On Sat, Nov 23, 2013 at 8:51 PM, Kanak Biscuitwala <kana...@hotmail.com> wrote: >> Date: Sun, 24 Nov 2013 00:53:13 +0000 >> Subject: Re: [VOTE] helix-0.6.2-incubating >> From: seb...@gmail.com >> To: general@incubator.apache.org >> >> On 23 November 2013 23:47, Kanak Biscuitwala <kana...@hotmail.com> wrote: >>> Oh, interesting. I believe it generates this automatically with the >>> license-maven-plugin in the build/package stage. In that case, is this an >>> acceptable solution, or is an explicit NOTICE file still required? >> >> Every ASF distribution must have LICENSE and NOTICE files (and >> DISCLAIMER for podlings) >> This includes releases and SCM. > > Given this requirement, which of the following is the correct course of > action? > > 1. Update master with a NOTICE file which is a copy of the generated NOTICE > file (it looks correct) and take no further action with the releases since > the released packages contain NOTICE files. > 2. Update master and both tags with NOTICE files. Take no further action > since the distributed packages have 1:1 correspondence with all files in > source control. > 3. Update master and both tags with NOTICE files, skip the vote, and just > update the already-pushed packages. > 4. Update master and both tags with NOTICE files, go through the entire > voting process again, re-release. > > Really what I want to get out of all this is what is required to bring > current and future Helix releases to full compliance with ASF standards. >
You really should be asking this of your mentors. But you asked general@, so I'll wade in - IMO the release doesn't comply with policy, but what's done tis done; you can't unrelease it now that it's published. If I were in your shoes I'd probably publish a new version that is in compliance. (and incidentally you don't seem to be moving older versions (0.6.0, 0.6.1, etc) to the archive when promoting a new release. - see http://www.apache.org/dev/release.html#when-to-archive for more) >> >> The NOTICE file must not contain any unnecessary content - in >> particular it must only contain references to bits that are actually >> included in the distribution. I'm not sure whether the plugin handles >> this properly yet (early versions were not good in this regard). > > It seems to do it correctly. The top level project is just the website for > this project, which has no dependencies other than ASF projects, and this is > reflected in the generated NOTICE file. Or does the top level NOTICE file > need to be the union of all of its subprojects' NOTICE files? > >> You are only releasing one artifact - the source artifact. (in this case this file: https://dist.apache.org/repos/dist/release/incubator/helix/0.6.2-incubating/src/helix-0.6.2-incubating-src.zip IF that release artifact contains the software that needs to be noted in the NOTICE file it should be done at the top level. The binaries you produce are not Apache releases. (If this confuses you please ask your mentors, or come back here and ask) Your SCM tree and the artifacts you release should have NOTICE, LICENSE, and DISCLAIMER at the top level, of the release artifact that is correctly populated. (e.g. the NOTICE file in your subdirectories appear to be incorrectly populated) --David --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
