[VOTE]: Apache HAWQ 2.3.0.0-incubating Release

classic Classic list List threaded Threaded
20 messages Options
Reply | Threaded
Open this post in threaded view
|

[VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Yi JIN
Hi IPMC members,

The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has passed.
So I request IPMC now to vote on this release candidate. Thank you!

The release page is here:
https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-incubating+Release

The PPMC vote thread is located here:
https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E

The artifacts can be downloaded here:
https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
The artifacts have been signed with Key : CE60F90D1333092A

All JIRAs completed for this release are tagged with 'FixVersion
=2.3.0.0-incubating'
https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12340262&styleName=Html&projectId=12318826

Please vote accordingly:
[ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
[ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating release
because...

The vote will run for at least 72 hours.

Best regards,
Yi Jin (yjin)
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Henk P. Penning-2
On Wed, 7 Mar 2018, Yi JIN wrote:

> Date: Wed, 7 Mar 2018 03:56:54 +0100
> From: Yi JIN <[hidden email]>
> To: [hidden email]
> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

> The artifacts can be downloaded here:
> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/

   Recently the "release policy" [1] changed ; it (now) says :

     ...
     * SHOULD NOT supply a MD5 checksum file
     ...

   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums

> Yi Jin (yjin)

   Groeten,

   Henk Penning -- apache.org infrastructure ; dist & mirrors

------------------------------------------------------------   _
Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Makoto Yui-2
> Recently the "release policy" [1] changed ; it (now) says :

Good to know about it.

> MUST supply at least one (SHA or MD5) checksum file,
> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).

This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)

Makoto

2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:

> On Wed, 7 Mar 2018, Yi JIN wrote:
>
>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>> From: Yi JIN <[hidden email]>
>> To: [hidden email]
>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>
>
>> The artifacts can be downloaded here:
>>
>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>
>
>   Recently the "release policy" [1] changed ; it (now) says :
>
>     ...
>     * SHOULD NOT supply a MD5 checksum file
>     ...
>
>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>
>> Yi Jin (yjin)
>
>
>   Groeten,
>
>   Henk Penning -- apache.org infrastructure ; dist & mirrors
>
> ------------------------------------------------------------   _
> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>



--
Makoto YUI <myui AT apache.org>
Research Engineer, Treasure Data, Inc.
http://myui.github.io/

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Henk P. Penning-2
On Wed, 7 Mar 2018, Makoto Yui wrote:

> Date: Wed, 7 Mar 2018 07:15:15 +0100
> From: Makoto Yui <[hidden email]>
> To: [hidden email]
> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>
>> Recently the "release policy" [1] changed ; it (now) says :
>
> Good to know about it.
>
>> MUST supply at least one (SHA or MD5) checksum file,
>> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).

> This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)

   See RFC 2119 : https://www.ietf.org/rfc/rfc2119.txt

   "MUST", "SHOULD", "SHOULD NOT" etc are technical terms.
   RFC 2119 explains what they mean.

   Hint :

     MUST   == obligation ; a strict requirement
     SHOULD == recommendation ;

   Note : the policy can't say "MUST supply SHA checksum",
   because many projects have older releases in /dist/
   that are MD5-only ; under "new policy", that is
   frowned upon, but not forbidden.

> Makoto

   Groeten,

   HPP

------------------------------------------------------------   _
Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/

> 2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:
>> On Wed, 7 Mar 2018, Yi JIN wrote:
>>
>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>>> From: Yi JIN <[hidden email]>
>>> To: [hidden email]
>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>
>>
>>> The artifacts can be downloaded here:
>>>
>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>>
>>
>>   Recently the "release policy" [1] changed ; it (now) says :
>>
>>     ...
>>     * SHOULD NOT supply a MD5 checksum file
>>     ...
>>
>>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>>
>>> Yi Jin (yjin)
>>
>>
>>   Groeten,
>>
>>   Henk Penning -- apache.org infrastructure ; dist & mirrors
>>
>> ------------------------------------------------------------   _
>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>
>
>
> --
> Makoto YUI <myui AT apache.org>
> Research Engineer, Treasure Data, Inc.
> http://myui.github.io/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Makoto Yui-2
Groeten,

Thanks for clarification.

Makoto

2018-03-07 15:27 GMT+09:00 Henk P. Penning <[hidden email]>:

> On Wed, 7 Mar 2018, Makoto Yui wrote:
>
>> Date: Wed, 7 Mar 2018 07:15:15 +0100
>> From: Makoto Yui <[hidden email]>
>> To: [hidden email]
>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>
>>> Recently the "release policy" [1] changed ; it (now) says :
>>
>>
>> Good to know about it.
>>
>>> MUST supply at least one (SHA or MD5) checksum file,
>>> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).
>
>
>> This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)
>
>
>   See RFC 2119 : https://www.ietf.org/rfc/rfc2119.txt
>
>   "MUST", "SHOULD", "SHOULD NOT" etc are technical terms.
>   RFC 2119 explains what they mean.
>
>   Hint :
>
>     MUST   == obligation ; a strict requirement
>     SHOULD == recommendation ;
>
>   Note : the policy can't say "MUST supply SHA checksum",
>   because many projects have older releases in /dist/
>   that are MD5-only ; under "new policy", that is
>   frowned upon, but not forbidden.
>
>> Makoto
>
>
>   Groeten,
>
>   HPP
>
>
> ------------------------------------------------------------   _
> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>
>> 2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:
>>>
>>> On Wed, 7 Mar 2018, Yi JIN wrote:
>>>
>>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>>>> From: Yi JIN <[hidden email]>
>>>> To: [hidden email]
>>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>
>>>
>>>
>>>> The artifacts can be downloaded here:
>>>>
>>>>
>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>>>
>>>
>>>
>>>   Recently the "release policy" [1] changed ; it (now) says :
>>>
>>>     ...
>>>     * SHOULD NOT supply a MD5 checksum file
>>>     ...
>>>
>>>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>>>
>>>> Yi Jin (yjin)
>>>
>>>
>>>
>>>   Groeten,
>>>
>>>   Henk Penning -- apache.org infrastructure ; dist & mirrors
>>>
>>> ------------------------------------------------------------   _
>>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>
>>
>>
>> --
>> Makoto YUI <myui AT apache.org>
>> Research Engineer, Treasure Data, Inc.
>> http://myui.github.io/
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>



--
Makoto YUI <myui AT apache.org>
Research Engineer, Treasure Data, Inc.
http://myui.github.io/

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Yi JIN
Hi IPMC members,

I dropped MD5 checksum files from this candidate following Groeten's
comment. I'm now sure if we can continue this vote or I have to move back
to PPMC to generate another candidate.

Best,
Yi Jin (yjin)

On Wed, Mar 7, 2018 at 5:43 PM, Makoto Yui <[hidden email]> wrote:

> Groeten,
>
> Thanks for clarification.
>
> Makoto
>
> 2018-03-07 15:27 GMT+09:00 Henk P. Penning <[hidden email]>:
> > On Wed, 7 Mar 2018, Makoto Yui wrote:
> >
> >> Date: Wed, 7 Mar 2018 07:15:15 +0100
> >> From: Makoto Yui <[hidden email]>
> >> To: [hidden email]
> >> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
> >>
> >>> Recently the "release policy" [1] changed ; it (now) says :
> >>
> >>
> >> Good to know about it.
> >>
> >>> MUST supply at least one (SHA or MD5) checksum file,
> >>> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).
> >
> >
> >> This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)
> >
> >
> >   See RFC 2119 : https://www.ietf.org/rfc/rfc2119.txt
> >
> >   "MUST", "SHOULD", "SHOULD NOT" etc are technical terms.
> >   RFC 2119 explains what they mean.
> >
> >   Hint :
> >
> >     MUST   == obligation ; a strict requirement
> >     SHOULD == recommendation ;
> >
> >   Note : the policy can't say "MUST supply SHA checksum",
> >   because many projects have older releases in /dist/
> >   that are MD5-only ; under "new policy", that is
> >   frowned upon, but not forbidden.
> >
> >> Makoto
> >
> >
> >   Groeten,
> >
> >   HPP
> >
> >
> > ------------------------------------------------------------   _
> > Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> > Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> > Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> > http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
> >
> >> 2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:
> >>>
> >>> On Wed, 7 Mar 2018, Yi JIN wrote:
> >>>
> >>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
> >>>> From: Yi JIN <[hidden email]>
> >>>> To: [hidden email]
> >>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
> >>>
> >>>
> >>>
> >>>> The artifacts can be downloaded here:
> >>>>
> >>>>
> >>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
> 0-incubating.RC2/
> >>>
> >>>
> >>>
> >>>   Recently the "release policy" [1] changed ; it (now) says :
> >>>
> >>>     ...
> >>>     * SHOULD NOT supply a MD5 checksum file
> >>>     ...
> >>>
> >>>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
> >>>
> >>>> Yi Jin (yjin)
> >>>
> >>>
> >>>
> >>>   Groeten,
> >>>
> >>>   Henk Penning -- apache.org infrastructure ; dist & mirrors
> >>>
> >>> ------------------------------------------------------------   _
> >>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> >>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> >>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> >>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: [hidden email]
> >>> For additional commands, e-mail: [hidden email]
> >>>
> >>
> >>
> >>
> >> --
> >> Makoto YUI <myui AT apache.org>
> >> Research Engineer, Treasure Data, Inc.
> >> http://myui.github.io/
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]
> >> For additional commands, e-mail: [hidden email]
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
>
>
>
> --
> Makoto YUI <myui AT apache.org>
> Research Engineer, Treasure Data, Inc.
> http://myui.github.io/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Yi JIN
Hi IPMC members,

I dropped MD5 checksum files from this candidate following Groeten's
comment. I'm not sure if we can continue this vote or I have to move back
to PPMC to prepare another candidate. Thanks.

Best,
Yi Jin (yjin)


On Thu, Mar 8, 2018 at 9:41 AM, Yi JIN <[hidden email]> wrote:

> Hi IPMC members,
>
> I dropped MD5 checksum files from this candidate following Groeten's
> comment. I'm now sure if we can continue this vote or I have to move back
> to PPMC to generate another candidate.
>
> Best,
> Yi Jin (yjin)
>
> On Wed, Mar 7, 2018 at 5:43 PM, Makoto Yui <[hidden email]> wrote:
>
>> Groeten,
>>
>> Thanks for clarification.
>>
>> Makoto
>>
>> 2018-03-07 15:27 GMT+09:00 Henk P. Penning <[hidden email]>:
>> > On Wed, 7 Mar 2018, Makoto Yui wrote:
>> >
>> >> Date: Wed, 7 Mar 2018 07:15:15 +0100
>> >> From: Makoto Yui <[hidden email]>
>> >> To: [hidden email]
>> >> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>> >>
>> >>> Recently the "release policy" [1] changed ; it (now) says :
>> >>
>> >>
>> >> Good to know about it.
>> >>
>> >>> MUST supply at least one (SHA or MD5) checksum file,
>> >>> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).
>> >
>> >
>> >> This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)
>> >
>> >
>> >   See RFC 2119 : https://www.ietf.org/rfc/rfc2119.txt
>> >
>> >   "MUST", "SHOULD", "SHOULD NOT" etc are technical terms.
>> >   RFC 2119 explains what they mean.
>> >
>> >   Hint :
>> >
>> >     MUST   == obligation ; a strict requirement
>> >     SHOULD == recommendation ;
>> >
>> >   Note : the policy can't say "MUST supply SHA checksum",
>> >   because many projects have older releases in /dist/
>> >   that are MD5-only ; under "new policy", that is
>> >   frowned upon, but not forbidden.
>> >
>> >> Makoto
>> >
>> >
>> >   Groeten,
>> >
>> >   HPP
>> >
>> >
>> > ------------------------------------------------------------   _
>> > Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>> > Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>> > Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>> > http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>> >
>> >> 2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:
>> >>>
>> >>> On Wed, 7 Mar 2018, Yi JIN wrote:
>> >>>
>> >>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>> >>>> From: Yi JIN <[hidden email]>
>> >>>> To: [hidden email]
>> >>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>> >>>
>> >>>
>> >>>
>> >>>> The artifacts can be downloaded here:
>> >>>>
>> >>>>
>> >>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>> 0-incubating.RC2/
>> >>>
>> >>>
>> >>>
>> >>>   Recently the "release policy" [1] changed ; it (now) says :
>> >>>
>> >>>     ...
>> >>>     * SHOULD NOT supply a MD5 checksum file
>> >>>     ...
>> >>>
>> >>>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>> >>>
>> >>>> Yi Jin (yjin)
>> >>>
>> >>>
>> >>>
>> >>>   Groeten,
>> >>>
>> >>>   Henk Penning -- apache.org infrastructure ; dist & mirrors
>> >>>
>> >>> ------------------------------------------------------------   _
>> >>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>> >>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>> >>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>> >>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>> >>>
>> >>> ---------------------------------------------------------------------
>> >>> To unsubscribe, e-mail: [hidden email]
>> >>> For additional commands, e-mail: [hidden email]
>> >>>
>> >>
>> >>
>> >>
>> >> --
>> >> Makoto YUI <myui AT apache.org>
>> >> Research Engineer, Treasure Data, Inc.
>> >> http://myui.github.io/
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: [hidden email]
>> >> For additional commands, e-mail: [hidden email]
>> >>
>> >>
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: [hidden email]
>> > For additional commands, e-mail: [hidden email]
>> >
>>
>>
>>
>> --
>> Makoto YUI <myui AT apache.org>
>> Research Engineer, Treasure Data, Inc.
>> http://myui.github.io/
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Henk P. Penning-2
On Thu, 8 Mar 2018, Yi JIN wrote:

> Date: Thu, 8 Mar 2018 00:34:02 +0100
> From: Yi JIN <[hidden email]>
> To: [hidden email]
> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>
> Hi IPMC members,
>
> I dropped MD5 checksum files from this candidate following Groeten's
> comment. I'm not sure if we can continue this vote or I have to move back
> to PPMC to prepare another candidate. Thanks.

   just continue the vote.

> Yi Jin (yjin)

   Regards,

   Henk Penning

> On Thu, Mar 8, 2018 at 9:41 AM, Yi JIN <[hidden email]> wrote:
>
>> Hi IPMC members,
>>
>> I dropped MD5 checksum files from this candidate following Groeten's
>> comment. I'm now sure if we can continue this vote or I have to move back
>> to PPMC to generate another candidate.
>>
>> Best,
>> Yi Jin (yjin)
>>
>> On Wed, Mar 7, 2018 at 5:43 PM, Makoto Yui <[hidden email]> wrote:
>>
>>> Groeten,
>>>
>>> Thanks for clarification.
>>>
>>> Makoto
>>>
>>> 2018-03-07 15:27 GMT+09:00 Henk P. Penning <[hidden email]>:
>>>> On Wed, 7 Mar 2018, Makoto Yui wrote:
>>>>
>>>>> Date: Wed, 7 Mar 2018 07:15:15 +0100
>>>>> From: Makoto Yui <[hidden email]>
>>>>> To: [hidden email]
>>>>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>>>
>>>>>> Recently the "release policy" [1] changed ; it (now) says :
>>>>>
>>>>>
>>>>> Good to know about it.
>>>>>
>>>>>> MUST supply at least one (SHA or MD5) checksum file,
>>>>>> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).
>>>>
>>>>
>>>>> This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)
>>>>
>>>>
>>>>   See RFC 2119 : https://www.ietf.org/rfc/rfc2119.txt
>>>>
>>>>   "MUST", "SHOULD", "SHOULD NOT" etc are technical terms.
>>>>   RFC 2119 explains what they mean.
>>>>
>>>>   Hint :
>>>>
>>>>     MUST   == obligation ; a strict requirement
>>>>     SHOULD == recommendation ;
>>>>
>>>>   Note : the policy can't say "MUST supply SHA checksum",
>>>>   because many projects have older releases in /dist/
>>>>   that are MD5-only ; under "new policy", that is
>>>>   frowned upon, but not forbidden.
>>>>
>>>>> Makoto
>>>>
>>>>
>>>>   Groeten,
>>>>
>>>>   HPP
>>>>
>>>>
>>>> ------------------------------------------------------------   _
>>>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>>>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>>>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>>>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>>>
>>>>> 2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:
>>>>>>
>>>>>> On Wed, 7 Mar 2018, Yi JIN wrote:
>>>>>>
>>>>>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>>>>>>> From: Yi JIN <[hidden email]>
>>>>>>> To: [hidden email]
>>>>>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>>>>
>>>>>>
>>>>>>
>>>>>>> The artifacts can be downloaded here:
>>>>>>>
>>>>>>>
>>>>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>>> 0-incubating.RC2/
>>>>>>
>>>>>>
>>>>>>
>>>>>>   Recently the "release policy" [1] changed ; it (now) says :
>>>>>>
>>>>>>     ...
>>>>>>     * SHOULD NOT supply a MD5 checksum file
>>>>>>     ...
>>>>>>
>>>>>>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>>>>>>
>>>>>>> Yi Jin (yjin)
>>>>>>
>>>>>>
>>>>>>
>>>>>>   Groeten,
>>>>>>
>>>>>>   Henk Penning -- apache.org infrastructure ; dist & mirrors
>>>>>>
>>>>>> ------------------------------------------------------------   _
>>>>>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>>>>>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>>>>>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>>>>>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: [hidden email]
>>>>>> For additional commands, e-mail: [hidden email]
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Makoto YUI <myui AT apache.org>
>>>>> Research Engineer, Treasure Data, Inc.
>>>>> http://myui.github.io/
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: [hidden email]
>>>>> For additional commands, e-mail: [hidden email]
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>>>>
>>>
>>>
>>>
>>> --
>>> Makoto YUI <myui AT apache.org>
>>> Research Engineer, Treasure Data, Inc.
>>> http://myui.github.io/
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>>
>>
>

------------------------------------------------------------   _
Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Yi JIN
Henk,

Thank you very much!

Best,
Yi (yjin)

On Thu, Mar 8, 2018 at 12:35 PM, Henk P. Penning <[hidden email]> wrote:

> On Thu, 8 Mar 2018, Yi JIN wrote:
>
> Date: Thu, 8 Mar 2018 00:34:02 +0100
>> From: Yi JIN <[hidden email]>
>> To: [hidden email]
>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>
>> Hi IPMC members,
>>
>> I dropped MD5 checksum files from this candidate following Groeten's
>> comment. I'm not sure if we can continue this vote or I have to move back
>> to PPMC to prepare another candidate. Thanks.
>>
>
>   just continue the vote.
>
> Yi Jin (yjin)
>>
>
>   Regards,
>
>   Henk Penning
>
>
> On Thu, Mar 8, 2018 at 9:41 AM, Yi JIN <[hidden email]> wrote:
>>
>> Hi IPMC members,
>>>
>>> I dropped MD5 checksum files from this candidate following Groeten's
>>> comment. I'm now sure if we can continue this vote or I have to move back
>>> to PPMC to generate another candidate.
>>>
>>> Best,
>>> Yi Jin (yjin)
>>>
>>> On Wed, Mar 7, 2018 at 5:43 PM, Makoto Yui <[hidden email]> wrote:
>>>
>>> Groeten,
>>>>
>>>> Thanks for clarification.
>>>>
>>>> Makoto
>>>>
>>>> 2018-03-07 15:27 GMT+09:00 Henk P. Penning <[hidden email]>:
>>>>
>>>>> On Wed, 7 Mar 2018, Makoto Yui wrote:
>>>>>
>>>>> Date: Wed, 7 Mar 2018 07:15:15 +0100
>>>>>> From: Makoto Yui <[hidden email]>
>>>>>> To: [hidden email]
>>>>>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>>>>
>>>>>> Recently the "release policy" [1] changed ; it (now) says :
>>>>>>>
>>>>>>
>>>>>>
>>>>>> Good to know about it.
>>>>>>
>>>>>> MUST supply at least one (SHA or MD5) checksum file,
>>>>>>> SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).
>>>>>>>
>>>>>>
>>>>>
>>>>> This sounds confusing. Could be "MUST supply SHA checksum file(s)," (?)
>>>>>>
>>>>>
>>>>>
>>>>>   See RFC 2119 : https://www.ietf.org/rfc/rfc2119.txt
>>>>>
>>>>>   "MUST", "SHOULD", "SHOULD NOT" etc are technical terms.
>>>>>   RFC 2119 explains what they mean.
>>>>>
>>>>>   Hint :
>>>>>
>>>>>     MUST   == obligation ; a strict requirement
>>>>>     SHOULD == recommendation ;
>>>>>
>>>>>   Note : the policy can't say "MUST supply SHA checksum",
>>>>>   because many projects have older releases in /dist/
>>>>>   that are MD5-only ; under "new policy", that is
>>>>>   frowned upon, but not forbidden.
>>>>>
>>>>> Makoto
>>>>>>
>>>>>
>>>>>
>>>>>   Groeten,
>>>>>
>>>>>   HPP
>>>>>
>>>>>
>>>>> ------------------------------------------------------------   _
>>>>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>>>>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>>>>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>>>>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>>>>
>>>>> 2018-03-07 14:58 GMT+09:00 Henk P. Penning <[hidden email]>:
>>>>>>
>>>>>>>
>>>>>>> On Wed, 7 Mar 2018, Yi JIN wrote:
>>>>>>>
>>>>>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>>>>>>>> From: Yi JIN <[hidden email]>
>>>>>>>> To: [hidden email]
>>>>>>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> The artifacts can be downloaded here:
>>>>>>>>
>>>>>>>>
>>>>>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>>>>>>>>
>>>>>>> 0-incubating.RC2/
>>>>
>>>>>
>>>>>>>
>>>>>>>
>>>>>>>   Recently the "release policy" [1] changed ; it (now) says :
>>>>>>>
>>>>>>>     ...
>>>>>>>     * SHOULD NOT supply a MD5 checksum file
>>>>>>>     ...
>>>>>>>
>>>>>>>   [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>>>>>>>
>>>>>>> Yi Jin (yjin)
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>   Groeten,
>>>>>>>
>>>>>>>   Henk Penning -- apache.org infrastructure ; dist & mirrors
>>>>>>>
>>>>>>> ------------------------------------------------------------   _
>>>>>>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>>>>>>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>>>>>>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>>>>>>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>>>>>>
>>>>>>> ------------------------------------------------------------
>>>>>>> ---------
>>>>>>> To unsubscribe, e-mail: [hidden email]
>>>>>>> For additional commands, e-mail: [hidden email]
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Makoto YUI <myui AT apache.org>
>>>>>> Research Engineer, Treasure Data, Inc.
>>>>>> http://myui.github.io/
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: [hidden email]
>>>>>> For additional commands, e-mail: [hidden email]
>>>>>>
>>>>>>
>>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: [hidden email]
>>>>> For additional commands, e-mail: [hidden email]
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Makoto YUI <myui AT apache.org>
>>>> Research Engineer, Treasure Data, Inc.
>>>> http://myui.github.io/
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>>>>
>>>>
>>>>
>>>
>>
> ------------------------------------------------------------   _
> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Konstantin Boudnik-2
In reply to this post by Yi JIN
+1 [biding]

- signature check [ok]
- checksum check [ok]
- licenses check (RAT) [ok]

I haven't tried to build it because of the complexity of the build
process and multiplicity of the environment configurations. To lower
the entry barrier, I would recommend the community to think how to
wrap these steps into the build system. You can go as far as to
provide an "official" toolchain for the project. In Bigtop, we even
provide official Docker containers were people can start working with
the project in under 2 minutes and without any need for additional
error prone configuration steps.
--
  With regards,
Konstantin (Cos) Boudnik
2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622

Disclaimer: Opinions expressed in this email are those of the author,
and do not necessarily represent the views of any company the author
might be affiliated with at the moment of writing.


On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:

> Hi IPMC members,
>
> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has passed.
> So I request IPMC now to vote on this release candidate. Thank you!
>
> The release page is here:
> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-incubating+Release
>
> The PPMC vote thread is located here:
> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
>
> The artifacts can be downloaded here:
> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
> The artifacts have been signed with Key : CE60F90D1333092A
>
> All JIRAs completed for this release are tagged with 'FixVersion
> =2.3.0.0-incubating'
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12340262&styleName=Html&projectId=12318826
>
> Please vote accordingly:
> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating release
> because...
>
> The vote will run for at least 72 hours.
>
> Best regards,
> Yi Jin (yjin)

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Roman Shaposhnik
+1 (binding)

* checked sigs and checksums
* checked licenses
* checked for archive matching git tag

Thanks,
Roman.


On Mon, Mar 12, 2018 at 12:21 PM, Konstantin Boudnik <[hidden email]> wrote:

> +1 [biding]
>
> - signature check [ok]
> - checksum check [ok]
> - licenses check (RAT) [ok]
>
> I haven't tried to build it because of the complexity of the build
> process and multiplicity of the environment configurations. To lower
> the entry barrier, I would recommend the community to think how to
> wrap these steps into the build system. You can go as far as to
> provide an "official" toolchain for the project. In Bigtop, we even
> provide official Docker containers were people can start working with
> the project in under 2 minutes and without any need for additional
> error prone configuration steps.
> --
>   With regards,
> Konstantin (Cos) Boudnik
> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>
> Disclaimer: Opinions expressed in this email are those of the author,
> and do not necessarily represent the views of any company the author
> might be affiliated with at the moment of writing.
>
>
> On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:
>> Hi IPMC members,
>>
>> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has passed.
>> So I request IPMC now to vote on this release candidate. Thank you!
>>
>> The release page is here:
>> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-incubating+Release
>>
>> The PPMC vote thread is located here:
>> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
>>
>> The artifacts can be downloaded here:
>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>> The artifacts have been signed with Key : CE60F90D1333092A
>>
>> All JIRAs completed for this release are tagged with 'FixVersion
>> =2.3.0.0-incubating'
>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12340262&styleName=Html&projectId=12318826
>>
>> Please vote accordingly:
>> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
>> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating release
>> because...
>>
>> The vote will run for at least 72 hours.
>>
>> Best regards,
>> Yi Jin (yjin)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Alan Gates-3
​I can't find a KEYS file anywhere in HAWQ to check the key against.  There
is also no name associated with the key, so I'm not clear how to check the
signature.

Other than that release looks fine.​

On Mon, Mar 12, 2018 at 7:56 PM, Roman Shaposhnik <[hidden email]>
wrote:

> +1 (binding)
>
> * checked sigs and checksums
> * checked licenses
> * checked for archive matching git tag
>
> Thanks,
> Roman.
>
>
> On Mon, Mar 12, 2018 at 12:21 PM, Konstantin Boudnik <[hidden email]>
> wrote:
> > +1 [biding]
> >
> > - signature check [ok]
> > - checksum check [ok]
> > - licenses check (RAT) [ok]
> >
> > I haven't tried to build it because of the complexity of the build
> > process and multiplicity of the environment configurations. To lower
> > the entry barrier, I would recommend the community to think how to
> > wrap these steps into the build system. You can go as far as to
> > provide an "official" toolchain for the project. In Bigtop, we even
> > provide official Docker containers were people can start working with
> > the project in under 2 minutes and without any need for additional
> > error prone configuration steps.
> > --
> >   With regards,
> > Konstantin (Cos) Boudnik
> > 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
> >
> > Disclaimer: Opinions expressed in this email are those of the author,
> > and do not necessarily represent the views of any company the author
> > might be affiliated with at the moment of writing.
> >
> >
> > On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:
> >> Hi IPMC members,
> >>
> >> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has passed.
> >> So I request IPMC now to vote on this release candidate. Thank you!
> >>
> >> The release page is here:
> >> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-
> incubating+Release
> >>
> >> The PPMC vote thread is located here:
> >> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54
> 156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
> >>
> >> The artifacts can be downloaded here:
> >> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
> 0-incubating.RC2/
> >> The artifacts have been signed with Key : CE60F90D1333092A
> >>
> >> All JIRAs completed for this release are tagged with 'FixVersion
> >> =2.3.0.0-incubating'
> >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?
> version=12340262&styleName=Html&projectId=12318826
> >>
> >> Please vote accordingly:
> >> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
> >> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating
> release
> >> because...
> >>
> >> The vote will run for at least 72 hours.
> >>
> >> Best regards,
> >> Yi Jin (yjin)
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Henk P. Penning-2
On Tue, 13 Mar 2018, Alan Gates wrote:

> Date: Tue, 13 Mar 2018 18:04:08 +0100
> From: Alan Gates <[hidden email]>
> To: [hidden email]
> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>
> ​I can't find a KEYS file anywhere in HAWQ to check the key
> against.  There is also no name associated with the key, so I'm not
> clear how to check the signature.

   Actually, you don't need a KEYS file to verify a .asc :

   % gpg apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
   gpg:                using RSA key CE60F90D1333092A
   gpg: Can't check signature: No public key

   No public key ; so, fetch it :

   % gpg --keyserver pgp.surfnet.nl --recv-key CE60F90D1333092A
   gpg: requesting key CE60F90D1333092A from hkp server pgp.surfnet.nl
   gpg: key CE60F90D1333092A: public key "Yi Jin <[hidden email]>" imported
   gpg: Total number processed: 1
   gpg:               imported: 1  (RSA: 1)

   ... and --verify :

   % gpg --verify apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
   gpg:                using RSA key CE60F90D1333092A
   gpg: Good signature from "Yi Jin <[hidden email]>"
   gpg: WARNING: This key is not certified with a trusted signature!
   gpg:          There is no indication that the signature belongs to the owner.
   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333 092A

   % gpg --verify apache-hawq-rpm-2.3.0.0-incubating-rc2.tar.gz.asc
   gpg: Signature made Tue 27 Feb 2018 04:38:53 AM CET
   gpg:                using RSA key CE60F90D1333092A
   gpg: Good signature from "Yi Jin <[hidden email]>"
   gpg: WARNING: This key is not certified with a trusted signature!
   gpg:          There is no indication that the signature belongs to the owner.
   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333 092A

   Note :
   - Always use long (16-hex) key-id's, because short (8-hex)
     key-id's often point (also) to fake keys.
     In your $HOME/.gnupg/gpg.conf configure : keyid-format long
   - To check that CE60F90D1333092A is authorised to sign the artifacts,
     is another matter.

   IMHO, KEYS files serve no purpose.

   Regards,

   Henk Penning

------------------------------------------------------------   _
Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/

> On Mon, Mar 12, 2018 at 7:56 PM, Roman Shaposhnik <[hidden email]>
> wrote:
>
>> +1 (binding)
>>
>> * checked sigs and checksums
>> * checked licenses
>> * checked for archive matching git tag
>>
>> Thanks,
>> Roman.
>>
>>
>> On Mon, Mar 12, 2018 at 12:21 PM, Konstantin Boudnik <[hidden email]>
>> wrote:
>>> +1 [biding]
>>>
>>> - signature check [ok]
>>> - checksum check [ok]
>>> - licenses check (RAT) [ok]
>>>
>>> I haven't tried to build it because of the complexity of the build
>>> process and multiplicity of the environment configurations. To lower
>>> the entry barrier, I would recommend the community to think how to
>>> wrap these steps into the build system. You can go as far as to
>>> provide an "official" toolchain for the project. In Bigtop, we even
>>> provide official Docker containers were people can start working with
>>> the project in under 2 minutes and without any need for additional
>>> error prone configuration steps.
>>> --
>>>   With regards,
>>> Konstantin (Cos) Boudnik
>>> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>>>
>>> Disclaimer: Opinions expressed in this email are those of the author,
>>> and do not necessarily represent the views of any company the author
>>> might be affiliated with at the moment of writing.
>>>
>>>
>>> On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:
>>>> Hi IPMC members,
>>>>
>>>> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has passed.
>>>> So I request IPMC now to vote on this release candidate. Thank you!
>>>>
>>>> The release page is here:
>>>> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-
>> incubating+Release
>>>>
>>>> The PPMC vote thread is located here:
>>>> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54
>> 156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
>>>>
>>>> The artifacts can be downloaded here:
>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>> 0-incubating.RC2/
>>>> The artifacts have been signed with Key : CE60F90D1333092A
>>>>
>>>> All JIRAs completed for this release are tagged with 'FixVersion
>>>> =2.3.0.0-incubating'
>>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?
>> version=12340262&styleName=Html&projectId=12318826
>>>>
>>>> Please vote accordingly:
>>>> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
>>>> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating
>> release
>>>> because...
>>>>
>>>> The vote will run for at least 72 hours.
>>>>
>>>> Best regards,
>>>> Yi Jin (yjin)
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Alan Gates-3
Per https://www.apache.org/dev/release-distribution#sigs-and-sums
correctly, the KEYS file is required, hence my comment.

Alan.

On Tue, Mar 13, 2018 at 10:34 AM, Henk P. Penning <[hidden email]> wrote:

> On Tue, 13 Mar 2018, Alan Gates wrote:
>
> Date: Tue, 13 Mar 2018 18:04:08 +0100
>> From: Alan Gates <[hidden email]>
>> To: [hidden email]
>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>
>> ​I can't find a KEYS file anywhere in HAWQ to check the key
>> against.  There is also no name associated with the key, so I'm not
>> clear how to check the signature.
>>
>
>   Actually, you don't need a KEYS file to verify a .asc :
>
>   % gpg apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
>   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
>   gpg:                using RSA key CE60F90D1333092A
>   gpg: Can't check signature: No public key
>
>   No public key ; so, fetch it :
>
>   % gpg --keyserver pgp.surfnet.nl --recv-key CE60F90D1333092A
>   gpg: requesting key CE60F90D1333092A from hkp server pgp.surfnet.nl
>   gpg: key CE60F90D1333092A: public key "Yi Jin <[hidden email]>"
> imported
>   gpg: Total number processed: 1
>   gpg:               imported: 1  (RSA: 1)
>
>   ... and --verify :
>
>   % gpg --verify apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
>   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
>   gpg:                using RSA key CE60F90D1333092A
>   gpg: Good signature from "Yi Jin <[hidden email]>"
>   gpg: WARNING: This key is not certified with a trusted signature!
>   gpg:          There is no indication that the signature belongs to the
> owner.
>   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333
> 092A
>
>   % gpg --verify apache-hawq-rpm-2.3.0.0-incubating-rc2.tar.gz.asc
>   gpg: Signature made Tue 27 Feb 2018 04:38:53 AM CET
>   gpg:                using RSA key CE60F90D1333092A
>   gpg: Good signature from "Yi Jin <[hidden email]>"
>   gpg: WARNING: This key is not certified with a trusted signature!
>   gpg:          There is no indication that the signature belongs to the
> owner.
>   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333
> 092A
>
>   Note :
>   - Always use long (16-hex) key-id's, because short (8-hex)
>     key-id's often point (also) to fake keys.
>     In your $HOME/.gnupg/gpg.conf configure : keyid-format long
>   - To check that CE60F90D1333092A is authorised to sign the artifacts,
>     is another matter.
>
>   IMHO, KEYS files serve no purpose.
>
>   Regards,
>
>   Henk Penning
>
> ------------------------------------------------------------   _
> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>
> On Mon, Mar 12, 2018 at 7:56 PM, Roman Shaposhnik <[hidden email]>
>> wrote:
>>
>> +1 (binding)
>>>
>>> * checked sigs and checksums
>>> * checked licenses
>>> * checked for archive matching git tag
>>>
>>> Thanks,
>>> Roman.
>>>
>>>
>>> On Mon, Mar 12, 2018 at 12:21 PM, Konstantin Boudnik <[hidden email]>
>>> wrote:
>>>
>>>> +1 [biding]
>>>>
>>>> - signature check [ok]
>>>> - checksum check [ok]
>>>> - licenses check (RAT) [ok]
>>>>
>>>> I haven't tried to build it because of the complexity of the build
>>>> process and multiplicity of the environment configurations. To lower
>>>> the entry barrier, I would recommend the community to think how to
>>>> wrap these steps into the build system. You can go as far as to
>>>> provide an "official" toolchain for the project. In Bigtop, we even
>>>> provide official Docker containers were people can start working with
>>>> the project in under 2 minutes and without any need for additional
>>>> error prone configuration steps.
>>>> --
>>>>   With regards,
>>>> Konstantin (Cos) Boudnik
>>>> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>>>>
>>>> Disclaimer: Opinions expressed in this email are those of the author,
>>>> and do not necessarily represent the views of any company the author
>>>> might be affiliated with at the moment of writing.
>>>>
>>>>
>>>> On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:
>>>>
>>>>> Hi IPMC members,
>>>>>
>>>>> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has
>>>>> passed.
>>>>> So I request IPMC now to vote on this release candidate. Thank you!
>>>>>
>>>>> The release page is here:
>>>>> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-
>>>>>
>>>> incubating+Release
>>>
>>>>
>>>>> The PPMC vote thread is located here:
>>>>> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54
>>>>>
>>>> 156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
>>>
>>>>
>>>>> The artifacts can be downloaded here:
>>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>>>>>
>>>> 0-incubating.RC2/
>>>
>>>> The artifacts have been signed with Key : CE60F90D1333092A
>>>>>
>>>>> All JIRAs completed for this release are tagged with 'FixVersion
>>>>> =2.3.0.0-incubating'
>>>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?
>>>>>
>>>> version=12340262&styleName=Html&projectId=12318826
>>>
>>>>
>>>>> Please vote accordingly:
>>>>> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
>>>>> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating
>>>>>
>>>> release
>>>
>>>> because...
>>>>>
>>>>> The vote will run for at least 72 hours.
>>>>>
>>>>> Best regards,
>>>>> Yi Jin (yjin)
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>>
>>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Alan Gates-3
Henk kindly pointed me to the KEYS file that I had missed, thank you.

So, +1.  I checked the signatures, the LICENSE, NOTICE, and DISCLAIMER
files.

Alan.

On Tue, Mar 13, 2018 at 10:42 AM, Alan Gates <[hidden email]> wrote:

> Per https://www.apache.org/dev/release-distribution#sigs-and-sums
> correctly, the KEYS file is required, hence my comment.
>
> Alan.
>
> On Tue, Mar 13, 2018 at 10:34 AM, Henk P. Penning <[hidden email]> wrote:
>
>> On Tue, 13 Mar 2018, Alan Gates wrote:
>>
>> Date: Tue, 13 Mar 2018 18:04:08 +0100
>>> From: Alan Gates <[hidden email]>
>>> To: [hidden email]
>>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>
>>> ​I can't find a KEYS file anywhere in HAWQ to check the key
>>> against.  There is also no name associated with the key, so I'm not
>>> clear how to check the signature.
>>>
>>
>>   Actually, you don't need a KEYS file to verify a .asc :
>>
>>   % gpg apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
>>   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
>>   gpg:                using RSA key CE60F90D1333092A
>>   gpg: Can't check signature: No public key
>>
>>   No public key ; so, fetch it :
>>
>>   % gpg --keyserver pgp.surfnet.nl --recv-key CE60F90D1333092A
>>   gpg: requesting key CE60F90D1333092A from hkp server pgp.surfnet.nl
>>   gpg: key CE60F90D1333092A: public key "Yi Jin <[hidden email]>"
>> imported
>>   gpg: Total number processed: 1
>>   gpg:               imported: 1  (RSA: 1)
>>
>>   ... and --verify :
>>
>>   % gpg --verify apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
>>   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
>>   gpg:                using RSA key CE60F90D1333092A
>>   gpg: Good signature from "Yi Jin <[hidden email]>"
>>   gpg: WARNING: This key is not certified with a trusted signature!
>>   gpg:          There is no indication that the signature belongs to the
>> owner.
>>   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333
>> 092A
>>
>>   % gpg --verify apache-hawq-rpm-2.3.0.0-incubating-rc2.tar.gz.asc
>>   gpg: Signature made Tue 27 Feb 2018 04:38:53 AM CET
>>   gpg:                using RSA key CE60F90D1333092A
>>   gpg: Good signature from "Yi Jin <[hidden email]>"
>>   gpg: WARNING: This key is not certified with a trusted signature!
>>   gpg:          There is no indication that the signature belongs to the
>> owner.
>>   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333
>> 092A
>>
>>   Note :
>>   - Always use long (16-hex) key-id's, because short (8-hex)
>>     key-id's often point (also) to fake keys.
>>     In your $HOME/.gnupg/gpg.conf configure : keyid-format long
>>   - To check that CE60F90D1333092A is authorised to sign the artifacts,
>>     is another matter.
>>
>>   IMHO, KEYS files serve no purpose.
>>
>>   Regards,
>>
>>   Henk Penning
>>
>> ------------------------------------------------------------   _
>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>
>> On Mon, Mar 12, 2018 at 7:56 PM, Roman Shaposhnik <[hidden email]>
>>> wrote:
>>>
>>> +1 (binding)
>>>>
>>>> * checked sigs and checksums
>>>> * checked licenses
>>>> * checked for archive matching git tag
>>>>
>>>> Thanks,
>>>> Roman.
>>>>
>>>>
>>>> On Mon, Mar 12, 2018 at 12:21 PM, Konstantin Boudnik <[hidden email]>
>>>> wrote:
>>>>
>>>>> +1 [biding]
>>>>>
>>>>> - signature check [ok]
>>>>> - checksum check [ok]
>>>>> - licenses check (RAT) [ok]
>>>>>
>>>>> I haven't tried to build it because of the complexity of the build
>>>>> process and multiplicity of the environment configurations. To lower
>>>>> the entry barrier, I would recommend the community to think how to
>>>>> wrap these steps into the build system. You can go as far as to
>>>>> provide an "official" toolchain for the project. In Bigtop, we even
>>>>> provide official Docker containers were people can start working with
>>>>> the project in under 2 minutes and without any need for additional
>>>>> error prone configuration steps.
>>>>> --
>>>>>   With regards,
>>>>> Konstantin (Cos) Boudnik
>>>>> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>>>>>
>>>>> Disclaimer: Opinions expressed in this email are those of the author,
>>>>> and do not necessarily represent the views of any company the author
>>>>> might be affiliated with at the moment of writing.
>>>>>
>>>>>
>>>>> On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:
>>>>>
>>>>>> Hi IPMC members,
>>>>>>
>>>>>> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has
>>>>>> passed.
>>>>>> So I request IPMC now to vote on this release candidate. Thank you!
>>>>>>
>>>>>> The release page is here:
>>>>>> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-
>>>>>>
>>>>> incubating+Release
>>>>
>>>>>
>>>>>> The PPMC vote thread is located here:
>>>>>> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54
>>>>>>
>>>>> 156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
>>>>
>>>>>
>>>>>> The artifacts can be downloaded here:
>>>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>>>>>>
>>>>> 0-incubating.RC2/
>>>>
>>>>> The artifacts have been signed with Key : CE60F90D1333092A
>>>>>>
>>>>>> All JIRAs completed for this release are tagged with 'FixVersion
>>>>>> =2.3.0.0-incubating'
>>>>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?
>>>>>>
>>>>> version=12340262&styleName=Html&projectId=12318826
>>>>
>>>>>
>>>>>> Please vote accordingly:
>>>>>> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
>>>>>> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating
>>>>>>
>>>>> release
>>>>
>>>>> because...
>>>>>>
>>>>>> The vote will run for at least 72 hours.
>>>>>>
>>>>>> Best regards,
>>>>>> Yi Jin (yjin)
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: [hidden email]
>>>>> For additional commands, e-mail: [hidden email]
>>>>>
>>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>>>>
>>>>
>>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

sebb-2-2
In reply to this post by Henk P. Penning-2
On 13 March 2018 at 17:34, Henk P. Penning <[hidden email]> wrote:

> On Tue, 13 Mar 2018, Alan Gates wrote:
>
>> Date: Tue, 13 Mar 2018 18:04:08 +0100
>> From: Alan Gates <[hidden email]>
>> To: [hidden email]
>> Subject: Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>
>> I can't find a KEYS file anywhere in HAWQ to check the key
>> against.  There is also no name associated with the key, so I'm not
>> clear how to check the signature.
>
>
>   Actually, you don't need a KEYS file to verify a .asc :
>
>   % gpg apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
>   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
>   gpg:                using RSA key CE60F90D1333092A
>   gpg: Can't check signature: No public key
>
>   No public key ; so, fetch it :
>
>   % gpg --keyserver pgp.surfnet.nl --recv-key CE60F90D1333092A
>   gpg: requesting key CE60F90D1333092A from hkp server pgp.surfnet.nl
>   gpg: key CE60F90D1333092A: public key "Yi Jin <[hidden email]>" imported
>   gpg: Total number processed: 1
>   gpg:               imported: 1  (RSA: 1)
>
>   ... and --verify :
>
>   % gpg --verify apache-hawq-src-2.3.0.0-incubating.tar.gz.asc
>   gpg: Signature made Tue 27 Feb 2018 04:35:17 AM CET
>   gpg:                using RSA key CE60F90D1333092A
>   gpg: Good signature from "Yi Jin <[hidden email]>"
>   gpg: WARNING: This key is not certified with a trusted signature!
>   gpg:          There is no indication that the signature belongs to the
> owner.
>   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333
> 092A
>
>   % gpg --verify apache-hawq-rpm-2.3.0.0-incubating-rc2.tar.gz.asc
>   gpg: Signature made Tue 27 Feb 2018 04:38:53 AM CET
>   gpg:                using RSA key CE60F90D1333092A
>   gpg: Good signature from "Yi Jin <[hidden email]>"
>   gpg: WARNING: This key is not certified with a trusted signature!
>   gpg:          There is no indication that the signature belongs to the
> owner.
>   Primary key fingerprint: 41B0 0770 75DF DAFC F809  9A91 CE60 F90D 1333
> 092A
>
>   Note :
>   - Always use long (16-hex) key-id's, because short (8-hex)
>     key-id's often point (also) to fake keys.
>     In your $HOME/.gnupg/gpg.conf configure : keyid-format long
>   - To check that CE60F90D1333092A is authorised to sign the artifacts,
>     is another matter.
>
>   IMHO, KEYS files serve no purpose.

Since that disagrees with the long-establishe policy, changes need to
be agreed with the policy holder before they can be promoted.

Also, I think the KEYS file does serve a purpose:
- anyone can upload a key to a key-server, but changes to the KEYS
file can only be done by a committer/PMC member.
- the KEYS file is automatically stored with the archived releases and
so acts as an archive of historic keys.

>   Regards,
>
>   Henk Penning
>
> ------------------------------------------------------------   _
> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>
>> On Mon, Mar 12, 2018 at 7:56 PM, Roman Shaposhnik <[hidden email]>
>> wrote:
>>
>>> +1 (binding)
>>>
>>> * checked sigs and checksums
>>> * checked licenses
>>> * checked for archive matching git tag
>>>
>>> Thanks,
>>> Roman.
>>>
>>>
>>> On Mon, Mar 12, 2018 at 12:21 PM, Konstantin Boudnik <[hidden email]>
>>> wrote:
>>>>
>>>> +1 [biding]
>>>>
>>>> - signature check [ok]
>>>> - checksum check [ok]
>>>> - licenses check (RAT) [ok]
>>>>
>>>> I haven't tried to build it because of the complexity of the build
>>>> process and multiplicity of the environment configurations. To lower
>>>> the entry barrier, I would recommend the community to think how to
>>>> wrap these steps into the build system. You can go as far as to
>>>> provide an "official" toolchain for the project. In Bigtop, we even
>>>> provide official Docker containers were people can start working with
>>>> the project in under 2 minutes and without any need for additional
>>>> error prone configuration steps.
>>>> --
>>>>   With regards,
>>>> Konstantin (Cos) Boudnik
>>>> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>>>>
>>>> Disclaimer: Opinions expressed in this email are those of the author,
>>>> and do not necessarily represent the views of any company the author
>>>> might be affiliated with at the moment of writing.
>>>>
>>>>
>>>> On Tue, Mar 6, 2018 at 6:56 PM, Yi JIN <[hidden email]> wrote:
>>>>>
>>>>> Hi IPMC members,
>>>>>
>>>>> The PPMC vote for the Apache HAWQ 2.3.0.0-incubating release has
>>>>> passed.
>>>>> So I request IPMC now to vote on this release candidate. Thank you!
>>>>>
>>>>> The release page is here:
>>>>> https://cwiki.apache.org/confluence/display/HAWQ/Apache+HAWQ+2.3.0.0-
>>>
>>> incubating+Release
>>>>>
>>>>>
>>>>> The PPMC vote thread is located here:
>>>>> https://lists.apache.org/thread.html/fa5b41cd7461bd729146e10d8f7a54
>>>
>>> 156c818f93e5a1160c42e76c79@%3Cdev.hawq.apache.org%3E
>>>>>
>>>>>
>>>>> The artifacts can be downloaded here:
>>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
>>>
>>> 0-incubating.RC2/
>>>>>
>>>>> The artifacts have been signed with Key : CE60F90D1333092A
>>>>>
>>>>> All JIRAs completed for this release are tagged with 'FixVersion
>>>>> =2.3.0.0-incubating'
>>>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?
>>>
>>> version=12340262&styleName=Html&projectId=12318826
>>>>>
>>>>>
>>>>> Please vote accordingly:
>>>>> [ ] +1, accept as the official Apache HAWQ 2.3.0.0-incubating release
>>>>> [ ] -1, do not accept as the official Apache HAWQ 2.3.0.0-incubating
>>>
>>> release
>>>>>
>>>>> because...
>>>>>
>>>>> The vote will run for at least 72 hours.
>>>>>
>>>>> Best regards,
>>>>> Yi Jin (yjin)
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Julian Hyde-3
In reply to this post by Henk P. Penning-2
The guidance at https://www.apache.org/dev/release-signing.html#basic-facts <https://www.apache.org/dev/release-signing.html#basic-facts> is inconsistent with https://www.apache.org/dev/release-distribution#sigs-and-sums <https://www.apache.org/dev/release-distribution#sigs-and-sums>. The former says "Every artifact distributed by the Apache Software Foundation must be accompanied by a file … containing an MD5 checksum.”. Can someone please fix the former to be consistent with the latter.


> On Mar 6, 2018, at 9:58 PM, Henk P. Penning <[hidden email]> wrote:
>
> On Wed, 7 Mar 2018, Yi JIN wrote:
>
>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>> From: Yi JIN <[hidden email]>
>> To: [hidden email]
>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>
>> The artifacts can be downloaded here:
>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>
>  Recently the "release policy" [1] changed ; it (now) says :
>
>    ...
>    * SHOULD NOT supply a MD5 checksum file
>    ...
>
>  [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>
>> Yi Jin (yjin)
>
>  Groeten,
>
>  Henk Penning -- apache.org infrastructure ; dist & mirrors
>
> ------------------------------------------------------------   _
> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

sebb-2-2
On 14 March 2018 at 19:11, Julian Hyde <[hidden email]> wrote:
> The guidance at https://www.apache.org/dev/release-signing.html#basic-facts <https://www.apache.org/dev/release-signing.html#basic-facts> is inconsistent with https://www.apache.org/dev/release-distribution#sigs-and-sums <https://www.apache.org/dev/release-distribution#sigs-and-sums>. The former says "Every artifact distributed by the Apache Software Foundation must be accompanied by a file … containing an MD5 checksum.”. Can someone please fix the former to be consistent with the latter.

Done; please check it makes sense now.

>
>> On Mar 6, 2018, at 9:58 PM, Henk P. Penning <[hidden email]> wrote:
>>
>> On Wed, 7 Mar 2018, Yi JIN wrote:
>>
>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>>> From: Yi JIN <[hidden email]>
>>> To: [hidden email]
>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>
>>> The artifacts can be downloaded here:
>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>>
>>  Recently the "release policy" [1] changed ; it (now) says :
>>
>>    ...
>>    * SHOULD NOT supply a MD5 checksum file
>>    ...
>>
>>  [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>>
>>> Yi Jin (yjin)
>>
>>  Groeten,
>>
>>  Henk Penning -- apache.org infrastructure ; dist & mirrors
>>
>> ------------------------------------------------------------   _
>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Yi JIN
Hi IPMC members,

Thank you so much for thoroughly verifying and discussing this release
candidate and vote in time. The vote result will be presented in another
mail. I will go back as well to check our release steps on Wiki to merge
the discussed issues to make coming future releases smoother. Thank you
again!

Best,
Yi (yjin)

On Thu, Mar 15, 2018 at 12:15 PM, sebb <[hidden email]> wrote:

> On 14 March 2018 at 19:11, Julian Hyde <[hidden email]> wrote:
> > The guidance at https://www.apache.org/dev/release-signing.html#basic-
> facts <https://www.apache.org/dev/release-signing.html#basic-facts> is
> inconsistent with https://www.apache.org/dev/
> release-distribution#sigs-and-sums <https://www.apache.org/dev/
> release-distribution#sigs-and-sums>. The former says "Every artifact
> distributed by the Apache Software Foundation must be accompanied by a file
> … containing an MD5 checksum.”. Can someone please fix the former to be
> consistent with the latter.
>
> Done; please check it makes sense now.
>
> >
> >> On Mar 6, 2018, at 9:58 PM, Henk P. Penning <[hidden email]> wrote:
> >>
> >> On Wed, 7 Mar 2018, Yi JIN wrote:
> >>
> >>> Date: Wed, 7 Mar 2018 03:56:54 +0100
> >>> From: Yi JIN <[hidden email]>
> >>> To: [hidden email]
> >>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
> >>
> >>> The artifacts can be downloaded here:
> >>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.
> 0-incubating.RC2/
> >>
> >>  Recently the "release policy" [1] changed ; it (now) says :
> >>
> >>    ...
> >>    * SHOULD NOT supply a MD5 checksum file
> >>    ...
> >>
> >>  [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
> >>
> >>> Yi Jin (yjin)
> >>
> >>  Groeten,
> >>
> >>  Henk Penning -- apache.org infrastructure ; dist & mirrors
> >>
> >> ------------------------------------------------------------   _
> >> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
> >> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
> >> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
> >> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]
> >> For additional commands, e-mail: [hidden email]
> >>
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release

Julian Hyde-3
In reply to this post by sebb-2-2
Yes, https://www.apache.org/dev/release-signing.html#basic-facts <https://www.apache.org/dev/release-signing.html#basic-facts> now makes sense. Thanks for updating it, sebb.

> On Mar 14, 2018, at 6:15 PM, sebb <[hidden email]> wrote:
>
> On 14 March 2018 at 19:11, Julian Hyde <[hidden email]> wrote:
>> The guidance at https://www.apache.org/dev/release-signing.html#basic-facts <https://www.apache.org/dev/release-signing.html#basic-facts> is inconsistent with https://www.apache.org/dev/release-distribution#sigs-and-sums <https://www.apache.org/dev/release-distribution#sigs-and-sums>. The former says "Every artifact distributed by the Apache Software Foundation must be accompanied by a file … containing an MD5 checksum.”. Can someone please fix the former to be consistent with the latter.
>
> Done; please check it makes sense now.
>
>>
>>> On Mar 6, 2018, at 9:58 PM, Henk P. Penning <[hidden email]> wrote:
>>>
>>> On Wed, 7 Mar 2018, Yi JIN wrote:
>>>
>>>> Date: Wed, 7 Mar 2018 03:56:54 +0100
>>>> From: Yi JIN <[hidden email]>
>>>> To: [hidden email]
>>>> Subject: [VOTE]: Apache HAWQ 2.3.0.0-incubating Release
>>>
>>>> The artifacts can be downloaded here:
>>>> https://dist.apache.org/repos/dist/dev/incubator/hawq/2.3.0.0-incubating.RC2/
>>>
>>> Recently the "release policy" [1] changed ; it (now) says :
>>>
>>>   ...
>>>   * SHOULD NOT supply a MD5 checksum file
>>>   ...
>>>
>>> [1] https://www.apache.org/dev/release-distribution#sigs-and-sums
>>>
>>>> Yi Jin (yjin)
>>>
>>> Groeten,
>>>
>>> Henk Penning -- apache.org infrastructure ; dist & mirrors
>>>
>>> ------------------------------------------------------------   _
>>> Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
>>> Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
>>> Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
>>> http://www.staff.science.uu.nl/~penni101/ M [hidden email]     \_/
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [hidden email]
>>> For additional commands, e-mail: [hidden email]
>>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>