I see it like this:
Have a podling analyzed for their open security issues:
+1
Have a podling asked about how they feel they can react to security issues:
0/-1 because only if it has been tested the self assessment is worth
something. Its not like they get a new issue every other month - I hope.
> On Jan 24, 2025, at 1:44 PM, PJ Fanning wrote:
>
> The ASF generally mandates a min of 3 days for votes on release
> candidates. This can be significantly shortened if there is a security
> issue that needs a quick release.
> With Podlings, they typically require 2 rounds of voting (PPMC and
The ASF generally mandates a min of 3 days for votes on release
candidates. This can be significantly shortened if there is a security
issue that needs a quick release.
With Podlings, they typically require 2 rounds of voting (PPMC and
then the Incubator PMC) but again if a podling needs a quick re
Maybe one more thing we should think about. What if there is a security
issue, the response of the podling is good and the issue gets fixed very
fast. And can only be fixed by a new release. But then the incubator
finds issues with the release and the release issues cannot be fixed
right away. I d
Thanks Calvin for your response. Maybe we could start by having the ASF
Security team track progress on reported issues - as they already do. In
the Incubator public reporting, we would not disclose anything other than
self reporting that the PPMC feels confident that they are in a good
position to
I completely agree with this proposal, even though some podlings rarely
encounter security issues during incubation. (This may change as they
transition to TLP status and gain more visibility.) However, understanding
and recognizing the importance of security issues is also something
podlings need
Hi everyone,
I didn't follow up on this when I raised it in December 2023. I'd like
to propose it again.
Basically, the idea is that the podling reports, that we do every 3
months, would have a question about whether the podling believes that
they are being sufficiently responsive to issues raised
-1 (binding)
I checked:
- incubating is in the name/version
- signature and hash are OK
- DISCLAIMER is there
However:
- docs copy code from jquery* under the MIT license. It should be
mentioned in the LICENSE (see
https://infra.apache.org/licensing-howto.html#permissive-deps)
- docs copy code fr
Main doc is here:
https://infra.apache.org/release-download-pages.html
On Fri, 24 Jan 2025 at 11:17, PJ Fanning wrote:
>
> 1. https://downloads.apache.org/ is just a shim for
> https://dist.apache.org/repos/dist/releases/
> 2. you should be using incubator/wayang not wayang - all Incubator
> pod
1. https://downloads.apache.org/ is just a shim for
https://dist.apache.org/repos/dist/releases/
2. you should be using incubator/wayang not wayang - all Incubator
podlings must use incubator/
3. the KEYS file should be in
https://dist.apache.org/repos/dist/releases/ - we don't keep a
separate dev
@fanningpj:
The KEYS file here: https://downloads.apache.org/incubator/wayang/KEYS
is a very old file. How can I replace it?
The current keys file is this one:
https://dist.apache.org/repos/dist/dev/wayang/KEYS
Best
--
Zoi
Στις Πέμπτη 23 Ιανουαρίου 2025 στις 10:19:49 μ.μ. CET, ο χρήστης P
On Fri, 24 Jan 2025 at 03:02, WeitingChen wrote:
> Hello everyone,
>
> The Apache Gluten (Incubating) 1.3.0-incubating has been released!
>
> Apache Gluten is a middle layer that offloads the execution of
> JVM-based SQL engines to native engines.
>
> Download Links:
> https://downloads.apache.or
12 matches
Mail list logo
