Re: [VOTE] Release Apache Maven version 3.8.0

[Maarten Mulders]

A 0-vote from my side. As far as I can tell, non-TLS repos are indeed 
blocked. That is the main reason for cutting this release, and it works, 
which is good.

But if I understood Hervé correctly, the message that appears when Maven 
attempts download of an artifact over a non-TLS connection differs 
depending on which component attempted the download. This has two 
consequences:

1. The message is sometimes pretty clear, but sometimes rather vague. An 
example of the latter one: "Checksum validation failed, expected Lorem 
but is a0a3234b13da255645808f53efb387d26ae441db". One must be quite 
clever to deduce that Maven attempted to download something over HTTP.

2. I am worried that we may have missed a component that also attempts 
to download artifacts, and still allows non-HTTP connections.


Maybe I didn't understand correctly - I actually hope so. In that case, 
please explain me where my understanding is wrong.

Thanks,


Maarten

On March 24th, 2021 at 18:54, Gary Gregory wrote:
Whenever I have to explain to colleagues that Maven "burns" version numbers
when a release candidate fails or some other obtuse reason, they are just
as baffled as I am. In the end it does not matter it's just bizarre.

Gary

On Tue, Mar 23, 2021, 20:58 Olivier Lamy <ol...@apache.org> wrote:

+0
Same reason as Ralph, the versioning seems weird to me.
I don't understand the reasoning of version number. Our version number
doesn't have to be managed by some tweet or google links.


On Wed, 24 Mar 2021 at 09:17, Ralph Goers <ralph.go...@dslextreme.com>
wrote:

If I were a user and expected the feature to be in 3.7.0 then I would
certainly also expect it in 3.8.0. The only ways to avoid this are a)
stay
on 3.6.x.x until the feature is available, b) specifically say the
promised
features aren’t available yet.

That said I’m +0 on the version numbering.

Ralph

On Mar 22, 2021, at 3:09 PM, Robert Scholte <rfscho...@apache.org>
wrote:

There were enough tweets and conference talks were I demonstrated the
idea behind build/consumer.
Of course the audience wanted to hear a version, so the best possible
answer was "most likely 3.7.0"
First Google hit: Maven 3.7 to Include Default Wrapper - InfoQ[1] and
you can find much more.
Several PMC members discussed about what would be the proper value, the
result was in the end 3.8.0.
Most important: it is beyond 3.6.3 and before 4.

Robert

[1] https://www.infoq.com/news/2020/04/maven-wrapper/

On 22-3-2021 21:14:10, Elliotte Rusty Harold <elh...@ibiblio.org>
wrote:
I'm a weak -1 on this, solely because I don't find the reasoning for
not calling this 3.7.0 to be compelling. "Apache Maven 3.7.0 would be
the first release where you could optionally activate the
build/consumer feature. This version of this release has been renamed
to 4.0.0. Reusing 3.7.0 might lead to confusion, hence we picked the
next available minor version."

Are we sure? I certainly didn't expect 3.7.0 to be the first release
where you could optionally activate the build/consumer feature. I
can't say I expected anything in particular for 3.7.0. Did Maven ever
promise there would be a 3.7.0 with this feature?

If it were renamed 3.7.0 I'd be at +1.

On Mon, Mar 22, 2021 at 7:40 PM Robert Scholte wrote:

Hi,

For the details about this release, please read
https://maven.apache.org/docs/3.8.0/release-notes.html
Also please provide feedback on the release notes. (as you know, these
are published separately from the release, so it doesn't have to block
the
release itself)

We solved 5 issues:


https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922&version=12350003&styleName=Text

There are still a couple of issues left in JIRA:


https://issues.apache.org/jira/issues/?jql=project%20%3D%2012316922%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20key%20DESC%2C%20priority%20DESC

Staging repo:
https://repository.apache.org/content/repositories/maven-1633/



https://dist.apache.org/repos/dist/release/maven/maven-3/3.8.0/binaries/apache-maven-3.8.0-bin.zip


https://dist.apache.org/repos/dist/release/maven/maven-3/3.8.0/source/apache-maven-3.8.0-src.zip


Source release checksum(s):
apache-maven-3.8.0-bin.zip sha512:

b56da9a0efa45e084e4882b795787fc7b61970d19835635b2db099b91a9854f14e3776a01d569e3f7af9db946a05af91abbfad41cdc5ac09e90df25077dec01e
apache-maven-3.8.0-src.zip sha512:

51a1570894e8fb1ef52cb19ce472866745ccae2720e45304edd3cabc212cdf105937c76502558fe87995aea81c41402d7f581cc8e9393af234b64696e9a45893


Staging site:
https://maven.apache.org/ref/3-LATEST/

Guide to testing staged releases:

https://maven.apache.org/guides/development/guide-testing-releases.html

Vote open for at least 72 hours.

[ ] +1
[ ] +0
[ ] -1



--
Elliotte Rusty Harold
elh...@ibiblio.org

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org



--
Olivier Lamy
http://twitter.com/olamy | http://linkedin.com/in/olamy



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org