incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Nalley <>
Subject Re: [VOTE] helix-0.6.2-incubating
Date Mon, 25 Nov 2013 00:09:11 GMT
On Sat, Nov 23, 2013 at 8:51 PM, Kanak Biscuitwala <> wrote:
>> Date: Sun, 24 Nov 2013 00:53:13 +0000
>> Subject: Re: [VOTE] helix-0.6.2-incubating
>> From:
>> To:
>> On 23 November 2013 23:47, Kanak Biscuitwala <> wrote:
>>> Oh, interesting. I believe it generates this automatically with the license-maven-plugin
in the build/package stage. In that case, is this an acceptable solution, or is an explicit
NOTICE file still required?
>> Every ASF distribution must have LICENSE and NOTICE files (and
>> DISCLAIMER for podlings)
>> This includes releases and SCM.
> Given this requirement, which of the following is the correct course of action?
> 1. Update master with a NOTICE file which is a copy of the generated NOTICE file (it
looks correct) and take no further action with the releases since the released packages contain
NOTICE files.
> 2. Update master and both tags with NOTICE files. Take no further action since the distributed
packages have 1:1 correspondence with all files in source control.
> 3. Update master and both tags with NOTICE files, skip the vote, and just update the
already-pushed packages.
> 4. Update master and both tags with NOTICE files, go through the entire voting process
again, re-release.
> Really what I want to get out of all this is what is required to bring current and future
Helix releases to full compliance with ASF standards.

You really should be asking this of your mentors. But you asked
general@, so I'll wade in - IMO the release doesn't comply with
policy, but what's done tis done; you can't unrelease it now that it's
published. If I were in your shoes I'd probably publish a new version
that is in compliance.

(and incidentally you don't seem to be moving older versions (0.6.0,
0.6.1, etc) to the archive when promoting a new release. - see for more)

>> The NOTICE file must not contain any unnecessary content - in
>> particular it must only contain references to bits that are actually
>> included in the distribution. I'm not sure whether the plugin handles
>> this properly yet (early versions were not good in this regard).
> It seems to do it correctly. The top level project is just the website for this project,
which has no dependencies other than ASF projects, and this is reflected in the generated
NOTICE file. Or does the top level NOTICE file need to be the union of all of its subprojects'
NOTICE files?

You are only releasing one artifact - the source artifact. (in this
case this file:
IF that release artifact contains the software that needs to be noted
in the NOTICE file it should be done at the top level.

The binaries you produce are not Apache releases. (If this confuses
you please ask your mentors, or come back here and ask) Your SCM tree
and the artifacts you release should have NOTICE, LICENSE, and
DISCLAIMER at the top level, of the release artifact that is correctly
populated. (e.g. the NOTICE file in your subdirectories appear to be
incorrectly populated)


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message