incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Poore <>
Subject Re: [VOTE] Release Apache Flagon UserALE.js (Incubating) v2.0.2
Date Thu, 15 Aug 2019 03:10:31 GMT

Following Justin’s comment below—Disclaimer missing from .bin release packages—I have
repackaged release candidate #1 to include Disclaimers and pushed to

As this issue was a file omission and did not affect source or build artifacts, the commit
reference used for voting in dev@ have not changed, nor have git tags for the release candidate.
.bin packages now include our Disclaimer.

As a matter of good practice I have re-evaluated the repackaged release candidate against
the following:

[ x ] Build and Unit Tests Pass
[ x ] Integration Tests Pass
[ x ] "Incubating" in References to Project and Distribution File Names
[ x ] Signatures and Hashes Match Keys
[ x ] DISCLAIMER, LICENSE, and NOTICE Files in Source and Binary Release Packages
[ x ] DISCLAIMER, LICENSE, and NOTICE are consistent with ASF and Incubator Policy
[ x ] CHANGELOG included with release distribution
[ x ] All Source Files Have Correct ASF Headers
[ x ] No Unexpected Binary Files in Source Release Packages

Please feel free to evaluate as you VOTE. See the thread below for the interim summary of
VOTEs on dev@

VOTE details follow:

Please VOTE on the Apache Flagon (Incubating) 2.0.2 Release Candidate # 1

This VOTE has passed successfully within the Apache Flagon community. We are now posting the
VOTE on general@ as required by Apache Release Management policies. 

Interim RESULT on dev@ are as follows:

[+1] 7  
Joshua Poore
Rob Foley (`Confused`)
Laura Mariano
Furkan Kamaci*
Arthi Vezhavendan
Tim Allison*
Dave Meikle*

[0] 0


*Binding IPMC/PPMC Mentor VOTE

The VOTE thread on dev@ can be found here:

VOTE details follow:

About Flagon: <>
< <>> 

This Patch release includes :

	• Updates to package.json and package-lock.json to resolve downstream Prototype Pollution
vulnerabilities in dev dependencies
	• Updates to package.json and package-lock.json to modernize deprecated npm modules
	• Minor updates to README documentation for UserALE.js' Example Test Utilities.

We solved 11 issues: <><

Git source tag (43de2fc1e1c5d5e1a83119a91947f7bbe6d313f3):

Staging repo: <>

Source Release Artifacts:

PGP release keys (signed using F937rFAE3FCADF6E):

Reference the UserALE.js testing framework to assist in your unit and integration tests:

Link to Successful Jenkins Build(s): <>

Vote will be open for 72 hours. Please VOTE as follows: 

[ ] +1, let's get it released!!!
[ ] +/-0, fine, but consider to fix few issues before...
[ ] -1, nope, because... (and please explain why)

Thank you to everyone that is able to VOTE as well as everyone that contributed to Apache
Flagon 2.0.0



> On Aug 14, 2019, at 8:27 AM, Joshua Poore <> wrote:
> Hi Justin,
> Please clarify your VOTE. Are we at -1 or 0 from you? If its a 0 - "consider fixing a
few issues”. I can easily roll a new release with DISCLAIMERS in bin push as new release
package so that this issue can be vetted prior to release, but doesn’t require another VOTE
> Josh
>> On Aug 13, 2019, at 11:58 PM, Justin Mclean <> wrote:
>> Hi,
>> +1 (binding) on the source release, but sorry it’s -1 (binding) for the binaries
as they are missing the DISCLAIMER file [2]
>> You might want to consider using a checklist when checking releases [1]. Also when
voting on release it a good idea to list what you checked rather than just saying +1.
>> I checked:
>> - incubating in name
>> - signatures and hashes fine
>> - DISCLAIMER in source but not in binary releases
>> - LICENSE and NOTICE fine
>> - all source files have ASF headers
>> - no unexpected binary files in source release
>> There also no need to put the KEYS fine inside the release, it's sort of a bit late
to find it there after you unzipped it :-)
>> Thanks,
>> Justin
>> 1.
>> 2.
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> For additional commands, e-mail:
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message