apex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vlad Rozov <vro...@apache.org>
Subject Re: Malhar release 3.8.0
Date Wed, 01 Nov 2017 20:01:51 GMT
I don't think that we can use VersionEye maven plugin as it requires JDK 
1.8 at the build time. The other plugin looks promising. I don't have 
experience working with it either, can you try and submit a PR if it 
provides the required functionality.

Thank you,

Vlad

On 11/1/17 12:34, Ananth G wrote:
> I was wondering if we can consider a maven plugin or some other approach in an automated
way that might help us get to avoiding the current situation we have with respect to Category
X license..
>
>
> What are our thoughts on :
>
> - Integrating with a VersionEye OR  equivalent stack wherein we use a version eye maven
plugin to check for whitelisted / blacklisted licenses maintained in a version eye server
> - If answer is yes,  is there an ASF server that we can use for our builds ?
> - There seems to be a maven plugin that might do this but I have not used it before.
Does anyone have any opinion on https://github.com/mrice/license-check <https://github.com/mrice/license-check>
?
>
> Also what is our policy for undeclared licenses in the dependencies ? There is the license-maven-plugin
from codehaus that lists these as “THIRD-PARTY” dependencies and can generate a report
( but cannot be used to break a build if a category x license is introduced as a PR )
>
>
> Regards,
> Ananth
>
>
>> On 2 Nov 2017, at 6:10 am, Vlad Rozov <vrozov@apache.org> wrote:
>>
>> It does not matter whether sql (and demos) is part of the main profile or not. It
is a source release, not a binary release and source includes all profiles.
>>
>> Thank you,
>>
>> Vlad
>>
>> On 11/1/17 11:50, Pramod Immaneni wrote:
>>> Vlad can you add this command to the release instructions and the committer
>>> guidelines. If we are unable to address this for this release, we can
>>> consider moving examples to all-modules, sql is already not in the main
>>> profile.
>>>
>>> On Mon, Oct 30, 2017 at 7:23 PM, Vlad Rozov <vrozov@apache.org> wrote:
>>>
>>>> The following command may help to identify dependencies:
>>>>
>>>> find . -name DEPENDENCIES -print | xargs grep -n License: | grep -vE
>>>> "Apache|CDDL|MIT|BSD|ASF|Public Domain|Eclipse Public License|Mozilla
>>>> Public|Common Public|apache.org"
>>>>
>>>> Thank you,
>>>>
>>>> Vlad
>>>>
>>>> On 10/28/17 20:19, Ananth G wrote:
>>>>
>>>>> Before we proceed with the release, could I please get some thoughts
on
>>>>> the following JIRAs that need resolution. If we can move some of these
out
>>>>> of 3.8.0 to the next release , then I can proceed with the release
>>>>> instructions.
>>>>>
>>>>> There are two JIRAs that are marked 3.8.0 and not yet resolved:
>>>>>
>>>>> - https://issues.apache.org/jira/browse/APEXMALHAR-2461 <
>>>>> https://issues.apache.org/jira/browse/APEXMALHAR-2461> (This is the
one
>>>>> that Vlad raised below about Category X dependencies )
>>>>> - https://issues.apache.org/jira/browse/APEXMALHAR-2498 <
>>>>> https://issues.apache.org/jira/browse/APEXMALHAR-2498> (Kafka Tests
>>>>> being flaky )
>>>>>
>>>>> The following is marked as “In progress”
>>>>> - https://issues.apache.org/jira/browse/APEXMALHAR-2462 <
>>>>> https://issues.apache.org/jira/browse/APEXMALHAR-2462> : This I believe
>>>>> was kept in progress by Thomas for some follow up tasks and hence I believe
>>>>> we can move it to post 3.8.0 release ?
>>>>>
>>>>>
>>>>> @Vlad: Regarding APEXMALHAR-2461, How are you generating the license
>>>>> reports ? I have tried using license-maven-plugin ( from codehaus ) and
it
>>>>> does generate a report but there is nothing which provides a report based
>>>>> on the violations ( and hence being forced to open each project under
>>>>> examples and comparing it with the licenses list from the allowed licenses
>>>>> link that you provided in the mailing list a few days back). Is there
a
>>>>> more optimal way to see the current list of violations in a concise way
?
>>>>>
>>>>> Regards,
>>>>> Ananth
>>>>>
>>>>> On 27 Oct 2017, at 5:53 am, Tushar Gosavi <tushar@datatorrent.com>
wrote:
>>>>>> Hi Vlad,
>>>>>>
>>>>>> As far as I remember, I had access to staging maven area while doing
>>>>>> previous apex release. You will need to update .m2/settings.xml with
>>>>>> apache
>>>>>> credential to access the maven repository.
>>>>>>
>>>>>> Regards,
>>>>>> -Tushar.
>>>>>>
>>>>>>
>>>>>> On Thu, Oct 26, 2017 at 11:02 PM, Vlad Rozov <vrozov@apache.org>
wrote:
>>>>>>
>>>>>> Please send your PGP public key to one of PMC members to be added
to
>>>>>>> KEYS.
>>>>>>> I don't remember if only PMC have access to staging Apache maven,
it
>>>>>>> may be
>>>>>>> the case. Tushar, did you have write access to the staging Apache
maven
>>>>>>> when you did the release?
>>>>>>>
>>>>>>> What do we do with https://issues.apache.org/jira
>>>>>>> /browse/APEXMALHAR-2461?
>>>>>>>
>>>>>>> Thank you,
>>>>>>>
>>>>>>> Vlad
>>>>>>>
>>>>>>>
>>>>>>> On 10/25/17 15:28, Ananth G wrote:
>>>>>>>
>>>>>>> I would like to volunteer to be the release manager for this.
Given I
>>>>>>>> have not done this before I might have a few questions along
the way
>>>>>>>> in the
>>>>>>>> mailing list.
>>>>>>>>
>>>>>>>> A couple of questions regarding the release process:
>>>>>>>>
>>>>>>>> - In the link https://apex.apache.org/release.html , in the
section
>>>>>>>> titled “Build and deploy release candidate” there is
a mention of
>>>>>>>> adding
>>>>>>>> GPG keys.
>>>>>>>>           - Is it mandatory for the release manager gpg public
key to be
>>>>>>>> present in the list
>>>>>>>>           - If it is how do I get my key added to that list
>>>>>>>> - In the same section of the above link there is a mention
of
>>>>>>>> configuring
>>>>>>>> the server apache.staging.https in the maven settings file.
>>>>>>>>           - I am not able to reach this server ? Is this
expected?
>>>>>>>>           - The userid and password to be configured are
our committer
>>>>>>>> ids
>>>>>>>> ?
>>>>>>>>
>>>>>>>> Regards
>>>>>>>> Ananth
>>>>>>>>
>>>>>>>> On 26 Oct 2017, at 4:04 am, Ananth G <ananthg.apex@gmail.com>
wrote:
>>>>>>>>
>>>>>>>>> +1 for malhar release.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Ananth
>>>>>>>>>
>>>>>>>>> On 26 Oct 2017, at 3:20 am, Bhupesh Chawda <bhupesh@datatorrent.com>
>>>>>>>>>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> +1 for malhar release
>>>>>>>>>>
>>>>>>>>>> ~ Bhupesh
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________________
>>>>>>>>>>
>>>>>>>>>> Bhupesh Chawda
>>>>>>>>>>
>>>>>>>>>> E: bhupesh@datatorrent.com | Twitter: @bhupeshsc
>>>>>>>>>>
>>>>>>>>>> www.datatorrent.com  |  apex.apache.org
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, Oct 25, 2017 at 9:37 PM, Chinmay Kolhatkar
<
>>>>>>>>>> chinmay@datatorrent.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> +1.
>>>>>>>>>>
>>>>>>>>>>> - Chinmay.
>>>>>>>>>>>
>>>>>>>>>>> On 25 Oct 2017 9:20 pm, "Chaitanya Chebolu" <
>>>>>>>>>>> chaitanya@datatorrent.com
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> +1 on new release.
>>>>>>>>>>>
>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Oct 25, 2017 at 9:09 PM, Vlad Rozov
<vrozov@apache.org>
>>>>>>>>>>>>
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> +1.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thank you,
>>>>>>>>>>>>>
>>>>>>>>>>>>> Vlad
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On 10/25/17 08:21, Amol Kekre wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> +1 on a new malhar release.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thks,
>>>>>>>>>>>>>> Amol
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> E:amol@datatorrent.com | M: 510-449-2606
| Twitter:
>>>>>>>>>>>>>> @*amolhkekre*
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> www.datatorrent.com
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Tue, Oct 24, 2017 at 9:12 PM,
Tushar Gosavi <
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> tushar@datatorrent.com>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> +1 on creating a new malhar release.
>>>>>>>>>>>>>> - Tushar.
>>>>>>>>>>>>>>> On Wed, Oct 25, 2017 at 4:39
AM, Pramod Immaneni <
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> pramod@datatorrent.com
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> +1 on creating a new release. I,
unfortunately, do not have the
>>>>>>>>>>>>>>> time
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> currently to participate in the
release activities.
>>>>>>>>>>>>>>>> On Mon, Oct 23, 2017 at 7:15
PM, Thomas Weise <thw@apache.org>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>> The last release was back in March,
there are quite a few JIRAs
>>>>>>>>>>>> that
>>>>>>>>>>>>
>>>>>>>>>>>>> have
>>>>>>>>>>>>>>>> been completed since and
should be released.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> https://issues.apache.org/jira/issues/?jql=fixVersion%
>>>>>>>>>>>>>>>>> 20%3D%203.8.0%20AND%20project%20%3D%20APEXMALHAR%20ORDER%
>>>>>>>>>>>>>>>>> 20BY%20status%20ASC
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>   From looking at the
list there is nothing that should stand
>>>>>>>>>>>>>>>>> in
>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> way
>>>>>>>>>>>>>>> of a
>>>>>>>>>>>>>> release?
>>>>>>>>>>>>>>>>> Also, once the release
is out it would be a good opportunity
>>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> effect
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> major version change.
>>>>>>>>>>>>>>>>> Anyone interested to
be the release manager?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>> Thomas
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>> *Chaitanya*
>>>>>>>>>>>>
>>>>>>>>>>>> Software Engineer
>>>>>>>>>>>>
>>>>>>>>>>>> E: chaitanya@datatorrent.com | Twitter: @chaithu1403
>>>>>>>>>>>>
>>>>>>>>>>>> www.datatorrent.com  |  apex.apache.org
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>


Mime
View raw message