There has been some random discussion about relaxing the release
signature requirements.
Our hard requirements are:
- One signature [ASF policy]
- Three +1 votes [ASF policy]
Our current policy is:
- One RM signature
- Three unix +1s with signatures
- Three windows +1s with signatures
+ Traditionally these would be seven separate persons, but nowadays we
are less strict about this.
[The above is facts. The below is opinion.]
Properties we want the new policy to have:
- Fewer than seven people involved
- Testing on all platforms
- Complies with ASF policy
So, how about:
- Allowing the RM to cast a +1.
I think this shouldn't be automatic; the RM does not automatically
cast a +1 on account of having rolled the tarballs, rather, the RM
only casts a +1 if he specifically sends a "Summary: +1 to release"
vote indicating he'd tested the tarballs [which he'd produced] the
usual way.
The rationale is that _rolling_ a tarball is entirely different to
_testing_ it.
- Requiring fewer than three +1s per platform.
E.g., we could require just two windows +1s and two unix +1s.
If we do this, I would prefer to see the two unix +1s from different
unix variants. (We have at least four devs on debian/ubuntu, and I
don't think four +1s one these two are equal to two +1s from two more
different unixoid platforms.) Likewise on windows, I suppose, but I
don't know that platform's variations well enough to have an opinion.
These two changes together would mean that only four people would be
needed to make a release: two devs per platform, one of whom doubles as
an RM. We could even theoretically manage a release with only three
developers, if one of them tested on two platforms, two tested on one
platform each, and one of the three acted as RM — but having fewer
people involved increases the risk of overlooking some showstopper.
To be concrete, here's the suggestion again without annotations:
- A tarball is rolled by the RM.
- The RM signs the tarball before uploading to /dist/dev.
- The tarball is tested by at least two windows developers, who
SHOULD use different variants of Windows, and receives their +1
votes and signatures. The RM MAY be one of these developers.
- The tarball is tested by at least two unix developers, who
SHOULD use different Unixoid platforms, and receives their +1
votes and signatures. The RM MAY be one of these developers.
- There MAY be more than two testers per platform. The testers need
not be committers.
- There SHOULD be at least four different testers.
- Developers MAY sign the tarball without testing it, only if they
have verified that it matches the tag [with the expected differences].
- The release timelines (at least 72 hours and preferably more for
testing/votes, then 24 hours for the mirrors) are unchanged.
WDYT?
