You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cayenne.apache.org by Andrus Adamchik <an...@objectstyle.org> on 2017/03/02 07:39:45 UTC
Re: [VOTE] 4.0.M5 release v2
Gently nudging the PMC members to cast their votes :)
We are still one vote short. If someone needs more time, could you please indicate that you are planning to vote?
Andrus
(OT: what's everyone's feeling - is our new frequent release schedule unsustainable in practice?)
Re: [VOTE] 4.0.M5 release v2
Posted by Michael Gentry <bl...@gmail.com>.
Still on my to-do list, but I've just been short on time. I should be able
to get to it tomorrow or this weekend at the latest, but don't let my
schedule hold things up if we get enough votes!
I'm not opposed to more frequent releases since, if nothing else, it makes
the project seem more active to outsiders.
mrg
On Thu, Mar 2, 2017 at 2:39 AM, Andrus Adamchik <an...@objectstyle.org>
wrote:
> Gently nudging the PMC members to cast their votes :)
>
> We are still one vote short. If someone needs more time, could you please
> indicate that you are planning to vote?
>
> Andrus
>
> (OT: what's everyone's feeling - is our new frequent release schedule
> unsustainable in practice?)
>
>
Re: [VOTE] 4.0.M5 release v2
Posted by Andrus Adamchik <an...@objectstyle.org>.
Thanks Nikita!
I see that website announcement is already committed in our CMS staging area: http://svn.apache.org/viewvc?view=revision&revision=1785615 I was planning to review it tonight or tomorrow, publish it, and make a mailing list / twitter announcement.
Andrus
> On Mar 6, 2017, at 2:43 PM, Nikita Timofeev <nt...@objectstyle.com> wrote:
>
> And to keep everything in order, here is the final voting results.
> We have 3 PMC votes in total:
>
> Andrus Adamchik (PMC): +1
> Savva Kolbachev (PMC): +1
> Aristedes Maniatis (PMC): +1
>
> Cayenne release 4.0.M5 is done!
> Thank you all once again!
>
> On Mon, Mar 6, 2017 at 12:26 PM, Nikita Timofeev
> <nt...@objectstyle.com> wrote:
>> Hi all,
>>
>> As we have everything required for the M5 release I'm going to
>> complete it today.
>>
>> Thank you for your votes and ideas!
>>
>> On Thu, Mar 2, 2017 at 4:49 PM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>> On 2/3/17 8:51pm, Andrus Adamchik wrote:
>>>>
>>>>
>>>>> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>>>>
>>>>> Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
>>>>
>>>> It most certainly will. How do we sign the files though?
>>>
>>> There can still be a step of downloading the files from jenkins, signing and uploading. md5 hashes are still there for verifying the Jenkins output is intact.
>>>
>>> I'm not sure how we verify that Jenkins itself isn't compromised, but perhaps we can ask what others do.
>>>
>>>
>>> Ari
>>>
>>>
>>>
>>> --
>>> -------------------------->
>>> Aristedes Maniatis
>>> GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
>>
>>
>>
>> --
>> Best regards,
>> Nikita Timofeev
>
>
>
> --
> Best regards,
> Nikita Timofeev
Re: [VOTE] 4.0.M5 release v2
Posted by Hugi Thordarson <hu...@godurkodi.is>.
Thanks for all your hard work guys! The progress Cayenne has made in the last few months is amazing and M5 is awesome.
- hugi
> On 6. mar. 2017, at 11:43, Nikita Timofeev <nt...@objectstyle.com> wrote:
>
> And to keep everything in order, here is the final voting results.
> We have 3 PMC votes in total:
>
> Andrus Adamchik (PMC): +1
> Savva Kolbachev (PMC): +1
> Aristedes Maniatis (PMC): +1
>
> Cayenne release 4.0.M5 is done!
> Thank you all once again!
>
> On Mon, Mar 6, 2017 at 12:26 PM, Nikita Timofeev
> <nt...@objectstyle.com> wrote:
>> Hi all,
>>
>> As we have everything required for the M5 release I'm going to
>> complete it today.
>>
>> Thank you for your votes and ideas!
>>
>> On Thu, Mar 2, 2017 at 4:49 PM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>> On 2/3/17 8:51pm, Andrus Adamchik wrote:
>>>>
>>>>
>>>>> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>>>>
>>>>> Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
>>>>
>>>> It most certainly will. How do we sign the files though?
>>>
>>> There can still be a step of downloading the files from jenkins, signing and uploading. md5 hashes are still there for verifying the Jenkins output is intact.
>>>
>>> I'm not sure how we verify that Jenkins itself isn't compromised, but perhaps we can ask what others do.
>>>
>>>
>>> Ari
>>>
>>>
>>>
>>> --
>>> -------------------------->
>>> Aristedes Maniatis
>>> GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
>>
>>
>>
>> --
>> Best regards,
>> Nikita Timofeev
>
>
>
> --
> Best regards,
> Nikita Timofeev
Re: [VOTE] 4.0.M5 release v2
Posted by Nikita Timofeev <nt...@objectstyle.com>.
And to keep everything in order, here is the final voting results.
We have 3 PMC votes in total:
Andrus Adamchik (PMC): +1
Savva Kolbachev (PMC): +1
Aristedes Maniatis (PMC): +1
Cayenne release 4.0.M5 is done!
Thank you all once again!
On Mon, Mar 6, 2017 at 12:26 PM, Nikita Timofeev
<nt...@objectstyle.com> wrote:
> Hi all,
>
> As we have everything required for the M5 release I'm going to
> complete it today.
>
> Thank you for your votes and ideas!
>
> On Thu, Mar 2, 2017 at 4:49 PM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>> On 2/3/17 8:51pm, Andrus Adamchik wrote:
>>>
>>>
>>>> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>>>
>>>> Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
>>>
>>> It most certainly will. How do we sign the files though?
>>
>> There can still be a step of downloading the files from jenkins, signing and uploading. md5 hashes are still there for verifying the Jenkins output is intact.
>>
>> I'm not sure how we verify that Jenkins itself isn't compromised, but perhaps we can ask what others do.
>>
>>
>> Ari
>>
>>
>>
>> --
>> -------------------------->
>> Aristedes Maniatis
>> GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
>
>
>
> --
> Best regards,
> Nikita Timofeev
--
Best regards,
Nikita Timofeev
Re: [VOTE] 4.0.M5 release v2
Posted by Nikita Timofeev <nt...@objectstyle.com>.
Hi all,
As we have everything required for the M5 release I'm going to
complete it today.
Thank you for your votes and ideas!
On Thu, Mar 2, 2017 at 4:49 PM, Aristedes Maniatis <ar...@maniatis.org> wrote:
> On 2/3/17 8:51pm, Andrus Adamchik wrote:
>>
>>
>>> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>>
>>> Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
>>
>> It most certainly will. How do we sign the files though?
>
> There can still be a step of downloading the files from jenkins, signing and uploading. md5 hashes are still there for verifying the Jenkins output is intact.
>
> I'm not sure how we verify that Jenkins itself isn't compromised, but perhaps we can ask what others do.
>
>
> Ari
>
>
>
> --
> -------------------------->
> Aristedes Maniatis
> GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
--
Best regards,
Nikita Timofeev
Re: [VOTE] 4.0.M5 release v2
Posted by Aristedes Maniatis <ar...@maniatis.org>.
On 2/3/17 8:51pm, Andrus Adamchik wrote:
>
>
>> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>>
>> Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
>
> It most certainly will. How do we sign the files though?
There can still be a step of downloading the files from jenkins, signing and uploading. md5 hashes are still there for verifying the Jenkins output is intact.
I'm not sure how we verify that Jenkins itself isn't compromised, but perhaps we can ask what others do.
Ari
--
-------------------------->
Aristedes Maniatis
GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
Re: [VOTE] 4.0.M5 release v2
Posted by Andrus Adamchik <an...@objectstyle.org>.
> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ar...@maniatis.org> wrote:
>
> Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
It most certainly will. How do we sign the files though?
Andrus
Re: [VOTE] 4.0.M5 release v2
Posted by Aristedes Maniatis <ar...@maniatis.org>.
Here's my +1. I reviewed the OSX version and modeler against my work schema.
I think more frequent releases are a good thing. Would it help if we set up a Jenkins job to create the build artifacts then we have an easier to verify chain from source checkout to artifact creation?
Ari
On 2/3/17 6:39pm, Andrus Adamchik wrote:
> Gently nudging the PMC members to cast their votes :)
>
> We are still one vote short. If someone needs more time, could you please indicate that you are planning to vote?
>
> Andrus
>
> (OT: what's everyone's feeling - is our new frequent release schedule unsustainable in practice?)
>
--
-------------------------->
Aristedes Maniatis
GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A