incubator-etch-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niclas Hedhman <nic...@hedhman.org>
Subject Re: Release 1.0.2 Final Checklist
Date Mon, 02 Feb 2009 15:49:57 GMT
On Mon, Feb 2, 2009 at 3:56 PM, James Dixson <dixson3@gmail.com> wrote:

>  1. Generate final binary/source images (should happen today)

Apache is all about Open Source, so the source distro is actually more
important than the binaries, from a legal point of view. Any artifact
being generated, need to have LICENSE and NOTICE files in them.

>  2. Sign the images... easy enough, but what key should I use, or if I
> use one of my keys, is there a standard place folks make their public
> keys available?

Well, many public PGP servers are used, such as pgp.mit.edu. More
importantly, they should also be stored in a KEYS file in the root of
the project.

>  3. Take a vote in etch-dev

Correct.

>  4. Take a vote in incubator-dev

If you mean general@incubator.apache.org - Correct. Typically,
announce on general@incubator.apache.org that there will be a vote
started on etch-dev a day in advance, so people can jump in if they
feel like it.

>  5. Publish the images... Q: where should/can the binaries be posted?

Yes, before the vote of course. Most people upload to their account on
people.apache.org. If you create a public_html folder, it will show up
as http://people.apache.org/~niclas

> Am I missing anything?

Yes, there is a tool called RAT. It will analyze the files from a
legal perspective and report any potential issues. The incubator PMC
members are typically keen on seeing its output.
http://incubator.apache.org/rat/
So, upload the rat output to people.apache.org as well.


Cheers
Niclas
-- 
http://www.qi4j.org - New Energy for Java

Mime
View raw message