incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matteo Merli <>
Subject Re: [VOTE] Pulsar 1.22.0-incubating Release Candidate 3
Date Mon, 05 Mar 2018 20:20:21 GMT
Hi Stian,

thanks for the detailed spot-on review. (comments inline).

I have created an issue to track the point you have raised (, we'll get to these
before next release.

On Fri, Mar 2, 2018 at 2:00 AM Stian Soiland-Reyes <> wrote:

> Oo, I'll better hurry up then! :)
Normally the wording is "The vote is open for at least 72 hours" --
> you are OK to keep it open a bit longer if you need sufficient votes
> or have not tallied them yet.

Sure we'll update the email templates

> > Source and binary files:
> >
> > pulsar-1.22.0-incubating-candidate-3/
> Is it fourth of third release candidate? Use consistent numbering.
> Starting with "RC0" is a bit unusual..

Yes, we're indeed starting with RC0. We'll switch the instructions to start
with RC1

> +0 src.tar.gz vs git tag  ( and
> missing from dist - are they needed?)

These files are only need to recreate protobuf generated files which are
anyway included in the repo (not when just c

> +0 src NOTICE -- copyright should extend into 2017-2018

Thanks for catching, will fix

> +0 bin NOTICE -- are all of these copyrights really forwarded from their
> I did a spot check, and guava.jar does not have a NOTICE, so unless
> that was copied from a zip/tar that had such a NOTICE, then there
> would be nothing to propagate. On the other side netty.jar has a
> humongous NOTICE which somehow just becomes "Copyright 2014 The Netty
> Project" in your NOTICE -- this seems to violate their Apache license.
>   Has this been discussed on legael?

This was discussed few times here when voting on past releases. Initially I
had put the overall content of Netty
NOTICE file but according to the discussion I have only left copyright

Discussion for 1.19 Pulsar release:
Discussion for 1.20 release:

These discussions, resulted into these 2 changes to the notice files:

Regarding Netty, I've done a spot check on several other ASF TLP projects
and found no one including the full NOTICE file from Netty. I can assure we
have no intention to withdraw information from the NOTICE file :-), it's
just that the definition of what should be included and what shouldn't is
still not 100% crisp and clear to us.

Your Git repository contains .gitignore.swp from vim which you
> probably want to delete.

Thanks for catching, will remove.

Your checksum files are in an unusual style:
> C1 B8 C8 91 23 92 6A 56  82 F6 E9 F3 25 86 8B 58
> CA1B352F 9576C8CB F16258F8 DEABF8F6 E95A926F 665E2FD8 30A38532 8BC639C6
> 20FD34E6
>  6948396A CCD1A123 F072F93D 55D316EB EE34D208 9E0E9174 95AA09EE
> Normally the .md5 and .sha512 files contain the checksum only, in
> lowercase hex without spacing, e.g.
> c1b8c89123926a5682f6e9f325868b58
> ca1b352f9576c8cbf16258f8deabf8f6e95a926f665e2fd830a385328bc639c620fd34e66948396accd1a123f072f93d55d316ebee34d2089e0e917495aa09ee
> This makes it easier to check against tools like md5sum and shasum.
> You didn't include .sha1 checksums, but extra points for .sha512 :)

We have a script that we use to generate the checksums and it does:
gpg --print-md SHA512 $FILE > $FILE.sha512

This was to avoid differences in tooling between macos and linux. We'll try
to fix it to use the standard format.

> It is customary to include the checksums (at least md5) or the
> svn revision in the [VOTE] email, to any avoid
> accidental last-minute-tampering confusion and to keep it in the
> mailing list archives.

Sure, we'll add that to instructions.

Matteo Merli

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message