then we probably shouldn't hijack the vote 
 threads which we both just did.

I don't believe it's hijacking the vote e-mail to point out that it is
missing vital information.
But the subsequent discussion has certainly veered off-topic.

 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-22 Thread Ralph Goers 


Sent from my iPad

 On Sep 22, 2013, at 4:41 PM, sebb seb...@gmail.com wrote:
 
 On 22 September 2013 05:03, Jason van Zyl ja...@tesla.io wrote:
 
 On Sep 21, 2013, at 7:44 PM, sebb seb...@gmail.com wrote:
 
 On 22 September 2013 03:09, Jason van Zyl ja...@tesla.io wrote:
 On Sep 21, 2013, at 6:16 PM, sebb seb...@gmail.com wrote:
 
 On 21 September 2013 23:09, Jason van Zyl ja...@tesla.io wrote:
 
 It would still be automated.
 However the source data would come form the vote e-mail, which makes
 more sense to me.
 
 If it were generated I would agree. Manually making an email is not 
 automated or consistent.
 
 I don't care how the e-mail is created; it can be automated.
 
 What matters is that the content is understandable and complete.
 
 Ok, then we agree. We should try to keep the vote email threads for the 
 votes. I think what you asked for was the impetus for the tool I made and it 
 helped do a more complete audit than I've ever done manually. But the SCM 
 coordinates are not a requirement for the release email currently and if 
 we're going to discuss that then we probably shouldn't hijack the vote 
 threads which we both just did.
 
 I don't believe it's hijacking the vote e-mail to point out that it is
 missing vital information.
 But the subsequent discussion has certainly veered off-topic.

It is if the topic has been discussed before on other vote threads and/or the 
PMC has made a decision about what is required and it is not in conflict with 
any ASF published policy. If you believe the PMC is in error than as an ASF 
member you are free to bring that topic up on the PMC list or as a separate 
thread here.  Bringing it up on every vote thread borders on trolling IMO, even 
if you are 100% correct in what you believe should be done.

Ralph
-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread Jason van Zyl 
You will now be infamous :-)

https://github.com/jvanzyl/sebbalizer

If you don't like the name, happy to change it. I thought it was appropriate 
and meant as a compliment for being thorough.

With a given staging URL, groupId, artifact, and version it will retrieve the 
source archive, and binary archive and the corresponding SHA1s and validates 
the SHA1s are right. It unpacks both the archives, digs into the binary archive 
to find the maven-core JAR to retrieve the build.properties which contains the 
SHA1 of the release revision from which the source archive was made. A git 
clone is performed and moved to the release revision. A check is performed to 
ensure that each file in the source archive is present in the release revision 
and that the SHA1 of the each file in the source archive matches the SHA1 of 
the file from the corresponding release revision.

So for this release using the Sebbalizer I only found the DEPENDENCIES file to 
not exist in the release revision, every other file I consider valid and 
verified. I believe that for this release no errant files slipped in and it's 
good. 

People should review the code. I spent an hour on this by yanking a bunch of 
stuff together so it might very well have errors. I have one hardcoded url for 
the Git repository but I'll pull that out of the POM and then hopefully it can 
be used generally to validate source archives for releases. 

On Sep 20, 2013, at 5:40 PM, sebb seb...@gmail.com wrote:

 On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 The full scm coordinates are needed.
 The pom includes the git URL and tag, but that is not immutable.
 Exactly the same tag was used for the previous vote.
 
 To identify the source archive uniquely, additional info such as a
 hash is needed, so the hash is now included in the vote e-mail.
 The same applies to the SCM tag.
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 
 
 
 
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread sebb 
On 21 September 2013 22:28, Jason van Zyl ja...@tesla.io wrote:
 You will now be infamous :-)

 https://github.com/jvanzyl/sebbalizer

 If you don't like the name, happy to change it. I thought it was appropriate 
 and meant as a compliment for being thorough.

Thanks, but no thanks.
Sorry, but I don't like the association.

 With a given staging URL, groupId, artifact, and version it will retrieve the 
 source archive, and binary archive and the corresponding SHA1s and validates 
 the SHA1s are right. It unpacks both the archives, digs into the binary 
 archive to find the maven-core JAR to retrieve the build.properties which 
 contains the SHA1 of the release revision from which the source archive was 
 made. A git clone is performed and moved to the release revision. A check is 
 performed to ensure that each file in the source archive is present in the 
 release revision and that the SHA1 of the each file in the source archive 
 matches the SHA1 of the file from the corresponding release revision.

 So for this release using the Sebbalizer I only found the DEPENDENCIES file 
 to not exist in the release revision, every other file I consider valid and 
 verified. I believe that for this release no errant files slipped in and it's 
 good.

 People should review the code. I spent an hour on this by yanking a bunch of 
 stuff together so it might very well have errors. I have one hardcoded url 
 for the Git repository but I'll pull that out of the POM and then hopefully 
 it can be used generally to validate source archives for releases.

The general procedure seems fine, but the SCM coordinates still need
to be in the release vote in order to tie everything together for the
release vote, and for the historical record.

Rather than pick out the details from the maven-core jar, the
information should be taken from the release vote e-mail.
That can then be used to ensure that the artifacts match the release
vote, and that the sources match the SCM tag.
The build.properties entry should be checked to ensure it is the same
as the value from the release vote mail.

 On Sep 20, 2013, at 5:40 PM, sebb seb...@gmail.com wrote:

 On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d

 The full scm coordinates are needed.
 The pom includes the git URL and tag, but that is not immutable.
 Exactly the same tag was used for the previous vote.

 To identify the source archive uniquely, additional info such as a
 hash is needed, so the hash is now included in the vote e-mail.
 The same applies to the SCM tag.

 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team
 Thanks,







 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread Jason van Zyl 

On Sep 21, 2013, at 2:51 PM, sebb seb...@gmail.com wrote:

 On 21 September 2013 22:28, Jason van Zyl ja...@tesla.io wrote:
 You will now be infamous :-)
 
 https://github.com/jvanzyl/sebbalizer
 
 If you don't like the name, happy to change it. I thought it was appropriate 
 and meant as a compliment for being thorough.
 
 Thanks, but no thanks.
 Sorry, but I don't like the association.
 

No problem.

https://github.com/jvanzyl/source-release-validator

 With a given staging URL, groupId, artifact, and version it will retrieve 
 the source archive, and binary archive and the corresponding SHA1s and 
 validates the SHA1s are right. It unpacks both the archives, digs into the 
 binary archive to find the maven-core JAR to retrieve the build.properties 
 which contains the SHA1 of the release revision from which the source 
 archive was made. A git clone is performed and moved to the release 
 revision. A check is performed to ensure that each file in the source 
 archive is present in the release revision and that the SHA1 of the each 
 file in the source archive matches the SHA1 of the file from the 
 corresponding release revision.
 
 So for this release using the Sebbalizer I only found the DEPENDENCIES file 
 to not exist in the release revision, every other file I consider valid and 
 verified. I believe that for this release no errant files slipped in and 
 it's good.
 
 People should review the code. I spent an hour on this by yanking a bunch of 
 stuff together so it might very well have errors. I have one hardcoded url 
 for the Git repository but I'll pull that out of the POM and then hopefully 
 it can be used generally to validate source archives for releases.
 
 The general procedure seems fine, but the SCM coordinates still need
 to be in the release vote in order to tie everything together for the
 release vote, and for the historical record.
 
 Rather than pick out the details from the maven-core jar, the
 information should be taken from the release vote e-mail.

No, I think an automated way is better. As part of the release the release 
revision should be made available for use in the email.

 That can then be used to ensure that the artifacts match the release
 vote, and that the sources match the SCM tag.
 The build.properties entry should be checked to ensure it is the same
 as the value from the release vote mail.

I want to go in the direction of automation and to generate this as part of the 
release so it will contain the revision. Going from a manually generated email 
is not a good solution. I can see the need for a secondary reference but I'm 
going to fully automate it. If I turn this tool into a Nexus Plugin I can 
potentially just generate the email. 

At any rate, I understand your concern to make sure there are no errant files 
and I believe this tool addresses those concerns. I think at this point with 
this it's not really necessary to put the release revision in the email 
template but that's for the PMC to decide. I'll continue to use the official 
template but I will also run this tool as part of the core releases.

 
 On Sep 20, 2013, at 5:40 PM, sebb seb...@gmail.com wrote:
 
 On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 The full scm coordinates are needed.
 The pom includes the git URL and tag, but that is not immutable.
 Exactly the same tag was used for the previous vote.
 
 To identify the source archive uniquely, additional info such as a
 hash is needed, so the hash is now included in the vote e-mail.
 The same applies to the SCM tag.
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 
 
 
 
 
 
 -
 To

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread Jason van Zyl 
+1

---

Analyzing source release validity...

stagingUrl: https://repository.apache.org/content/repositories/maven-065
groupId: org.apache.maven
artifactId: apache-maven
version: 3.1.1

Source ZIP url exists.
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip

Source ZIP SHA1 url exists.
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip.sha1

Binary ZIP url exists.
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

Binary ZIP SHA1 url exists.
https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip.sha1

Calculated SHA1 of source ZIP matches published SHA1 of source ZIP.
2251357aa47129674df578e787504b72cd57ed4d

Calculated SHA1 of binary ZIP matches published SHA1 of binary ZIP.
8416a8f07f9bd36bbc775eaddda0693a35937fe9

LICENSE file is present in the source distribution.
NOTICE file is present in the source distribution.

LICENSE file is present in the binary distribution.
NOTICE file is present in the binary distribution.

Git revision of release as determined from 
maven-core-3.1.1.jar:org/apache/maven/messages/build.properties(buildNumber):
0728685237757ffbf44136acec0402957f723d9a

All files in source distribution have been found in the release revision 
(taking into account acceptable exclusions).

On Sep 17, 2013, at 8:39 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread sebb 
On 21 September 2013 23:09, Jason van Zyl ja...@tesla.io wrote:

 On Sep 21, 2013, at 2:51 PM, sebb seb...@gmail.com wrote:

 On 21 September 2013 22:28, Jason van Zyl ja...@tesla.io wrote:
 You will now be infamous :-)

 https://github.com/jvanzyl/sebbalizer

 If you don't like the name, happy to change it. I thought it was 
 appropriate and meant as a compliment for being thorough.

 Thanks, but no thanks.
 Sorry, but I don't like the association.


 No problem.

 https://github.com/jvanzyl/source-release-validator

Thanks.

 With a given staging URL, groupId, artifact, and version it will retrieve 
 the source archive, and binary archive and the corresponding SHA1s and 
 validates the SHA1s are right. It unpacks both the archives, digs into the 
 binary archive to find the maven-core JAR to retrieve the build.properties 
 which contains the SHA1 of the release revision from which the source 
 archive was made. A git clone is performed and moved to the release 
 revision. A check is performed to ensure that each file in the source 
 archive is present in the release revision and that the SHA1 of the each 
 file in the source archive matches the SHA1 of the file from the 
 corresponding release revision.

 So for this release using the Sebbalizer I only found the DEPENDENCIES file 
 to not exist in the release revision, every other file I consider valid and 
 verified. I believe that for this release no errant files slipped in and 
 it's good.

 People should review the code. I spent an hour on this by yanking a bunch 
 of stuff together so it might very well have errors. I have one hardcoded 
 url for the Git repository but I'll pull that out of the POM and then 
 hopefully it can be used generally to validate source archives for releases.

 The general procedure seems fine, but the SCM coordinates still need
 to be in the release vote in order to tie everything together for the
 release vote, and for the historical record.

 Rather than pick out the details from the maven-core jar, the
 information should be taken from the release vote e-mail.

 No, I think an automated way is better.

It would still be automated.
However the source data would come form the vote e-mail, which makes
more sense to me.

 As part of the release the release revision should be made available for use 
 in the email.

I agree the release revision needs to be part of the e-mail; that is
what I have been requesting all along.

 That can then be used to ensure that the artifacts match the release
 vote, and that the sources match the SCM tag.
 The build.properties entry should be checked to ensure it is the same
 as the value from the release vote mail.

 I want to go in the direction of automation and to generate this as part of 
 the release so it will contain the revision.

+1

 Going from a manually generated email is not a good solution.

I disagree; so long as the e-mail has a reasonably standard format, it
should be easy enough to extract the data to to the checks.

 I can see the need for a secondary reference but I'm going to fully automate 
 it.

It's not a secondary reference.
The vote e-mail is the primary reference.

 If I turn this tool into a Nexus Plugin I can potentially just generate the 
 email.

Again, I think that's backwards.

The point is that any reviewer needs to be able to check the release.

 At any rate, I understand your concern to make sure there are no errant files 
 and I believe this tool addresses those concerns.

The problem is that without the SCM coordinates it's not possible for
a reviewer to independently check the source contents.
They may use your tool to do so, or they may use other methods; that
is up to them.
The point is that it must be possible to independently audit the source release.

The vote e-mail chain is the official means by which releases are sanctioned.
Therefore the vote e-mail needs to contain all the required
information; it should not be necessary for the reviewer to go digging
for the information.

 I think at this point with this it's not really necessary to put the release 
 revision in the email template but that's for the PMC to decide. I'll 
 continue to use the official template but I will also run this tool as part 
 of the core releases.


 On Sep 20, 2013, at 5:40 PM, sebb seb...@gmail.com wrote:

 On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved 
 so I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread Jason van Zyl 
On Sep 21, 2013, at 6:16 PM, sebb seb...@gmail.com wrote:

 On 21 September 2013 23:09, Jason van Zyl ja...@tesla.io wrote:
 
 It would still be automated.
 However the source data would come form the vote e-mail, which makes
 more sense to me.
 

If it were generated I would agree. Manually making an email is not automated 
or consistent.

 As part of the release the release revision should be made available for use 
 in the email.
 
 I agree the release revision needs to be part of the e-mail; that is
 what I have been requesting all along.
 
 That can then be used to ensure that the artifacts match the release
 vote, and that the sources match the SCM tag.
 The build.properties entry should be checked to ensure it is the same
 as the value from the release vote mail.
 
 I want to go in the direction of automation and to generate this as part of 
 the release so it will contain the revision.
 
 +1
 
 Going from a manually generated email is not a good solution.
 
 I disagree; so long as the e-mail has a reasonably standard format, it
 should be easy enough to extract the data to to the checks.

Well, we'll just agree to disagree. Nothing made by a human is never going to 
be as consistent as an automated process. If I can get the sha1 for the release 
in an automated way, I'm not going to cut and paste it from somewhere. I 
already grabbed the wrong one already in one of the releases. There is no way 
you're going to convince me that once a tool has been validated to yield the 
correct information that making a manual email is better.

 
 I can see the need for a secondary reference but I'm going to fully automate 
 it.
 
 It's not a secondary reference.
 The vote e-mail is the primary reference.
 
 If I turn this tool into a Nexus Plugin I can potentially just generate the 
 email.
 
 Again, I think that's backwards.
 
 The point is that any reviewer needs to be able to check the release.
 
 At any rate, I understand your concern to make sure there are no errant 
 files and I believe this tool addresses those concerns.
 
 The problem is that without the SCM coordinates it's not possible for
 a reviewer to independently check the source contents.
 They may use your tool to do so, or they may use other methods; that
 is up to them.
 The point is that it must be possible to independently audit the source 
 release.
 

You have the SCM coordinates now. Is the issue not addressed with the tool I 
made? There is no way that you will be able manually review the release as 
accurately as the tool. You think it's useful to go file by file and manually 
check all the files? That you are going to do it consistently and accurately 
without tooling? If you want to, all the information will be there in the 
releases I do from now on from the report I'm generating and it's accurate and 
not susceptible to my cut/paste errors.

If from the staging process the email is emitted along with the report then you 
can do anything manually you wish but everything to that point will have been 
created in a consistent, repeatable way that can be performed by someone else 
(at least when I'm done).

 The vote e-mail chain is the official means by which releases are sanctioned.

I have no issue sending an email.

 Therefore the vote e-mail needs to contain all the required
 information; it should not be necessary for the reviewer to go digging
 for the information.
 

Are you manually going to go through each of our releases file by file? If you 
are I will ask to put the revision in the template. After looking, and making 
the tool I don't think it's necessary. But if you are going to use no tooling 
and essentially do what I automated I will ask to add the source revision in 
the email. If this is for a theoretical reviewer who may want to do it, then I 
honestly don't think it's useful or necessary.

 
 On Sep 20, 2013, at 5:40 PM, sebb seb...@gmail.com wrote:
 
 On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved 
 so I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread sebb 
On 22 September 2013 03:09, Jason van Zyl ja...@tesla.io wrote:
 On Sep 21, 2013, at 6:16 PM, sebb seb...@gmail.com wrote:

 On 21 September 2013 23:09, Jason van Zyl ja...@tesla.io wrote:

 It would still be automated.
 However the source data would come form the vote e-mail, which makes
 more sense to me.


 If it were generated I would agree. Manually making an email is not automated 
 or consistent.

I don't care how the e-mail is created; it can be automated.

What matters is that the content is understandable and complete.

 As part of the release the release revision should be made available for 
 use in the email.

 I agree the release revision needs to be part of the e-mail; that is
 what I have been requesting all along.

 That can then be used to ensure that the artifacts match the release
 vote, and that the sources match the SCM tag.
 The build.properties entry should be checked to ensure it is the same
 as the value from the release vote mail.

 I want to go in the direction of automation and to generate this as part of 
 the release so it will contain the revision.

 +1

 Going from a manually generated email is not a good solution.

 I disagree; so long as the e-mail has a reasonably standard format, it
 should be easy enough to extract the data to to the checks.

 Well, we'll just agree to disagree. Nothing made by a human is never going to 
 be as consistent as an automated process.

I did not say that.
However if a human uses an email template (as at present) the result
should be sufficiently consistent that parsing would not be too
difficult.

 If I can get the sha1 for the release in an automated way, I'm not going to 
 cut and paste it from somewhere. I already grabbed the wrong one already in 
 one of the releases. There is no way you're going to convince me that once a 
 tool has been validated to yield the correct information that making a manual 
 email is better.

Again, I don't care how the e-mail is created, so long as it contains
all the required information in a readable format.


 I can see the need for a secondary reference but I'm going to fully 
 automate it.

 It's not a secondary reference.
 The vote e-mail is the primary reference.

 If I turn this tool into a Nexus Plugin I can potentially just generate the 
 email.

 Again, I think that's backwards.

 The point is that any reviewer needs to be able to check the release.

 At any rate, I understand your concern to make sure there are no errant 
 files and I believe this tool addresses those concerns.

 The problem is that without the SCM coordinates it's not possible for
 a reviewer to independently check the source contents.
 They may use your tool to do so, or they may use other methods; that
 is up to them.
 The point is that it must be possible to independently audit the source 
 release.


 You have the SCM coordinates now.

I'm not sure what you mean by that.

 Is the issue not addressed with the tool I made?

Does the tool ensure that the SCM coordinates are included in the vote email?

 There is no way that you will be able manually review the release as 
 accurately as the tool.

When I review a release I don't only check files and sigs and hashes.
I use a combination of tools and visual inspection.
Sometimes the inspection turns up oddities that can then be added to
the automated tooling.

 You think it's useful to go file by file and manually check all the files?

No, but it can pay to inspect some files.

 That you are going to do it consistently and accurately without tooling?

No, I never said that.

 If you want to, all the information will be there in the releases I do from 
 now on from the report I'm generating and it's accurate and not susceptible 
 to my cut/paste errors.

So long as the required information is in the vote e-mail, that's all I require.

 If from the staging process the email is emitted along with the report then 
 you can do anything manually you wish but everything to that point will have 
 been created in a consistent, repeatable way that can be performed by someone 
 else (at least when I'm done).

I'll just point out that there have been several plugin releases using
the standard release process that added errant files to the source
archive.
Which is one reason why independent audits are needed.

 The vote e-mail chain is the official means by which releases are sanctioned.

 I have no issue sending an email.

 Therefore the vote e-mail needs to contain all the required
 information; it should not be necessary for the reviewer to go digging
 for the information.


 Are you manually going to go through each of our releases file by file?

No, but I may inspect some files.

 If you are I will ask to put the revision in the template.

Thanks, that's part of what I'm asking; the SCM URL is also needed.

 After looking, and making the tool I don't think it's necessary.

You seem to be missing the point that the vote e-mail should be
capable of independent audit.
And should contain

Re: [VOTE] Release Maven 3.1.1

2013-09-21 Thread Jason van Zyl 

On Sep 21, 2013, at 7:44 PM, sebb seb...@gmail.com wrote:

 On 22 September 2013 03:09, Jason van Zyl ja...@tesla.io wrote:
 On Sep 21, 2013, at 6:16 PM, sebb seb...@gmail.com wrote:
 
 On 21 September 2013 23:09, Jason van Zyl ja...@tesla.io wrote:
 
 It would still be automated.
 However the source data would come form the vote e-mail, which makes
 more sense to me.
 
 
 If it were generated I would agree. Manually making an email is not 
 automated or consistent.
 
 I don't care how the e-mail is created; it can be automated.
 
 What matters is that the content is understandable and complete.
 

Ok, then we agree. We should try to keep the vote email threads for the votes. 
I think what you asked for was the impetus for the tool I made and it helped do 
a more complete audit than I've ever done manually. But the SCM coordinates are 
not a requirement for the release email currently and if we're going to discuss 
that then we probably shouldn't hijack the vote threads which we both just did.

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-20 Thread sebb 
On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d

The full scm coordinates are needed.
The pom includes the git URL and tag, but that is not immutable.
Exactly the same tag was used for the previous vote.

To identify the source archive uniquely, additional info such as a
hash is needed, so the hash is now included in the vote e-mail.
The same applies to the SCM tag.

 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team
 Thanks,







-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Mark Derricutt 
After some experimentation I still couldn't detect any errors showing up, 
however, I did remember I noticed some strange anomalies after using 
dependency:purge-local-repository the other day - where that goal seems to 
delete all the local artifacts, doesn't clean up any of the meta-data files in 
the .m2 repository, which triggers problems with version range based builds ( 
such as my integration build here ) when metadata exists for files that don't.

After I rm -rf'd my entire .m2/repository/mygroupidhere directory and watched 
maven download 400 odd pom versions everything seemed to work fine.

So I suspect this is more an issue with the dependency plugin trashing things 
more than aether, but maybe aether could be more graceful around broken 
metadata. If I get some time in the morning/weekend I'll see if I can setup a 
broken ./m2 setup and a test project to reproduce.

--
Mark Derricutt — twitter — podcast — blog — google+

On 19/09/2013, at 1:09 PM, Jason van Zyl ja...@tesla.io wrote:

 If you can reproduce it in a stand-alone example I can track it down. Or if 
 it's an OSS project I'll take a look.



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Jason van Zyl 
Are you just manually copying that or is there an option on the CMS to make the 
staging site?

On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:

 I didn't have time to test this release for the moment
 
 but I updated a few days ago Maven core release instructions [1] to stage 
 core 
 reference documentation:
 http://maven.apache.org/ref/3-LATEST/
 Actual state is the staging from previous release vote: it should be updated 
 from actual tag, but I don't have time for the moment
 
 Please take a few minutes to run the commands from your release directory.
 
 Regards,
 
 Hervé
 
 [1] 
 http://maven.apache.org/developers/release/maven-core-release.html#Stage_the_Latest_Documentation
 
 Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18
 968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Stephen Connolly 
Jason, are you going to cast your vote on this?


On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:

 Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved so
 I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:

 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:

 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:

 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz

 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip

 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d

 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team
 Thanks,

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Hervé BOUTEMY 
it does not use CMS
I split the instructions in 2 parts to make things as clear as possible:

1. mvn -Preporting site site:stage
= local HTML generation and staging of multiple modules into one local staging 
area

2. mvn scm-publish:publish-scm
publish local staging area to website svn area, which distributes it to live 
http server through svnpubsub

Regards,

Hervé

Le jeudi 19 septembre 2013 07:00:13 Jason van Zyl a écrit :
 Are you just manually copying that or is there an option on the CMS to make
 the staging site?
 On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:
  I didn't have time to test this release for the moment
  
  but I updated a few days ago Maven core release instructions [1] to stage
  core reference documentation:
  http://maven.apache.org/ref/3-LATEST/
  Actual state is the staging from previous release vote: it should be
  updated from actual tag, but I don't have time for the moment
  
  Please take a few minutes to run the commands from your release directory.
  
  Regards,
  
  Hervé
  
  [1]
  http://maven.apache.org/developers/release/maven-core-release.html#Stage_
  the_Latest_Documentation 
  Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
  Hi,
  
  Maven Core ITs are good, and the license/notice issue has been resolved
  so
  I'm rolling 3.1.1 again.
  
  Here is a link to Jira with 6 issues resolved:
  https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version
  =18 968
  
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
  
  The distributable binaries and sources for testing can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  ave n/apache-maven/3.1.1/
  
  Specifically the zip, tarball, and source archives can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  ave n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache/m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
  
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
  
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
  
  Vote open for 72 hours.
  
  [ ] +1
  [ ] +0
  [ ] -1
  
  Thanks,
  
  The Maven Team
  Thanks,
  
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Jason van Zyl 
Do you think we can make a small addition to have it publish to a standard 
staging location? Is that hard to add to the tool? Would help us reach a state 
of more automation.

I'll follow those steps for the time being.

On Sep 19, 2013, at 10:19 AM, Hervé BOUTEMY herve.bout...@free.fr wrote:

 it does not use CMS
 I split the instructions in 2 parts to make things as clear as possible:
 
 1. mvn -Preporting site site:stage
 = local HTML generation and staging of multiple modules into one local 
 staging 
 area
 
 2. mvn scm-publish:publish-scm
 publish local staging area to website svn area, which distributes it to live 
 http server through svnpubsub
 
 Regards,
 
 Hervé
 
 Le jeudi 19 septembre 2013 07:00:13 Jason van Zyl a écrit :
 Are you just manually copying that or is there an option on the CMS to make
 the staging site?
 On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:
 I didn't have time to test this release for the moment
 
 but I updated a few days ago Maven core release instructions [1] to stage
 core reference documentation:
 http://maven.apache.org/ref/3-LATEST/
 Actual state is the staging from previous release vote: it should be
 updated from actual tag, but I don't have time for the moment
 
 Please take a few minutes to run the commands from your release directory.
 
 Regards,
 
 Hervé
 
 [1]
 http://maven.apache.org/developers/release/maven-core-release.html#Stage_
 the_Latest_Documentation 
 Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved
 so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version
 =18 968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/m
 ave n/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/m
 ave n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/m
 av
 en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/m
 av
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/m
 av
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Jason van Zyl 
I'm making a small tool to validate the distro. I don't want to do this 
manually anymore :-)

On Sep 19, 2013, at 7:14 AM, Stephen Connolly stephen.alan.conno...@gmail.com 
wrote:

 Jason, are you going to cast your vote on this?
 
 
 On 17 September 2013 16:39, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread prasadeceonl...@gmail.com 


Sent from my HTC On kme™ X, an ATT 4G LTE smartphone

- Reply message -
From: Jason van Zyl ja...@tesla.io
To: Maven Developers List dev@maven.apache.org
Subject: [VOTE] Release Maven 3.1.1
Date: Thu, Sep 19, 2013 7:30 PM


Are you just manually copying that or is there an option on the CMS to make the 
staging site?

On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:

 I didn't have time to test this release for the moment
 
 but I updated a few days ago Maven core release instructions [1] to stage 
 core 
 reference documentation:
 http://maven.apache.org/ref/3-LATEST/
 Actual state is the staging from previous release vote: it should be updated 
 from actual tag, but I don't have time for the moment
 
 Please take a few minutes to run the commands from your release directory.
 
 Regards,
 
 Hervé
 
 [1] 
 http://maven.apache.org/developers/release/maven-core-release.html#Stage_the_Latest_Documentation
 
 Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18
 968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread prasadeceonl...@gmail.com 


Sent from my HTC One™ X, an ATT 4G LTE smartphone

- Reply message -
From: Jason van Zyl ja...@tesla.io
To: Maven Developers List dev@maven.apache.org
Subject: [VOTE] Release Maven 3.1.1
Date: Thu, Sep 19, 2013 7:30 PM


Are you just manually copying that or is there an option on the CMS to make the 
staging site?

On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:

 I didn't have time to test this release for the moment
 
 but I updated a few days ago Maven core release instructions [1] to stage 
 core 
 reference documentation:
 http://maven.apache.org/ref/3-LATEST/
 Actual state is the staging from previous release vote: it should be updated 
 from actual tag, but I don't have time for the moment
 
 Please take a few minutes to run the commands from your release directory.
 
 Regards,
 
 Hervé
 
 [1] 
 http://maven.apache.org/developers/release/maven-core-release.html#Stage_the_Latest_Documentation
 
 Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18
 968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Hervé BOUTEMY 
what do you call a standard staging location?
what more automation do you expect?

Le jeudi 19 septembre 2013 11:02:46 Jason van Zyl a écrit :
 Do you think we can make a small addition to have it publish to a standard
 staging location? Is that hard to add to the tool? Would help us reach a
 state of more automation.
 
 I'll follow those steps for the time being.
 
 On Sep 19, 2013, at 10:19 AM, Hervé BOUTEMY herve.bout...@free.fr wrote:
  it does not use CMS
  I split the instructions in 2 parts to make things as clear as possible:
  
  1. mvn -Preporting site site:stage
  = local HTML generation and staging of multiple modules into one local
  staging area
  
  2. mvn scm-publish:publish-scm
  publish local staging area to website svn area, which distributes it to
  live http server through svnpubsub
  
  Regards,
  
  Hervé
  
  Le jeudi 19 septembre 2013 07:00:13 Jason van Zyl a écrit :
  Are you just manually copying that or is there an option on the CMS to
  make
  the staging site?
  
  On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr 
wrote:
  I didn't have time to test this release for the moment
  
  but I updated a few days ago Maven core release instructions [1] to
  stage
  core reference documentation:
  http://maven.apache.org/ref/3-LATEST/
  Actual state is the staging from previous release vote: it should be
  updated from actual tag, but I don't have time for the moment
  
  Please take a few minutes to run the commands from your release
  directory.
  
  Regards,
  
  Hervé
  
  [1]
  http://maven.apache.org/developers/release/maven-core-release.html#Stage
  _
  the_Latest_Documentation
  
  Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
  Hi,
  
  Maven Core ITs are good, and the license/notice issue has been resolved
  so
  I'm rolling 3.1.1 again.
  
  Here is a link to Jira with 6 issues resolved:
  https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500versi
  on
  =18 968
  
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
  
  The distributable binaries and sources for testing can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache
  /m
  ave n/apache-maven/3.1.1/
  
  Specifically the zip, tarball, and source archives can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apache
  /m
  ave n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache
  /m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
  https://repository.apache.org/content/repositories/maven-065/org/apache
  /m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
  https://repository.apache.org/content/repositories/maven-065/org/apache
  /m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
  
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1:
  2251357aa47129674df578e787504b72cd57ed4d
  
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
  
  Vote open for 72 hours.
  
  [ ] +1
  [ ] +0
  [ ] -1
  
  Thanks,
  
  The Maven Team
  Thanks,
  
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
  
  Thanks,
  
  Jason
  
  --
  Jason van Zyl
  Founder,  Apache Maven
  http://twitter.com/jvanzyl
  -
  
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Jason van Zyl 
A button on the CMS page that says Staging Site and it produces a standard 
URL for a staging site that can be used for all core releases.

On Sep 19, 2013, at 1:19 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:

 what do you call a standard staging location?
 what more automation do you expect?
 
 Le jeudi 19 septembre 2013 11:02:46 Jason van Zyl a écrit :
 Do you think we can make a small addition to have it publish to a standard
 staging location? Is that hard to add to the tool? Would help us reach a
 state of more automation.
 
 I'll follow those steps for the time being.
 
 On Sep 19, 2013, at 10:19 AM, Hervé BOUTEMY herve.bout...@free.fr wrote:
 it does not use CMS
 I split the instructions in 2 parts to make things as clear as possible:
 
 1. mvn -Preporting site site:stage
 = local HTML generation and staging of multiple modules into one local
 staging area
 
 2. mvn scm-publish:publish-scm
 publish local staging area to website svn area, which distributes it to
 live http server through svnpubsub
 
 Regards,
 
 Hervé
 
 Le jeudi 19 septembre 2013 07:00:13 Jason van Zyl a écrit :
 Are you just manually copying that or is there an option on the CMS to
 make
 the staging site?
 
 On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr 
 wrote:
 I didn't have time to test this release for the moment
 
 but I updated a few days ago Maven core release instructions [1] to
 stage
 core reference documentation:
 http://maven.apache.org/ref/3-LATEST/
 Actual state is the staging from previous release vote: it should be
 updated from actual tag, but I don't have time for the moment
 
 Please take a few minutes to run the commands from your release
 directory.
 
 Regards,
 
 Hervé
 
 [1]
 http://maven.apache.org/developers/release/maven-core-release.html#Stage
 _
 the_Latest_Documentation
 
 Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved
 so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500versi
 on
 =18 968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache
 /m
 ave n/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache
 /m
 ave n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache
 /m
 av
 en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache
 /m
 av
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache
 /m
 av
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1:
 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-19 Thread Hervé BOUTEMY 
ah ok, staging to http://maven.staging.apache.org/

no, this url is for CMS staging only, which does not contain/support component 
included sites: see  http://maven.staging.apache.org/ref/ for example, which 
does not exist. In fact, everything from extpaths.txt isn't published in CMS 
staging site (nor svn area)

CMS staging is only for Maven project main site, which is published by CMS.


Maven core staging site, like any other component staging area, is done in CMS 
production area protected by extpaths.txt, with a -LATEST convention: 
versionned release documentation is done with svn cp

This is the only way I found to integrate with CMS + svnpubsub solution in as 
much natural way as possible

Le jeudi 19 septembre 2013 14:35:16 Jason van Zyl a écrit :
 A button on the CMS page that says Staging Site and it produces a standard
 URL for a staging site that can be used for all core releases.
 On Sep 19, 2013, at 1:19 PM, Hervé BOUTEMY herve.bout...@free.fr wrote:
  what do you call a standard staging location?
  what more automation do you expect?
  
  Le jeudi 19 septembre 2013 11:02:46 Jason van Zyl a écrit :
  Do you think we can make a small addition to have it publish to a
  standard
  staging location? Is that hard to add to the tool? Would help us reach a
  state of more automation.
  
  I'll follow those steps for the time being.
  
  On Sep 19, 2013, at 10:19 AM, Hervé BOUTEMY herve.bout...@free.fr 
wrote:
  it does not use CMS
  I split the instructions in 2 parts to make things as clear as possible:
  
  1. mvn -Preporting site site:stage
  = local HTML generation and staging of multiple modules into one local
  staging area
  
  2. mvn scm-publish:publish-scm
  publish local staging area to website svn area, which distributes it to
  live http server through svnpubsub
  
  Regards,
  
  Hervé
  
  Le jeudi 19 septembre 2013 07:00:13 Jason van Zyl a écrit :
  Are you just manually copying that or is there an option on the CMS to
  make
  the staging site?
  
  On Sep 18, 2013, at 10:18 PM, Hervé BOUTEMY herve.bout...@free.fr
  
  wrote:
  I didn't have time to test this release for the moment
  
  but I updated a few days ago Maven core release instructions [1] to
  stage
  core reference documentation:
  http://maven.apache.org/ref/3-LATEST/
  Actual state is the staging from previous release vote: it should be
  updated from actual tag, but I don't have time for the moment
  
  Please take a few minutes to run the commands from your release
  directory.
  
  Regards,
  
  Hervé
  
  [1]
  http://maven.apache.org/developers/release/maven-core-release.html#Sta
  ge
  _
  the_Latest_Documentation
  
  Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
  Hi,
  
  Maven Core ITs are good, and the license/notice issue has been
  resolved
  so
  I'm rolling 3.1.1 again.
  
  Here is a link to Jira with 6 issues resolved:
  https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500ver
  si
  on
  =18 968
  
  Staging repo:
  https://repository.apache.org/content/repositories/maven-065/
  
  The distributable binaries and sources for testing can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apac
  he
  /m
  ave n/apache-maven/3.1.1/
  
  Specifically the zip, tarball, and source archives can be found here:
  https://repository.apache.org/content/repositories/maven-065/org/apac
  he
  /m
  ave n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
  https://repository.apache.org/content/repositories/maven-065/org/apac
  he
  /m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
  https://repository.apache.org/content/repositories/maven-065/org/apac
  he
  /m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
  https://repository.apache.org/content/repositories/maven-065/org/apac
  he
  /m
  av
  en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
  
  Source release checksum(s):
  apache-maven-3.1.1-src.zip sha1:
  2251357aa47129674df578e787504b72cd57ed4d
  
  Staging site:
  http://people.apache.org/~jvanzyl/maven-3.1.1/
  
  Vote open for 72 hours.
  
  [ ] +1
  [ ] +0
  [ ] -1
  
  Thanks,
  
  The Maven Team
  Thanks,
  
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
  
  Thanks,
  
  Jason
  
  --
  Jason van Zyl
  Founder,  Apache Maven
  http://twitter.com/jvanzyl
  -
  
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
  
  Thanks,
  
  Jason
  
  --
  Jason van Zyl
  Founder,  Apache Maven
  http://twitter.com/jvanzyl
  -

Re: [VOTE] Release Maven 3.1.1

2013-09-18 Thread Mirko Friedenhagen 
+1 (non-binding), installed this as default Maven 3 on a Jenkins
installation and after upping maven-site-plugin from 3.0 to 3.3 in
some projects, around 20 projects (Mostly maven and Jenkins plugin)
were successfully running mvn clean install site (@Stephen: even
with Jenkins' Maven job type!)

I also checked the SHA1 of the src.zip at the staging repository is
2251357aa47129674df578e787504b72cd57ed4d, the SHA1 from the binary
(mvn -v) reports 0728685237757ffbf44136acec0402957f723d9a which is the
prepare commit of the release-plugin.

Regards
Mirko
Regards Mirko
--
http://illegalstateexception.blogspot.com/
https://github.com/mfriedenhagen/
https://bitbucket.org/mfriedenhagen/


On Tue, Sep 17, 2013 at 5:39 PM, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Maven Core ITs are good, and the license/notice issue has been resolved so 
 I'm rolling 3.1.1 again.

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d

 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team
 Thanks,







-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-18 Thread Jason van Zyl 
If you can reproduce it in a stand-alone example I can track it down. Or if 
it's an OSS project I'll take a look.

On Sep 18, 2013, at 5:45 PM, Mark Derricutt m...@talios.com wrote:

 Maybe a -1 here, not sure.   I was about to +1 this from basic 
 builds/releases, but then needed to run some integration tests locally and 
 hit the following issue, strangely - this also occurs using 3.1.0 AND 3.0.5, 
 but only on my machine. So I'm suspecting something strange in my .m2 maybe… 
 I'm seeing Aether fall into an endless loop that:
 
 On our integration tests I'm seeing this lock solid:
 
 main prio=5 tid=0x7fc1dc801800 nid=0x1903 runnable [0x00010b458000]
java.lang.Thread.State: RUNNABLE
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at 
 org.eclipse.aether.graph.DefaultDependencyNode.accept(DefaultDependencyNode.java:329)
   at

Re: [VOTE] Release Maven 3.1.1

2013-09-18 Thread Mark Derricutt 
On 19/09/2013, at 1:09 PM, Jason van Zyl ja...@tesla.io wrote:

 If you can reproduce it in a stand-alone example I can track it down. Or if 
 it's an OSS project I'll take a look.


Sadly not unfortunately - 3.1.1 seems to work flawlessly fine for our main 
artefacts and any OSS projects I have, but something in our integration tests 
is tripping it up, -X doesn't give me anything useful either.

Since I'm seeing this on 3.0.5/3.0.1 as well as 3.1.1 I don't think this should 
prevent a release assuming nothing else crops up.

I'll see if I can nail it down a bit and step thru the code and try figure it 
out.



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [VOTE] Release Maven 3.1.1

2013-09-18 Thread Hervé BOUTEMY 
I didn't have time to test this release for the moment

but I updated a few days ago Maven core release instructions [1] to stage core 
reference documentation:
http://maven.apache.org/ref/3-LATEST/
Actual state is the staging from previous release vote: it should be updated 
from actual tag, but I don't have time for the moment

Please take a few minutes to run the commands from your release directory.

Regards,

Hervé

[1] 
http://maven.apache.org/developers/release/maven-core-release.html#Stage_the_Latest_Documentation

Le mardi 17 septembre 2013 11:39:17 Jason van Zyl a écrit :
 Hi,
 
 Maven Core ITs are good, and the license/notice issue has been resolved so
 I'm rolling 3.1.1 again.
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18
 968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-065/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-065/org/apache/mave
 n/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-065/org/apache/mav
 en/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Source release checksum(s):
 apache-maven-3.1.1-src.zip sha1: 2251357aa47129674df578e787504b72cd57ed4d
 
 Staging site:
 http://people.apache.org/~jvanzyl/maven-3.1.1/
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 Thanks,

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-17 Thread Jason van Zyl 
I'm going to do the re-roll in 30 minutes.

On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-17 Thread Jason van Zyl 
Core ITs are all blue again, there was a resolution failure but seems to be 
spurious and the jdk7 build is ok again.

On Sep 17, 2013, at 10:08 AM, Jason van Zyl ja...@tesla.io wrote:

 I'm going to do the re-roll in 30 minutes.
 
 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -
 
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-14 Thread Baptiste Mathus 
Le 13 sept. 2013 19:00, sebb seb...@gmail.com a écrit :

 On 12 September 2013 21:52, Baptiste Mathus m...@batmat.net wrote:
  2013/9/12 sebb seb...@gmail.com
 
  On 12 September 2013 14:52, Arnaud Héritier aherit...@gmail.com
wrote:
   On Thu, Sep 12, 2013 at 3:44 PM, sebb seb...@gmail.com wrote:
  
   On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
   

   Like we already say I think we aren't convinced about this because it
  will
   imply to recopy these files across ~50 projects (plugins, shared
libs)
  and
   thus update them the day we'll decide/need to do it. That's why we
always
   prefered to bundle them at build time.
 
  The point is:
  the NL files should be at the top-level of SCM.
  That is because SCM URLs are published, so the readers need to know
  the what the license conditions are.
 
 
  Wasn't it explained that SCM is actually a convenience, and that only
the
  released source tarballs would actually matter here?

 It's not the case that SCM is only a convenience; the SCM locations
 are published to end-users on the web-site and in the POMs.

 And the SCM is anyway public.

Well, according to this thread
http://mail-archives.apache.org/mod_mbox/maven-dev/201308.mbox/%3CCA+nPnMwE=ON4AfAmFq3dvnpMdcsKt0u3G=RYvQWiZsmL=ea...@mail.gmail.com%3Eand
Stephen's answer, that was my understanding and I don't remember
someone pointing to somewhere at apache docs stating this is actually wrong.

  In this case, Arnaud's point about only adding them at build time is
really
  valid here.

 Not sure what you are referring to here, but the build is not relevant
 to this discussion.

Once again, in the above linked thread, my readings make me think there
were already answers from pmc that you would then have to agree to
disagree on this point.
And this is also the understanding I have from last Arnaud's answer above.

 
  The fact that having the NL files there would likely have ensured
  they were in the source archive is an added bonus; it's not the
  primary reason for having them at the top-level of SCM.
 
 
  In the source, but possibly different in many places and having to
maintain
  their sameness, that's again Arnaud's point.
 
  As an external observer and a developer, not duplicating files in many
  places as they should really be the same seem quite a sound PMC choice
to
  me.

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-14 Thread sebb 
On 14 September 2013 11:19, Baptiste Mathus bmat...@batmat.net wrote:
 Le 13 sept. 2013 19:00, sebb seb...@gmail.com a écrit :

 On 12 September 2013 21:52, Baptiste Mathus m...@batmat.net wrote:
  2013/9/12 sebb seb...@gmail.com
 
  On 12 September 2013 14:52, Arnaud Héritier aherit...@gmail.com
 wrote:
   On Thu, Sep 12, 2013 at 3:44 PM, sebb seb...@gmail.com wrote:
  
   On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
   

   Like we already say I think we aren't convinced about this because it
  will
   imply to recopy these files across ~50 projects (plugins, shared
 libs)
  and
   thus update them the day we'll decide/need to do it. That's why we
 always
   prefered to bundle them at build time.
 
  The point is:
  the NL files should be at the top-level of SCM.
  That is because SCM URLs are published, so the readers need to know
  the what the license conditions are.
 
 
  Wasn't it explained that SCM is actually a convenience, and that only
 the
  released source tarballs would actually matter here?

 It's not the case that SCM is only a convenience; the SCM locations
 are published to end-users on the web-site and in the POMs.

 And the SCM is anyway public.

 Well, according to this thread
 http://mail-archives.apache.org/mod_mbox/maven-dev/201308.mbox/%3CCA+nPnMwE=ON4AfAmFq3dvnpMdcsKt0u3G=RYvQWiZsmL=ea...@mail.gmail.com%3E

That thread was about including the SCM details in the VOTE e-mail.

 and Stephen's answer, that was my understanding and I don't remember
 someone pointing to somewhere at apache docs stating this is actually wrong.

  In this case, Arnaud's point about only adding them at build time is
 really
  valid here.

 Not sure what you are referring to here, but the build is not relevant
 to this discussion.

 Once again, in the above linked thread, my readings make me think there
 were already answers from pmc that you would then have to agree to
 disagree on this point.
 And this is also the understanding I have from last Arnaud's answer above.

There is a thread active currently on legal-discuss; at least one of
the ASF legal types thinks that SCM trees should have NL files.

 
  The fact that having the NL files there would likely have ensured
  they were in the source archive is an added bonus; it's not the
  primary reason for having them at the top-level of SCM.
 
 
  In the source, but possibly different in many places and having to
 maintain
  their sameness, that's again Arnaud's point.
 
  As an external observer and a developer, not duplicating files in many
  places as they should really be the same seem quite a sound PMC choice to
  me.

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-13 Thread Mark Derricutt 
Just a thought that comes to mind.

I see just as this vote was raised a new maven-install-plugin was released, and 
a vote is also underway for an updated wagon release.

Is it worth updating the default versions of plugins etc. to use these along 
with the 3.1.1 release?


On 9/09/2013, at 1:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 

-- Mark Derricutt ( m...@talios.com )
 — twitter: https://twitter.com/talios
 — podcast: http://www.illegalargument.com
 — blog: http://www.theoryinpractice.net
 — google+: http://gplus.to/talios



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [VOTE] Release Maven 3.1.1

2013-09-13 Thread Robert Scholte 
Assuming that we need another vote, it is worth waiting to include Wagon  
2.5 due to WAGON-381.
I wouldn't upgrade the Install Plugin yet. First the Deploy Plugin should  
be released as well, so the installAtEnd and deployAtEnd chain is  
complete. With only the installAtEnd we can expect confusion.


Robert

Op Fri, 13 Sep 2013 07:59:58 +0200 schreef Mark Derricutt  
m...@talios.com:



Just a thought that comes to mind.

I see just as this vote was raised a new maven-install-plugin was  
released, and a vote is also underway for an updated wagon release.


Is it worth updating the default versions of plugins etc. to use these  
along with the 3.1.1 release?



On 9/09/2013, at 1:07 AM, Jason van Zyl ja...@tesla.io wrote:


Hi,

Here is a link to Jira with 6 issues resolved:
https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

Staging repo:
https://repository.apache.org/content/repositories/maven-016/

The distributable binaries and sources for testing can be found here:
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

Specifically the zip, tarball, and source archives can be found here:
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

Vote open for 72 hours.

[ ] +1
[ ] +0
[ ] -1

Thanks,

The Maven Team









-- Mark Derricutt ( m...@talios.com )
 — twitter: https://twitter.com/talios
 — podcast: http://www.illegalargument.com
 — blog: http://www.theoryinpractice.net
 — google+: http://gplus.to/talios


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-13 Thread Jason van Zyl 

On Sep 13, 2013, at 10:14 AM, Robert Scholte rfscho...@apache.org wrote:

 Assuming that we need another vote, it is worth waiting to include Wagon 2.5 
 due to WAGON-381.

No, I would prefer to do another release and only fix what's necessary here. 
I'd still like to get to the point where we can do push button, mostly 
automated releases. To get there we need to release more often. There's one 
issue that Tamas pointed out that needs to be fixed, and we've discovered 
another issue in m2e while trying to make it use 3.1.x. So I'd like to focus on 
those issues and release again.

 I wouldn't upgrade the Install Plugin yet. First the Deploy Plugin should be 
 released as well, so the installAtEnd and deployAtEnd chain is complete. With 
 only the installAtEnd we can expect confusion.
 
 Robert
 
 Op Fri, 13 Sep 2013 07:59:58 +0200 schreef Mark Derricutt m...@talios.com:
 
 Just a thought that comes to mind.
 
 I see just as this vote was raised a new maven-install-plugin was released, 
 and a vote is also underway for an updated wagon release.
 
 Is it worth updating the default versions of plugins etc. to use these along 
 with the 3.1.1 release?
 
 
 On 9/09/2013, at 1:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -- Mark Derricutt ( m...@talios.com )
 — twitter: https://twitter.com/talios
 — podcast: http://www.illegalargument.com
 — blog: http://www.theoryinpractice.net
 — google+: http://gplus.to/talios
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-13 Thread sebb 
On 12 September 2013 21:52, Baptiste Mathus m...@batmat.net wrote:
 2013/9/12 sebb seb...@gmail.com

 On 12 September 2013 14:52, Arnaud Héritier aherit...@gmail.com wrote:
  On Thu, Sep 12, 2013 at 3:44 PM, sebb seb...@gmail.com wrote:
 
  On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
  
   -1
  
   The src.tar.gz and src.zip files have lost their top level NOTICE and
  LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
  definitely needs to be fixed.  I don't have time today to look into
 that,
  but might tomorrow if someone doesn't beat me to it.
 
  The NL files should also be present at the top-level of SCM.
  That is not a release-blocker per se, however if they had been there
  they would likely also be in the source archives at the top-level,
  which is a release blocker IMO.
 
 
 
  Like we already say I think we aren't convinced about this because it
 will
  imply to recopy these files across ~50 projects (plugins, shared libs)
 and
  thus update them the day we'll decide/need to do it. That's why we always
  prefered to bundle them at build time.

 The point is:
 the NL files should be at the top-level of SCM.
 That is because SCM URLs are published, so the readers need to know
 the what the license conditions are.


 Wasn't it explained that SCM is actually a convenience, and that only the
 released source tarballs would actually matter here?

It's not the case that SCM is only a convenience; the SCM locations
are published to end-users on the web-site and in the POMs.

And the SCM is anyway public.

 In this case, Arnaud's point about only adding them at build time is really
 valid here.

Not sure what you are referring to here, but the build is not relevant
to this discussion.



 The fact that having the NL files there would likely have ensured
 they were in the source archive is an added bonus; it's not the
 primary reason for having them at the top-level of SCM.


 In the source, but possibly different in many places and having to maintain
 their sameness, that's again Arnaud's point.

 As an external observer and a developer, not duplicating files in many
 places as they should really be the same seem quite a sound PMC choice to
 me.

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Stevo Slavić 
+1 (non-binding) tested on Apache Mahout trunk

Kind regards,
Stevo Slavic.


On Tue, Sep 10, 2013 at 7:09 PM, Daniel Kulp dk...@apache.org wrote:


 On Sep 10, 2013, at 12:16 PM, sebb seb...@gmail.com wrote:

  On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
 
  -1
 
  The src.tar.gz and src.zip files have lost their top level NOTICE and
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
 definitely needs to be fixed.  I don't have time today to look into that,
 but might tomorrow if someone doesn't beat me to it.
 
  Ran a couple builds with the result of building the source and things
 look OK.
 
  I checked the rest of the contents with the tag and everything looks
 OK.There are three files in the git repo that aren't part of the
 release (/.gitignore, /.gitattributes, and
 /apache-maven/src/bin/.gitattributes), but those files really are specific
 to our scm and thus don't need to be in the source release.
 
  OK, so is it necessary to check the release against the tag?

 That's one way, sure.

 Personally, I log the trunk/master/branch, find the appropriate commit for
 prepare release maven-3.1.1, check that out, then diff that with the src
 tar ball as well as diff that with the tag to make sure all three match up.
  Likely not necessary with git where the tag would apply directly to that
 commit, but with subversion, it is certainly possible that the three don't
 match and the diffs make sure to check that.If any of the three diffs
 find differences, it's an immediate red-flag for further review and likely
 require a -1 on the vote until resolved.

  Or is that just your personal take on what a reviewer should do?

 A reviewer should do whatever they feel is necessary to do a thorough
 review.

  If it is necessary (for at least one reviewer) to do, then the SCM
  coordinates need to be provided in a transparent manner so any
  reviewer can do it, and the coordinates need to be part of the vote
  e-mail for the public record.

 No, each reviewer should do what they feel is appropriate for them.   If
 every reviewer did the exact same thing, we'd get the exact same result
 from each of them.  Some reviewers may checkout the tag, others may troll
 back master, others may do something completely different.


 --
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com


 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread sebb 
On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:

 -1

 The src.tar.gz and src.zip files have lost their top level NOTICE and LICENSE 
 files.   This is a regression from 3.1.0 (and 3.0.5).   That definitely needs 
 to be fixed.  I don't have time today to look into that, but might tomorrow 
 if someone doesn't beat me to it.

The NL files should also be present at the top-level of SCM.
That is not a release-blocker per se, however if they had been there
they would likely also be in the source archives at the top-level,
which is a release blocker IMO.

 Ran a couple builds with the result of building the source and things look OK.

 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), but 
 those files really are specific to our scm and thus don't need to be in the 
 source release.

 Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
 Probalby shouldn't be in the main maven git repo.   Definitely not a big deal.

 Dan



 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team








 --
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com


 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Arnaud Héritier 
-1 due to the issue found by Dan about Notice and License files
Otherwise I tested it on various projects and found no regressions

Cheers


On Thu, Sep 12, 2013 at 3:37 PM, Stevo Slavić ssla...@gmail.com wrote:

 +1 (non-binding) tested on Apache Mahout trunk

 Kind regards,
 Stevo Slavic.


 On Tue, Sep 10, 2013 at 7:09 PM, Daniel Kulp dk...@apache.org wrote:

 
  On Sep 10, 2013, at 12:16 PM, sebb seb...@gmail.com wrote:
 
   On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
  
   -1
  
   The src.tar.gz and src.zip files have lost their top level NOTICE and
  LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
  definitely needs to be fixed.  I don't have time today to look into that,
  but might tomorrow if someone doesn't beat me to it.
  
   Ran a couple builds with the result of building the source and things
  look OK.
  
   I checked the rest of the contents with the tag and everything looks
  OK.There are three files in the git repo that aren't part of the
  release (/.gitignore, /.gitattributes, and
  /apache-maven/src/bin/.gitattributes), but those files really are
 specific
  to our scm and thus don't need to be in the source release.
  
   OK, so is it necessary to check the release against the tag?
 
  That's one way, sure.
 
  Personally, I log the trunk/master/branch, find the appropriate commit
 for
  prepare release maven-3.1.1, check that out, then diff that with the
 src
  tar ball as well as diff that with the tag to make sure all three match
 up.
   Likely not necessary with git where the tag would apply directly to that
  commit, but with subversion, it is certainly possible that the three
 don't
  match and the diffs make sure to check that.If any of the three diffs
  find differences, it's an immediate red-flag for further review and
 likely
  require a -1 on the vote until resolved.
 
   Or is that just your personal take on what a reviewer should do?
 
  A reviewer should do whatever they feel is necessary to do a thorough
  review.
 
   If it is necessary (for at least one reviewer) to do, then the SCM
   coordinates need to be provided in a transparent manner so any
   reviewer can do it, and the coordinates need to be part of the vote
   e-mail for the public record.
 
  No, each reviewer should do what they feel is appropriate for them.   If
  every reviewer did the exact same thing, we'd get the exact same result
  from each of them.  Some reviewers may checkout the tag, others may troll
  back master, others may do something completely different.
 
 
  --
  Daniel Kulp
  dk...@apache.org - http://dankulp.com/blog
  Talend Community Coder - http://coders.talend.com
 
 
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
 
 




-- 
-
Arnaud Héritier
http://aheritier.net
Mail/GTalk: aheritier AT gmail DOT com
Twitter/Skype : aheritier

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Arnaud Héritier 
On Thu, Sep 12, 2013 at 3:44 PM, sebb seb...@gmail.com wrote:

 On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
 
  -1
 
  The src.tar.gz and src.zip files have lost their top level NOTICE and
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
 definitely needs to be fixed.  I don't have time today to look into that,
 but might tomorrow if someone doesn't beat me to it.

 The NL files should also be present at the top-level of SCM.
 That is not a release-blocker per se, however if they had been there
 they would likely also be in the source archives at the top-level,
 which is a release blocker IMO.



Like we already say I think we aren't convinced about this because it will
imply to recopy these files across ~50 projects (plugins, shared libs) and
thus update them the day we'll decide/need to do it. That's why we always
prefered to bundle them at build time.

Arnaud

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Robert Scholte 

-1 for the same reason as Dan and Arnaud, though found no regression.

Robert

Op Thu, 12 Sep 2013 15:49:06 +0200 schreef Arnaud Héritier  
aherit...@gmail.com:



-1 due to the issue found by Dan about Notice and License files
Otherwise I tested it on various projects and found no regressions

Cheers


On Thu, Sep 12, 2013 at 3:37 PM, Stevo Slavić ssla...@gmail.com wrote:


+1 (non-binding) tested on Apache Mahout trunk

Kind regards,
Stevo Slavic.


On Tue, Sep 10, 2013 at 7:09 PM, Daniel Kulp dk...@apache.org wrote:


 On Sep 10, 2013, at 12:16 PM, sebb seb...@gmail.com wrote:

  On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
 
  -1
 
  The src.tar.gz and src.zip files have lost their top level NOTICE  
and

 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
 definitely needs to be fixed.  I don't have time today to look into  
that,

 but might tomorrow if someone doesn't beat me to it.
 
  Ran a couple builds with the result of building the source and  
things

 look OK.
 
  I checked the rest of the contents with the tag and everything  
looks

 OK.There are three files in the git repo that aren't part of the
 release (/.gitignore, /.gitattributes, and
 /apache-maven/src/bin/.gitattributes), but those files really are
specific
 to our scm and thus don't need to be in the source release.
 
  OK, so is it necessary to check the release against the tag?

 That's one way, sure.

 Personally, I log the trunk/master/branch, find the appropriate commit
for
 prepare release maven-3.1.1, check that out, then diff that with the
src
 tar ball as well as diff that with the tag to make sure all three  
match

up.
  Likely not necessary with git where the tag would apply directly to  
that

 commit, but with subversion, it is certainly possible that the three
don't
 match and the diffs make sure to check that.If any of the three  
diffs

 find differences, it's an immediate red-flag for further review and
likely
 require a -1 on the vote until resolved.

  Or is that just your personal take on what a reviewer should do?

 A reviewer should do whatever they feel is necessary to do a thorough
 review.

  If it is necessary (for at least one reviewer) to do, then the SCM
  coordinates need to be provided in a transparent manner so any
  reviewer can do it, and the coordinates need to be part of the vote
  e-mail for the public record.

 No, each reviewer should do what they feel is appropriate for them.
If
 every reviewer did the exact same thing, we'd get the exact same  
result
 from each of them.  Some reviewers may checkout the tag, others may  
troll

 back master, others may do something completely different.


 --
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com


 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Daniel Kulp 

This should now be fixed on master.   Feel free to cancel this vote and respin 
the builds.

Thanks!
Dan


On Sep 10, 2013, at 11:33 AM, Daniel Kulp dk...@apache.org wrote:

 
 -1
 
 The src.tar.gz and src.zip files have lost their top level NOTICE and LICENSE 
 files.   This is a regression from 3.1.0 (and 3.0.5).   That definitely needs 
 to be fixed.  I don't have time today to look into that, but might tomorrow 
 if someone doesn't beat me to it.
 
 Ran a couple builds with the result of building the source and things look OK.
 
 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), but 
 those files really are specific to our scm and thus don't need to be in the 
 source release.
 
 Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
 Probalby shouldn't be in the main maven git repo.   Definitely not a big deal.
 
 Dan
 
 
 
 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -- 
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

-- 
Daniel Kulp
dk...@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread sebb 
On 12 September 2013 14:52, Arnaud Héritier aherit...@gmail.com wrote:
 On Thu, Sep 12, 2013 at 3:44 PM, sebb seb...@gmail.com wrote:

 On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
 
  -1
 
  The src.tar.gz and src.zip files have lost their top level NOTICE and
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
 definitely needs to be fixed.  I don't have time today to look into that,
 but might tomorrow if someone doesn't beat me to it.

 The NL files should also be present at the top-level of SCM.
 That is not a release-blocker per se, however if they had been there
 they would likely also be in the source archives at the top-level,
 which is a release blocker IMO.



 Like we already say I think we aren't convinced about this because it will
 imply to recopy these files across ~50 projects (plugins, shared libs) and
 thus update them the day we'll decide/need to do it. That's why we always
 prefered to bundle them at build time.

The point is:
the NL files should be at the top-level of SCM.
That is because SCM URLs are published, so the readers need to know
the what the license conditions are.

The fact that having the NL files there would likely have ensured
they were in the source archive is an added bonus; it's not the
primary reason for having them at the top-level of SCM.

 Arnaud

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Jason van Zyl 
Right o, thanks.

On Sep 12, 2013, at 10:06 AM, Daniel Kulp dk...@apache.org wrote:

 
 This should now be fixed on master.   Feel free to cancel this vote and 
 respin the builds.
 
 Thanks!
 Dan
 
 
 On Sep 10, 2013, at 11:33 AM, Daniel Kulp dk...@apache.org wrote:
 
 
 -1
 
 The src.tar.gz and src.zip files have lost their top level NOTICE and 
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That 
 definitely needs to be fixed.  I don't have time today to look into that, 
 but might tomorrow if someone doesn't beat me to it.
 
 Ran a couple builds with the result of building the source and things look 
 OK.
 
 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), 
 but those files really are specific to our scm and thus don't need to be in 
 the source release.
 
 Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
 Probalby shouldn't be in the main maven git repo.   Definitely not a big 
 deal.
 
 Dan
 
 
 
 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -- 
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 
 -- 
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Arnaud Héritier 

 The point is:
 the NL files should be at the top-level of SCM.
 That is because SCM URLs are published, so the readers need to know
 the what the license conditions are.


For the License when you are reading some code hosted on apache.org I think
nobody should have a doubt about it.



 The fact that having the NL files there would likely have ensured
 they were in the source archive is an added bonus; it's not the
 primary reason for having them at the top-level of SCM.

  Arnaud

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org




-- 
-
Arnaud Héritier
http://aheritier.net
Mail/GTalk: aheritier AT gmail DOT com
Twitter/Skype : aheritier

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread sebb 
On 12 September 2013 18:20, Arnaud Héritier aherit...@gmail.com wrote:

 The point is:
 the NL files should be at the top-level of SCM.
 That is because SCM URLs are published, so the readers need to know
 the what the license conditions are.


 For the License when you are reading some code hosted on apache.org I think
 nobody should have a doubt about it.

Not all code included in our SCM is necessarily AL-licensed.
Obviously it has to be AL-compatible so the project as a whole is AL,
but parts can be non-AL.



 The fact that having the NL files there would likely have ensured
 they were in the source archive is an added bonus; it's not the
 primary reason for having them at the top-level of SCM.

  Arnaud

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org




 --
 -
 Arnaud Héritier
 http://aheritier.net
 Mail/GTalk: aheritier AT gmail DOT com
 Twitter/Skype : aheritier

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-12 Thread Baptiste Mathus 
2013/9/12 sebb seb...@gmail.com

 On 12 September 2013 14:52, Arnaud Héritier aherit...@gmail.com wrote:
  On Thu, Sep 12, 2013 at 3:44 PM, sebb seb...@gmail.com wrote:
 
  On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
  
   -1
  
   The src.tar.gz and src.zip files have lost their top level NOTICE and
  LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
  definitely needs to be fixed.  I don't have time today to look into
 that,
  but might tomorrow if someone doesn't beat me to it.
 
  The NL files should also be present at the top-level of SCM.
  That is not a release-blocker per se, however if they had been there
  they would likely also be in the source archives at the top-level,
  which is a release blocker IMO.
 
 
 
  Like we already say I think we aren't convinced about this because it
 will
  imply to recopy these files across ~50 projects (plugins, shared libs)
 and
  thus update them the day we'll decide/need to do it. That's why we always
  prefered to bundle them at build time.

 The point is:
 the NL files should be at the top-level of SCM.
 That is because SCM URLs are published, so the readers need to know
 the what the license conditions are.


Wasn't it explained that SCM is actually a convenience, and that only the
released source tarballs would actually matter here?
In this case, Arnaud's point about only adding them at build time is really
valid here.



 The fact that having the NL files there would likely have ensured
 they were in the source archive is an added bonus; it's not the
 primary reason for having them at the top-level of SCM.


In the source, but possibly different in many places and having to maintain
their sameness, that's again Arnaud's point.

As an external observer and a developer, not duplicating files in many
places as they should really be the same seem quite a sound PMC choice to
me.

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Karl Heinz Marbaise 

+1 [non-binding]

Tested with
* appassembler-maven-plugin (trunk: r18705)

* maven-invoker-plugin (trunk: r1521365),

* iterator-maven-plugin (git: 07ddf1a6a8fe4b60dbb84ce944c3a4f7828bff3e
https://github.com/khmarbaise/iterator-maven-plugin),

* several of my own projects worked like a charm.


On 9/8/13 3:07 PM, Jason van Zyl wrote:

Hi,

Here is a link to Jira with 6 issues resolved:
https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

Staging repo:
https://repository.apache.org/content/repositories/maven-016/

The distributable binaries and sources for testing can be found here:
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

Specifically the zip, tarball, and source archives can be found here:
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

Vote open for 72 hours.

[ ] +1
[ ] +0
[ ] -1

Thanks,

The Maven Team











Mit freundlichem Gruß
Karl-Heinz Marbaise
--
SoftwareEntwicklung Beratung SchulungTel.: +49 (0) 2405 / 415 893
Dipl.Ing.(FH) Karl-Heinz MarbaiseICQ#: 135949029
Hauptstrasse 177 USt.IdNr: DE191347579
52146 Würselen   http://www.soebes.de

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread sebb 
I've just realised that you said the hash is in the maven core jar.
That is a binary artifact, and has no direct relationship with the
source artifact on which people are supposed to be voting.

I don't think it's possible to tie the SCM tag to this vote thread
for the record without the hash (and git repo) being provided in
this e-mail.

Also, I don't think the quoted hash is correct.

Are you sure that

c9950d777c7368e51431500c29aecf1e11e3d2c6

is the hash for the build?

On 10 September 2013 09:19, Karl Heinz Marbaise khmarba...@gmx.de wrote:
 +1 [non-binding]

 Tested with
 * appassembler-maven-plugin (trunk: r18705)

 * maven-invoker-plugin (trunk: r1521365),

 * iterator-maven-plugin (git: 07ddf1a6a8fe4b60dbb84ce944c3a4f7828bff3e
 https://github.com/khmarbaise/iterator-maven-plugin),

 * several of my own projects worked like a charm.



 On 9/8/13 3:07 PM, Jason van Zyl wrote:

 Hi,

 Here is a link to Jira with 6 issues resolved:

 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team










 Mit freundlichem Gruß
 Karl-Heinz Marbaise
 --
 SoftwareEntwicklung Beratung SchulungTel.: +49 (0) 2405 / 415 893
 Dipl.Ing.(FH) Karl-Heinz MarbaiseICQ#: 135949029
 Hauptstrasse 177 USt.IdNr: DE191347579
 52146 Würselen   http://www.soebes.de


 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Kristian Rosenvold 
+1
Den 8. sep. 2013 15:08 skrev Jason van Zyl ja...@tesla.io følgende:

 Hi,

 Here is a link to Jira with 6 issues resolved:

 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Jason van Zyl 
Sure, I can remake the email, but the binaries are fine. I made a little tool 
for myself and I'll just use the template from the website.

The SHA1 I took was for the release which is the value that's interpolated into 
the build.properties.

On Sep 9, 2013, at 3:56 PM, Stephen Connolly stephen.alan.conno...@gmail.com 
wrote:

 On 8 September 2013 18:51, Jason van Zyl ja...@tesla.io wrote:
 
 
 On Sep 8, 2013, at 1:12 PM, sebb seb...@gmail.com wrote:
 
 I thought you were going to include the SCM coordinates used to create
 the tarballs?
 
 
 Sorry, not intentional. I forgot.
 
 It's particularly important here, because AFAICT the SCM coordinates
 are not present in the POM.
 If true, then it's not possible to verify the files in the source
 tarballs.
 
 
 I hash is always in the distribution, it's how we show where it comes from
 when you type mvn -v. It's in the build properties in the core JAR and
 the hash in there is:
 
 c9950d777c7368e51431500c29aecf1e11e3d2c6
 
 
 Is that the SHA1 of the src.zip and src.tar.gz or is it the SHA1 of the git
 commit.
 
 What we are looking for on the vote emails is the SHA1 and MD5 of the
 src.zip and src.tar.gz so that interested parties can verify that the vote
 was against the source distribution that ends up in dist and central. Since
 the staging repository is deleted as part of the release process, and since
 what the PMC is voting on is the source bundles, we need the vote email to
 specify the hashes of the source bundle *for the record*...
 
 Of course this is really easy to do as Maven helpfully uploads the hashes
 to the staging repository, but since it didn't happen if it wasn't on a
 mailing list (stephenc rolls his eyes) we need the release manager to
 ensure that the vote has this required information.
 
 Note: The commit hash is really nice to have, but is not part of the
 minimum set of required information, and we are trying to stick to minimum
 procedure. So we don't look for that *even* if other people think we should.
 
 
 
 Also, AFAIK, the PMC agreed to include hashes of the tarballs in vote
 e-mails?
 
 On 8 September 2013 14:07, Jason van Zyl ja...@tesla.io wrote:
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -
 
 
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Jason van Zyl 

On Sep 10, 2013, at 7:53 AM, sebb seb...@gmail.com wrote:

 I've just realised that you said the hash is in the maven core jar.
 That is a binary artifact, and has no direct relationship with the
 source artifact on which people are supposed to be voting.
 

It is supposed to be the SHA1 of the release from which the build was made.

 I don't think it's possible to tie the SCM tag to this vote thread
 for the record without the hash (and git repo) being provided in
 this e-mail.
 

Well, I'm going to leave it out for now. I'll do what's strictly in the 
template here:

http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote


 Also, I don't think the quoted hash is correct.
 

It doesn't look correct, it appears to take the parent commit. This has 
probably been the case for quite some time, in that the mvn -v command 
doesn't actually tell you what commit it came from. I don't know if it's 
generally wrong, but this this case c9950d777c7368e51431500c29aecf1e11e3d2c6 is 
the parent of 892b464683645bcdc1d28febf0bf3cc1c3181350 which is the SHA1 for 
the release.

I assumed someone actually tested this, or maybe it's being used in the release 
for something it wasn't intended for. I'll take a look at the code. But for now 
I will make the template from:

http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote


 Are you sure that
 
 c9950d777c7368e51431500c29aecf1e11e3d2c6
 
 is the hash for the build?
 
 On 10 September 2013 09:19, Karl Heinz Marbaise khmarba...@gmx.de wrote:
 +1 [non-binding]
 
 Tested with
 * appassembler-maven-plugin (trunk: r18705)
 
 * maven-invoker-plugin (trunk: r1521365),
 
 * iterator-maven-plugin (git: 07ddf1a6a8fe4b60dbb84ce944c3a4f7828bff3e
 https://github.com/khmarbaise/iterator-maven-plugin),
 
 * several of my own projects worked like a charm.
 
 
 
 On 9/8/13 3:07 PM, Jason van Zyl wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 
 
 Mit freundlichem Gruß
 Karl-Heinz Marbaise
 --
 SoftwareEntwicklung Beratung SchulungTel.: +49 (0) 2405 / 415 893
 Dipl.Ing.(FH) Karl-Heinz MarbaiseICQ#: 135949029
 Hauptstrasse 177 USt.IdNr: DE191347579
 52146 Würselen   http://www.soebes.de
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread sebb 
On 10 September 2013 14:23, Jason van Zyl ja...@tesla.io wrote:

 On Sep 10, 2013, at 7:53 AM, sebb seb...@gmail.com wrote:

 I've just realised that you said the hash is in the maven core jar.
 That is a binary artifact, and has no direct relationship with the
 source artifact on which people are supposed to be voting.


 It is supposed to be the SHA1 of the release from which the build was made.

 I don't think it's possible to tie the SCM tag to this vote thread
 for the record without the hash (and git repo) being provided in
 this e-mail.


 Well, I'm going to leave it out for now. I'll do what's strictly in the 
 template here:

 http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote

Which as I have argued all along is insufficient.
- the vote email does not have vital information for the record
- indeed in the case of this vote, neither the vote e-mail nor the
source archive (on which people are supposed to be voting) has the
information.

I note that no-one who has voted so far has stated that the contents
of the source archives are all present and correct and that no files
are missing from the release and more importantly that there are no
files in the source archive that should not be there.

IMO this is the most important part of the release vote, along with
the NL contents.


 Also, I don't think the quoted hash is correct.


 It doesn't look correct, it appears to take the parent commit. This has 
 probably been
 the case for quite some time, in that the mvn -v command doesn't actually 
 tell you
 what commit it came from. I don't know if it's generally wrong, but this this 
 case
 c9950d777c7368e51431500c29aecf1e11e3d2c6 is the parent of

Where did you get the above hash from?
It does not seem to be the same as the one in the binary archive I downloaded.

On the git page:

https://git-wip-us.apache.org/repos/asf?p=maven.git;a=summary

the c995... hash seems to be associated with

[MNG-5509] org.apache.maven.repository.legacy.DefaultWa...

This happens to be the line after

[maven-release-plugin] prepare release maven-3.1.1  yellowmaven-3.1.1/yellow

which seems to have the following hash:

 892b464683645bcdc1d28febf0bf3cc1c3181350 which is the SHA1 for the release.

Also the above hash is the one I just found in build.properties.

And it agrees with mvn -v

Apache Maven 3.1.1 (892b464683645bcdc1d28febf0bf3cc1c3181350;
2013-09-05 18:04:21+0100)

So I don't think there's a problem with the build process, but there
is still a major problem with the vote e-mail contents.


 I assumed someone actually tested this, or maybe it's being used in the 
 release for something it wasn't intended for. I'll take a look at the code. 
 But for now I will make the template from:

 http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote


 Are you sure that

 c9950d777c7368e51431500c29aecf1e11e3d2c6

 is the hash for the build?

 On 10 September 2013 09:19, Karl Heinz Marbaise khmarba...@gmx.de wrote:
 +1 [non-binding]

 Tested with
 * appassembler-maven-plugin (trunk: r18705)

 * maven-invoker-plugin (trunk: r1521365),

 * iterator-maven-plugin (git: 07ddf1a6a8fe4b60dbb84ce944c3a4f7828bff3e
 https://github.com/khmarbaise/iterator-maven-plugin),

 * several of my own projects worked like a charm.



 On 9/8/13 3:07 PM, Jason van Zyl wrote:

 Hi,

 Here is a link to Jira with 6 issues resolved:

 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team










 Mit freundlichem Gruß
 Karl-Heinz Marbaise
 --
 SoftwareEntwicklung Beratung SchulungTel.: +49 (0) 2405 / 415 893
 Dipl.Ing.(FH) Karl-Heinz MarbaiseICQ#: 135949029
 Hauptstrasse 177 USt.IdNr: DE191347579
 52146 Würselen   http://www.soebes.de


 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


 -

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Jason van Zyl 
Let's continue with the vote, the binaries are still good. I will send another 
message with a new email template for posterity.

On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Jason van Zyl 
Hi,

Here is a link to Jira with 6 issues resolved:
https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

Staging repo:
https://repository.apache.org/content/repositories/maven-016/
https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

Source release checksum(s):
apache-maven-3.1.1-bin.zip sha1: 46a49ea9baf862d1ca31a98a7d4e188c1ad1b7ac

Staging site:
http://people.apache.org/~jvanzyl/maven-3.1.1/

Vote open for 72 hours.

[ ] +1
[ ] +0
[ ] -1

Thanks,

The Maven Team


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Jason van Zyl 

On Sep 10, 2013, at 9:58 AM, sebb seb...@gmail.com wrote:

 On 10 September 2013 14:23, Jason van Zyl ja...@tesla.io wrote:
 
 On Sep 10, 2013, at 7:53 AM, sebb seb...@gmail.com wrote:
 
 I've just realised that you said the hash is in the maven core jar.
 That is a binary artifact, and has no direct relationship with the
 source artifact on which people are supposed to be voting.
 
 
 It is supposed to be the SHA1 of the release from which the build was made.
 
 I don't think it's possible to tie the SCM tag to this vote thread
 for the record without the hash (and git repo) being provided in
 this e-mail.
 
 
 Well, I'm going to leave it out for now. I'll do what's strictly in the 
 template here:
 
 http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote
 
 Which as I have argued all along is insufficient.
 - the vote email does not have vital information for the record
 - indeed in the case of this vote, neither the vote e-mail nor the
 source archive (on which people are supposed to be voting) has the
 information.
 
 I note that no-one who has voted so far has stated that the contents
 of the source archives are all present and correct and that no files
 are missing from the release and more importantly that there are no
 files in the source archive that should not be there.
 
 IMO this is the most important part of the release vote, along with
 the NL contents.

Get the PMC to agree and put it in the template and I'll use what's in the 
template.

 
 
 Also, I don't think the quoted hash is correct.
 
 
 It doesn't look correct, it appears to take the parent commit. This has 
 probably been
 the case for quite some time, in that the mvn -v command doesn't actually 
 tell you
 what commit it came from. I don't know if it's generally wrong, but this 
 this case
 c9950d777c7368e51431500c29aecf1e11e3d2c6 is the parent of
 
 Where did you get the above hash from?
 It does not seem to be the same as the one in the binary archive I downloaded.
 

There's the argument for automation! I didn't open up the JAR from the checked 
out build. So this is probably the best way right now and you've verified the 
right hash is available from the build itself so that's probably what you need.

 On the git page:
 
 https://git-wip-us.apache.org/repos/asf?p=maven.git;a=summary
 
 the c995... hash seems to be associated with
 
 [MNG-5509] org.apache.maven.repository.legacy.DefaultWa...
 
 This happens to be the line after
 
 [maven-release-plugin] prepare release maven-3.1.1  
 yellowmaven-3.1.1/yellow
 
 which seems to have the following hash:
 
 892b464683645bcdc1d28febf0bf3cc1c3181350 which is the SHA1 for the release.
 
 Also the above hash is the one I just found in build.properties.
 
 And it agrees with mvn -v
 
 Apache Maven 3.1.1 (892b464683645bcdc1d28febf0bf3cc1c3181350;
 2013-09-05 18:04:21+0100)
 
 So I don't think there's a problem with the build process, but there
 is still a major problem with the vote e-mail contents.
 
 
 I assumed someone actually tested this, or maybe it's being used in the 
 release for something it wasn't intended for. I'll take a look at the code. 
 But for now I will make the template from:
 
 http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote
 
 
 Are you sure that
 
 c9950d777c7368e51431500c29aecf1e11e3d2c6
 
 is the hash for the build?
 
 On 10 September 2013 09:19, Karl Heinz Marbaise khmarba...@gmx.de wrote:
 +1 [non-binding]
 
 Tested with
 * appassembler-maven-plugin (trunk: r18705)
 
 * maven-invoker-plugin (trunk: r1521365),
 
 * iterator-maven-plugin (git: 07ddf1a6a8fe4b60dbb84ce944c3a4f7828bff3e
 https://github.com/khmarbaise/iterator-maven-plugin),
 
 * several of my own projects worked like a charm.
 
 
 
 On 9/8/13 3:07 PM, Jason van Zyl wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 
 
 Mit freundlichem Gruß
 Karl-Heinz Marbaise
 --
 SoftwareEntwicklung Beratung

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread sebb 
On 10 September 2013 15:11, Jason van Zyl ja...@tesla.io wrote:

 On Sep 10, 2013, at 9:58 AM, sebb seb...@gmail.com wrote:

 On 10 September 2013 14:23, Jason van Zyl ja...@tesla.io wrote:

 On Sep 10, 2013, at 7:53 AM, sebb seb...@gmail.com wrote:

 I've just realised that you said the hash is in the maven core jar.
 That is a binary artifact, and has no direct relationship with the
 source artifact on which people are supposed to be voting.


 It is supposed to be the SHA1 of the release from which the build was made.

 I don't think it's possible to tie the SCM tag to this vote thread
 for the record without the hash (and git repo) being provided in
 this e-mail.


 Well, I'm going to leave it out for now. I'll do what's strictly in the 
 template here:

 http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote

 Which as I have argued all along is insufficient.
 - the vote email does not have vital information for the record
 - indeed in the case of this vote, neither the vote e-mail nor the
 source archive (on which people are supposed to be voting) has the
 information.

 I note that no-one who has voted so far has stated that the contents
 of the source archives are all present and correct and that no files
 are missing from the release and more importantly that there are no
 files in the source archive that should not be there.

 IMO this is the most important part of the release vote, along with
 the NL contents.

 Get the PMC to agree and put it in the template and I'll use what's in the 
 template.



 Also, I don't think the quoted hash is correct.


 It doesn't look correct, it appears to take the parent commit. This has 
 probably been
 the case for quite some time, in that the mvn -v command doesn't actually 
 tell you
 what commit it came from. I don't know if it's generally wrong, but this 
 this case
 c9950d777c7368e51431500c29aecf1e11e3d2c6 is the parent of

 Where did you get the above hash from?
 It does not seem to be the same as the one in the binary archive I 
 downloaded.


 There's the argument for automation!

It's actually an argument for quoting the hash in the vote e-mail and
for people to actually check it.

I find it strange that none of the reviewers noticed the problem.
That suggests to me that none of the reviewers are actually interested
in doing due diligence on the source archive contents.

 I didn't open up the JAR from the checked out build. So this is probably the 
 best way right now and you've verified the right hash is available from the 
 build itself so that's probably what you need.

No, as I already wrote, that is not suitable.

Voting is on source archives; it's no good having the hash buried away
in an indirectly related binary archive.

 On the git page:

 https://git-wip-us.apache.org/repos/asf?p=maven.git;a=summary

 the c995... hash seems to be associated with

 [MNG-5509] org.apache.maven.repository.legacy.DefaultWa...

 This happens to be the line after

 [maven-release-plugin] prepare release maven-3.1.1  
 yellowmaven-3.1.1/yellow

 which seems to have the following hash:

 892b464683645bcdc1d28febf0bf3cc1c3181350 which is the SHA1 for the release.

 Also the above hash is the one I just found in build.properties.

 And it agrees with mvn -v

 Apache Maven 3.1.1 (892b464683645bcdc1d28febf0bf3cc1c3181350;
 2013-09-05 18:04:21+0100)

 So I don't think there's a problem with the build process, but there
 is still a major problem with the vote e-mail contents.


 I assumed someone actually tested this, or maybe it's being used in the 
 release for something it wasn't intended for. I'll take a look at the code. 
 But for now I will make the template from:

 http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote


 Are you sure that

 c9950d777c7368e51431500c29aecf1e11e3d2c6

 is the hash for the build?

 On 10 September 2013 09:19, Karl Heinz Marbaise khmarba...@gmx.de wrote:
 +1 [non-binding]

 Tested with
 * appassembler-maven-plugin (trunk: r18705)

 * maven-invoker-plugin (trunk: r1521365),

 * iterator-maven-plugin (git: 07ddf1a6a8fe4b60dbb84ce944c3a4f7828bff3e
 https://github.com/khmarbaise/iterator-maven-plugin),

 * several of my own projects worked like a charm.



 On 9/8/13 3:07 PM, Jason van Zyl wrote:

 Hi,

 Here is a link to Jira with 6 issues resolved:

 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:

 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Daniel Kulp 

On Sep 10, 2013, at 10:11 AM, Jason van Zyl ja...@tesla.io wrote:

 
 On Sep 10, 2013, at 9:58 AM, sebb seb...@gmail.com wrote:
 
 Which as I have argued all along is insufficient.
 - the vote email does not have vital information for the record
 - indeed in the case of this vote, neither the vote e-mail nor the
 source archive (on which people are supposed to be voting) has the
 information.
 
 I note that no-one who has voted so far has stated that the contents
 of the source archives are all present and correct and that no files
 are missing from the release and more importantly that there are no
 files in the source archive that should not be there.
 
 IMO this is the most important part of the release vote, along with
 the NL contents.
 
 Get the PMC to agree and put it in the template and I'll use what's in the 
 template.
 

Which the PMC has already discussed and decided it was not needed.   Sebb's 
opinion on this is respected, but it's still not something we, as the PMC, feel 
is required.   The commits list is monitored 

If Sebb feels that strongly about it, he can take it up with the board or 
something, but for the purpose of this community, it's not something that is 
required.



-- 
Daniel Kulp
dk...@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread sebb 
On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:

 -1

 The src.tar.gz and src.zip files have lost their top level NOTICE and LICENSE 
 files.   This is a regression from 3.1.0 (and 3.0.5).   That definitely needs 
 to be fixed.  I don't have time today to look into that, but might tomorrow 
 if someone doesn't beat me to it.

 Ran a couple builds with the result of building the source and things look OK.

 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), but 
 those files really are specific to our scm and thus don't need to be in the 
 source release.

OK, so is it necessary to check the release against the tag?
Or is that just your personal take on what a reviewer should do?

If it is necessary (for at least one reviewer) to do, then the SCM
coordinates need to be provided in a transparent manner so any
reviewer can do it, and the coordinates need to be part of the vote
e-mail for the public record.

 Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
 Probalby shouldn't be in the main maven git repo.   Definitely not a big deal.

 Dan



 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team








 --
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com


 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Daniel Kulp 

-1

The src.tar.gz and src.zip files have lost their top level NOTICE and LICENSE 
files.   This is a regression from 3.1.0 (and 3.0.5).   That definitely needs 
to be fixed.  I don't have time today to look into that, but might tomorrow if 
someone doesn't beat me to it.

Ran a couple builds with the result of building the source and things look OK.

I checked the rest of the contents with the tag and everything looks OK.
There are three files in the git repo that aren't part of the release 
(/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), but 
those files really are specific to our scm and thus don't need to be in the 
source release.

Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
Probalby shouldn't be in the main maven git repo.   Definitely not a big deal.

Dan



On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 

-- 
Daniel Kulp
dk...@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Tony Chemit 
On Sun, 8 Sep 2013 09:07:33 -0400
Jason van Zyl ja...@tesla.io wrote:

+1 (none-binding)

works fine for some mojo projects + nuiton.org and chorem.org projects.

thanks,

tony.


 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 



-- 
Tony Chemit

tél: +33 (0) 2 40 50 29 28
email: che...@codelutin.com
http://www.codelutin.com

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Daniel Kulp 

On Sep 10, 2013, at 12:04 PM, Jason van Zyl ja...@tesla.io wrote:

 What do you think happened? Is this a change in the remote resources plugin?

No…. in the old releases, they were named LICENSE.txt and NOTICE.txt (txt 
extension) which is not how the RR plugin would have ever generated them.  This 
is a source archive and thus the generated LICENSE/NOTICE is likely not 
applicable (as that would have information about the binary jars and such that 
aren't included in the source archive).

Dan


 
 On Sep 10, 2013, at 11:33 AM, Daniel Kulp dk...@apache.org wrote:
 
 
 -1
 
 The src.tar.gz and src.zip files have lost their top level NOTICE and 
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That 
 definitely needs to be fixed.  I don't have time today to look into that, 
 but might tomorrow if someone doesn't beat me to it.
 
 Ran a couple builds with the result of building the source and things look 
 OK.
 
 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), 
 but those files really are specific to our scm and thus don't need to be in 
 the source release.
 
 Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
 Probalby shouldn't be in the main maven git repo.   Definitely not a big 
 deal.
 
 Dan
 
 
 
 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -- 
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 
 
 Thanks,
 
 Jason
 
 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -
 
 
 
 
 
 
 

-- 
Daniel Kulp
dk...@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Daniel Kulp 

On Sep 10, 2013, at 12:16 PM, sebb seb...@gmail.com wrote:

 On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
 
 -1
 
 The src.tar.gz and src.zip files have lost their top level NOTICE and 
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That 
 definitely needs to be fixed.  I don't have time today to look into that, 
 but might tomorrow if someone doesn't beat me to it.
 
 Ran a couple builds with the result of building the source and things look 
 OK.
 
 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), 
 but those files really are specific to our scm and thus don't need to be in 
 the source release.
 
 OK, so is it necessary to check the release against the tag?

That's one way, sure.

Personally, I log the trunk/master/branch, find the appropriate commit for 
prepare release maven-3.1.1, check that out, then diff that with the src tar 
ball as well as diff that with the tag to make sure all three match up.  Likely 
not necessary with git where the tag would apply directly to that commit, but 
with subversion, it is certainly possible that the three don't match and the 
diffs make sure to check that.If any of the three diffs find differences, 
it's an immediate red-flag for further review and likely require a -1 on the 
vote until resolved.

 Or is that just your personal take on what a reviewer should do?

A reviewer should do whatever they feel is necessary to do a thorough review.

 If it is necessary (for at least one reviewer) to do, then the SCM
 coordinates need to be provided in a transparent manner so any
 reviewer can do it, and the coordinates need to be part of the vote
 e-mail for the public record.

No, each reviewer should do what they feel is appropriate for them.   If every 
reviewer did the exact same thing, we'd get the exact same result from each of 
them.  Some reviewers may checkout the tag, others may troll back master, 
others may do something completely different.


-- 
Daniel Kulp
dk...@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Stephen Connolly 
On 10 September 2013 17:16, sebb seb...@gmail.com wrote:

 On 10 September 2013 16:33, Daniel Kulp dk...@apache.org wrote:
 
  -1
 
  The src.tar.gz and src.zip files have lost their top level NOTICE and
 LICENSE files.   This is a regression from 3.1.0 (and 3.0.5).   That
 definitely needs to be fixed.  I don't have time today to look into that,
 but might tomorrow if someone doesn't beat me to it.
 
  Ran a couple builds with the result of building the source and things
 look OK.
 
  I checked the rest of the contents with the tag and everything looks OK.
There are three files in the git repo that aren't part of the release
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes),
 but those files really are specific to our scm and thus don't need to be in
 the source release.

 OK, so is it necessary to check the release against the tag?
 Or is that just your personal take on what a reviewer should do?

 If it is necessary (for at least one reviewer) to do, then the SCM
 coordinates need to be provided in a transparent manner so any
 reviewer can do it, and the coordinates need to be part of the vote
 e-mail for the public record.


The source bundle contains the root pom which contains the SCM coordinates.

The email contains the hash of the source bundle, and the source bundle is
what we release.

In this PMC's opinion there is no need to add more information to the email.



  Most likely, the doap_Maven.rdf shouldn't be part of the release either.
  Probalby shouldn't be in the main maven git repo.   Definitely not a big
 deal.
 
  Dan
 
 
 
  On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
  Hi,
 
  Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
  Staging repo:
  https://repository.apache.org/content/repositories/maven-016/
 
  The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
  Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
  Vote open for 72 hours.
 
  [ ] +1
  [ ] +0
  [ ] -1
 
  Thanks,
 
  The Maven Team
 
 
 
 
 
 
 
 
  --
  Daniel Kulp
  dk...@apache.org - http://dankulp.com/blog
  Talend Community Coder - http://coders.talend.com
 
 
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
 

 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-10 Thread Jason van Zyl 
What do you think happened? Is this a change in the remote resources plugin?

On Sep 10, 2013, at 11:33 AM, Daniel Kulp dk...@apache.org wrote:

 
 -1
 
 The src.tar.gz and src.zip files have lost their top level NOTICE and LICENSE 
 files.   This is a regression from 3.1.0 (and 3.0.5).   That definitely needs 
 to be fixed.  I don't have time today to look into that, but might tomorrow 
 if someone doesn't beat me to it.
 
 Ran a couple builds with the result of building the source and things look OK.
 
 I checked the rest of the contents with the tag and everything looks OK.
 There are three files in the git repo that aren't part of the release 
 (/.gitignore, /.gitattributes, and /apache-maven/src/bin/.gitattributes), but 
 those files really are specific to our scm and thus don't need to be in the 
 source release.
 
 Most likely, the doap_Maven.rdf shouldn't be part of the release either.  
 Probalby shouldn't be in the main maven git repo.   Definitely not a big deal.
 
 Dan
 
 
 
 On Sep 8, 2013, at 9:07 AM, Jason van Zyl ja...@tesla.io wrote:
 
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -- 
 Daniel Kulp
 dk...@apache.org - http://dankulp.com/blog
 Talend Community Coder - http://coders.talend.com
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-09 Thread Mirko Friedenhagen 
+1 (non-binding), tested with extra-enforcer-rules, testlink-junit and
jenkinsci-jobConfigHistory-plugin.
Regards Mirko
--
http://illegalstateexception.blogspot.com/
https://github.com/mfriedenhagen/
https://bitbucket.org/mfriedenhagen/


On Sun, Sep 8, 2013 at 3:07 PM, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-09 Thread Jason van Zyl 
Awesome, thanks.

On Sep 9, 2013, at 3:19 PM, Mirko Friedenhagen mfriedenha...@gmail.com wrote:

 +1 (non-binding), tested with extra-enforcer-rules, testlink-junit and
 jenkinsci-jobConfigHistory-plugin.
 Regards Mirko
 --
 http://illegalstateexception.blogspot.com/
 https://github.com/mfriedenhagen/
 https://bitbucket.org/mfriedenhagen/
 
 
 On Sun, Sep 8, 2013 at 3:07 PM, Jason van Zyl ja...@tesla.io wrote:
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-09 Thread Mark Derricutt 
+1 (non-binding) - tested releases against our OSGi based setup using 
maven-bundle-plugin, my own coffeescript mojos and others.

Nothing glaringly out of order for me.

--
Mark Derricutt — twitter — podcast — blog — google+

On 9/09/2013, at 1:07 AM, Jason van Zyl ja...@tesla.io wrote:

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [VOTE] Release Maven 3.1.1

2013-09-09 Thread Stephen Connolly 
On 8 September 2013 18:51, Jason van Zyl ja...@tesla.io wrote:


 On Sep 8, 2013, at 1:12 PM, sebb seb...@gmail.com wrote:

  I thought you were going to include the SCM coordinates used to create
  the tarballs?
 

 Sorry, not intentional. I forgot.

  It's particularly important here, because AFAICT the SCM coordinates
  are not present in the POM.
  If true, then it's not possible to verify the files in the source
 tarballs.
 

 I hash is always in the distribution, it's how we show where it comes from
 when you type mvn -v. It's in the build properties in the core JAR and
 the hash in there is:

 c9950d777c7368e51431500c29aecf1e11e3d2c6


Is that the SHA1 of the src.zip and src.tar.gz or is it the SHA1 of the git
commit.

What we are looking for on the vote emails is the SHA1 and MD5 of the
src.zip and src.tar.gz so that interested parties can verify that the vote
was against the source distribution that ends up in dist and central. Since
the staging repository is deleted as part of the release process, and since
what the PMC is voting on is the source bundles, we need the vote email to
specify the hashes of the source bundle *for the record*...

Of course this is really easy to do as Maven helpfully uploads the hashes
to the staging repository, but since it didn't happen if it wasn't on a
mailing list (stephenc rolls his eyes) we need the release manager to
ensure that the vote has this required information.

Note: The commit hash is really nice to have, but is not part of the
minimum set of required information, and we are trying to stick to minimum
procedure. So we don't look for that *even* if other people think we should.



  Also, AFAIK, the PMC agreed to include hashes of the tarballs in vote
 e-mails?
 
  On 8 September 2013 14:07, Jason van Zyl ja...@tesla.io wrote:
  Hi,
 
  Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
  Staging repo:
  https://repository.apache.org/content/repositories/maven-016/
 
  The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
  Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
  Vote open for 72 hours.
 
  [ ] +1
  [ ] +0
  [ ] -1
 
  Thanks,
 
  The Maven Team
 
 
 
 
 
 
 
 
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
 

 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -

Re: [VOTE] Release Maven 3.1.1

2013-09-09 Thread sebb 
On 9 September 2013 20:56, Stephen Connolly
stephen.alan.conno...@gmail.com wrote:
 On 8 September 2013 18:51, Jason van Zyl ja...@tesla.io wrote:


 On Sep 8, 2013, at 1:12 PM, sebb seb...@gmail.com wrote:

  I thought you were going to include the SCM coordinates used to create
  the tarballs?
 

 Sorry, not intentional. I forgot.

  It's particularly important here, because AFAICT the SCM coordinates
  are not present in the POM.
  If true, then it's not possible to verify the files in the source
 tarballs.
 

 I hash is always in the distribution, it's how we show where it comes from
 when you type mvn -v. It's in the build properties in the core JAR and
 the hash in there is:

 c9950d777c7368e51431500c29aecf1e11e3d2c6


 Is that the SHA1 of the src.zip and src.tar.gz or is it the SHA1 of the git
 commit.

 What we are looking for on the vote emails is the SHA1 and MD5 of the
 src.zip and src.tar.gz so that interested parties can verify that the vote
 was against the source distribution that ends up in dist and central. Since
 the staging repository is deleted as part of the release process, and since
 what the PMC is voting on is the source bundles, we need the vote email to
 specify the hashes of the source bundle *for the record*...

+1, especially for the record

 Of course this is really easy to do as Maven helpfully uploads the hashes
 to the staging repository, but since it didn't happen if it wasn't on a
 mailing list (stephenc rolls his eyes) we need the release manager to
 ensure that the vote has this required information.

+1, especially idhiiwoaml

 Note: The commit hash is really nice to have, but is not part of the
 minimum set of required information, and we are trying to stick to minimum
 procedure. So we don't look for that *even* if other people think we should.


Part of the due diligence that should be performed by the reviewers is
to check that the source archives only contain files with the
appropriate licensing.
By far the easiest way to do this is to compare the source archive(s)
with the SCM tag, since it is assumed that due diligence has been
performed on the SCM contents.

This is critical information and needs to be readily available to the
reviewer, and for the record needs to be in the vote e-mail.
Otherwise it did not happen on the mailing list.



  Also, AFAIK, the PMC agreed to include hashes of the tarballs in vote
 e-mails?
 
  On 8 September 2013 14:07, Jason van Zyl ja...@tesla.io wrote:
  Hi,
 
  Here is a link to Jira with 6 issues resolved:
 
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
  Staging repo:
  https://repository.apache.org/content/repositories/maven-016/
 
  The distributable binaries and sources for testing can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
  Specifically the zip, tarball, and source archives can be found here:
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
  Vote open for 72 hours.
 
  [ ] +1
  [ ] +0
  [ ] -1
 
  Thanks,
 
  The Maven Team
 
 
 
 
 
 
 
 
  -
  To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
  For additional commands, e-mail: dev-h...@maven.apache.org
 

 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -









-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-08 Thread sebb 
I thought you were going to include the SCM coordinates used to create
the tarballs?

It's particularly important here, because AFAICT the SCM coordinates
are not present in the POM.
If true, then it's not possible to verify the files in the source tarballs.

Also, AFAIK, the PMC agreed to include hashes of the tarballs in vote e-mails?

On 8 September 2013 14:07, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Maven 3.1.1

2013-09-08 Thread Jason van Zyl 

On Sep 8, 2013, at 1:12 PM, sebb seb...@gmail.com wrote:

 I thought you were going to include the SCM coordinates used to create
 the tarballs?
 

Sorry, not intentional. I forgot.

 It's particularly important here, because AFAICT the SCM coordinates
 are not present in the POM.
 If true, then it's not possible to verify the files in the source tarballs.
 

I hash is always in the distribution, it's how we show where it comes from when 
you type mvn -v. It's in the build properties in the core JAR and the hash in 
there is:

c9950d777c7368e51431500c29aecf1e11e3d2c6

 Also, AFAIK, the PMC agreed to include hashes of the tarballs in vote e-mails?
 
 On 8 September 2013 14:07, Jason van Zyl ja...@tesla.io wrote:
 Hi,
 
 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968
 
 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/
 
 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/
 
 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz
 
 Vote open for 72 hours.
 
 [ ] +1
 [ ] +0
 [ ] -1
 
 Thanks,
 
 The Maven Team
 
 
 
 
 
 
 
 
 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org
 

Thanks,

Jason

--
Jason van Zyl
Founder,  Apache Maven
http://twitter.com/jvanzyl
-

Re: [VOTE] Release Maven 3.1.1

2013-09-08 Thread sebb 
On 8 September 2013 18:51, Jason van Zyl ja...@tesla.io wrote:

 On Sep 8, 2013, at 1:12 PM, sebb seb...@gmail.com wrote:

 I thought you were going to include the SCM coordinates used to create
 the tarballs?


 Sorry, not intentional. I forgot.

 It's particularly important here, because AFAICT the SCM coordinates
 are not present in the POM.
 If true, then it's not possible to verify the files in the source tarballs.


 I hash is always in the distribution, it's how we show where it comes from 
 when you type mvn -v. It's in the build properties in the core JAR and the 
 hash in there is:

 c9950d777c7368e51431500c29aecf1e11e3d2c6

Not exactly easy to find!

In order to actually find the sources that correspond with the hash,
additional information is needed, which also needs to be in the vote
e-mail.

 Also, AFAIK, the PMC agreed to include hashes of the tarballs in vote 
 e-mails?

According to [1], the vote email should have the following contents:


Source release checksum(s):
[NAME-OF]-source-release.zip sha1: [SHA1SUM] md5: [MD5SUM]


[1] 
http://maven.apache.org/developers/release/maven-project-release-procedure.html#Call_the_vote


 On 8 September 2013 14:07, Jason van Zyl ja...@tesla.io wrote:
 Hi,

 Here is a link to Jira with 6 issues resolved:
 https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18968

 Staging repo:
 https://repository.apache.org/content/repositories/maven-016/

 The distributable binaries and sources for testing can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/

 Specifically the zip, tarball, and source archives can be found here:
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-bin.tar.gz
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.zip
 https://repository.apache.org/content/repositories/maven-016/org/apache/maven/apache-maven/3.1.1/apache-maven-3.1.1-src.tar.gz

 Vote open for 72 hours.

 [ ] +1
 [ ] +0
 [ ] -1

 Thanks,

 The Maven Team








 -
 To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
 For additional commands, e-mail: dev-h...@maven.apache.org


 Thanks,

 Jason

 --
 Jason van Zyl
 Founder,  Apache Maven
 http://twitter.com/jvanzyl
 -








-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org