Hi Matthew, Thanks for letting us know your opinion. OK. We'll release as-is.
Thanks, -- kou In <cah4123zceek5w54h5a2menyd+_m5c7ubpy5pr1svh-s-hna...@mail.gmail.com> "Re: [VOTE] Release Apache Arrow 7.0.1 - RC0" on Mon, 18 Jul 2022 20:32:53 -0400, Matt Topol <zotthewiz...@gmail.com> wrote: > As long as running `go install` / `go build` works when run against go > version 1.16, which as far as I'm aware is the version that is run for our > current CI, then there shouldn't be any issues with the other extraneous > package version bumps. > > In my opinion, it's fine to release as-is. > > --Matt > > On Mon, Jul 18, 2022 at 8:28 PM Sutou Kouhei <k...@clear-code.com> wrote: > >> Hi Matthew, >> >> If you have any opinion about this as a Go developer, please >> let us know. If you don't have any opinion, we will release >> this as-is. >> >> >> Thanks, >> -- >> kou >> >> In <CANva0dh46M42WiJyGZDy49LSQ85GDk5Ro_sqX1ry-vi==GVs=w...@mail.gmail.com> >> "Re: [VOTE] Release Apache Arrow 7.0.1 - RC0" on Mon, 18 Jul 2022 >> 11:56:48 +0200, >> Jacob Wujciak <ja...@voltrondata.com.INVALID> wrote: >> >> > I would lean towards backporting the fix too but I am not familiar with >> the >> > go ecosystem and this PR contains a bunch of version bumps, unsure if >> those >> > are required for the fix or were just added to the PR and if those are a >> > problem for go users of the existing 7.0.0 version? >> > >> > On Fri, Jul 15, 2022 at 11:58 PM Sutou Kouhei <k...@clear-code.com> >> wrote: >> > >> >> Hi, >> >> >> >> It seems that this is related to >> >> https://github.com/apache/arrow/pull/12303 . >> >> Should we backport this too? >> >> >> >> Thanks, >> >> -- >> >> kou >> >> >> >> In <cahm19a4wwtwtdmbjxqk+_vuvjvmzyun1bpjgi2jnro-shk6...@mail.gmail.com> >> >> "Re: [VOTE] Release Apache Arrow 7.0.1 - RC0" on Fri, 15 Jul 2022 >> >> 15:55:35 +0200, >> >> Krisztián Szűcs <szucs.kriszt...@gmail.com> wrote: >> >> >> >> > +0 >> >> > >> >> > I'm getting the same error with go version 1.18.1 darwin/arm64 but it >> >> > works with go version 1.16.12. >> >> > >> >> > On Fri, Jul 15, 2022 at 12:09 PM Jacob Wujciak >> >> > <ja...@voltrondata.com.invalid> wrote: >> >> >> >> >> >> +0 I got the following repeatable error in arrow/array on manjaro >> >> 21.3.2. >> >> >> Full log at [1] >> >> >> >> >> >> └ Found go version go1.18.3 linux/amd64 at /usr/bin/go >> >> >> /tmp/arrow-7.0.1.DuPzW/apache-arrow-7.0.1/go/arrow >> >> >> /tmp/arrow-7.0.1.DuPzW/apache-arrow-7.0.1 ~/verify-rc/arrow >> >> >> ok github.com/apache/arrow/go/v7/arrow 0.017s >> >> >> unexpected fault address 0xb60cc0 >> >> >> fatal error: fault >> >> >> [signal SIGSEGV: segmentation violation code=0x2 addr=0xb60cc0 >> >> pc=0x4118e3] >> >> >> [...] >> >> >> FAIL github.com/apache/arrow/go/v7/arrow/array 0.538s >> >> >> >> >> >> [1]: https://pastebin.com/yPjSCbg3 >> >> >> >> >> >> On Fri, Jul 15, 2022 at 10:37 AM Raul Cumplido Dominguez >> >> >> <r...@voltrondata.com.invalid> wrote: >> >> >> >> >> >> > +1, verified on ubuntu 22.04 >> >> >> > >> >> >> > On Fri, Jul 15, 2022 at 2:59 AM Yibo Cai <yibo....@arm.com> wrote: >> >> >> > >> >> >> > > +1, verified on arm64 >> >> >> > > >> >> >> > > -----Original Message----- >> >> >> > > From: Sutou Kouhei <k...@clear-code.com> >> >> >> > > Sent: Friday, July 15, 2022 5:11 AM >> >> >> > > To: dev@arrow.apache.org >> >> >> > > Subject: [VOTE] Release Apache Arrow 7.0.1 - RC0 >> >> >> > > >> >> >> > > Hi, >> >> >> > > >> >> >> > > I would like to propose the following release candidate >> >> >> > > (RC0) of Apache Arrow version 7.0.1. This is a release consisting >> >> of 1 >> >> >> > > resolved JIRA issues[1]. >> >> >> > > >> >> >> > > This is one of releases[2] that focus on a Go related security >> >> >> > > vulnerability[3]. We don't publish binary artifacts of this >> release >> >> >> > because >> >> >> > > we don't have Go related binaries. >> >> >> > > >> >> >> > > This release candidate is based on commit: >> >> >> > > 072ae55dc8172bb1a898fda5d5a83ec063b05a6d [4] >> >> >> > > >> >> >> > > The source release rc0 is hosted at [5]. >> >> >> > > The changelog is located at [6]. >> >> >> > > >> >> >> > > Please download, verify checksums and signatures, run the unit >> >> tests, and >> >> >> > > vote on the release. See [7] for how to validate a release >> >> candidate. But >> >> >> > > you need to verify only Go related tests because this release >> >> candidate >> >> >> > > only includes a change for Go. So we can use the following >> command >> >> line: >> >> >> > > >> >> >> > > TEST_DEFAULT=0 TEST_GO=1 >> dev/release/verify-release-candidate.sh >> >> >> > 7.0.1 >> >> >> > > 0 >> >> >> > > >> >> >> > > The vote will be open for at least 72 hours. >> >> >> > > >> >> >> > > [ ] +1 Release this as Apache Arrow 7.0.1 [ ] +0 [ ] -1 Do not >> >> release >> >> >> > > this as Apache Arrow 7.0.1 because... >> >> >> > > >> >> >> > > [1]: >> >> >> > > >> >> >> > >> >> >> https://issues.apache.org/jira/issues/?jql=project%20%3D%20ARROW%20AND%20status%20in%20%28Resolved%2C%20Closed%29%20AND%20fixVersion%20%3D%207.0.1 >> >> >> > > [2] >> >> https://lists.apache.org/thread/qkkzpvmxc0coqhdkc1qoygwy6h4v5sgn >> >> >> > > [3] >> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28948 >> >> >> > > [4]: >> >> >> > > >> >> >> > >> >> >> https://github.com/apache/arrow/tree/072ae55dc8172bb1a898fda5d5a83ec063b05a6d >> >> >> > > [5]: >> >> https://dist.apache.org/repos/dist/dev/arrow/apache-arrow-7.0.1-rc0 >> >> >> > > [6]: >> >> >> > > >> >> >> > >> >> >> https://github.com/apache/arrow/blob/072ae55dc8172bb1a898fda5d5a83ec063b05a6d/CHANGELOG.md >> >> >> > > [7]: >> >> >> > > >> >> >> > >> >> >> https://cwiki.apache.org/confluence/display/ARROW/How+to+Verify+Release+Candidates >> >> >> > > IMPORTANT NOTICE: The contents of this email and any attachments >> are >> >> >> > > confidential and may also be privileged. If you are not the >> intended >> >> >> > > recipient, please notify the sender immediately and do not >> disclose >> >> the >> >> >> > > contents to any other person, use it for any purpose, or store or >> >> copy >> >> >> > the >> >> >> > > information in any medium. Thank you. >> >> >> > > >> >> >> > >> >> >>
