Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

I've uploaded a release candidate of the 1.7.3 patch release [1] for the vote. There have been no changes since the beta last week and I've encountered no issues testing it.

This is my +1.

-- Scott

[1] https://people.apache.org/~scantor/

RE: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

> 	It will be an official release next week, but it has nothing to do with
> this vote, I'm stuck dealing with Xerces now in addition to this library. They
> just both happen to be hosted in the same place.

And if it wasn't clear, nothing in this release depends on the Xerces update, it runs on anything all the way back to Xerces 2.8, same as before.

It would be a 2.0 change to start mucking with the API requirements.

-- Scott

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Colm O hEigeartaigh <co...@apache.org>]

Ok thanks for the clarification!

Colm.

On Wed, Mar 11, 2015 at 1:34 PM, Cantor, Scott <ca...@osu.edu> wrote:

> On 3/11/15, 5:30 AM, "Colm O hEigeartaigh" <co...@apache.org> wrote:
> >
> >Is this an official RC that you plan on uploading to the main Apache
> distribution server?
>
> The ASF process does not allow non-official/voted releases to be put into
> the main distribution server or any kind of repository. Until it's voted
> out, it has to be unofficially hosted.
>
> > If so we need a link to a tag used to generate the release, e.g. one of
> these:
> >
> >http://svn.apache.org/viewvc/santuario/xml-security-cpp/tags/
>
> I can't tag until the vote. I could create an RC tag, but the vote is over
> the specific sources in that tarball, same as every other time.
>
> >What is the xerces dependency included above? Is it an official Xerces
> release, and if so is it intended for inclusion with Santuario?
>
> It will be an official release next week, but it has nothing to do with
> this vote, I'm stuck dealing with Xerces now in addition to this library.
> They just both happen to be hosted in the same place.
>
> -- Scott
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

On 3/11/15, 5:30 AM, "Colm O hEigeartaigh" <co...@apache.org> wrote:
>
>Is this an official RC that you plan on uploading to the main Apache distribution server?

The ASF process does not allow non-official/voted releases to be put into the main distribution server or any kind of repository. Until it's voted out, it has to be unofficially hosted.

> If so we need a link to a tag used to generate the release, e.g. one of these:
>
>http://svn.apache.org/viewvc/santuario/xml-security-cpp/tags/

I can't tag until the vote. I could create an RC tag, but the vote is over the specific sources in that tarball, same as every other time.

>What is the xerces dependency included above? Is it an official Xerces release, and if so is it intended for inclusion with Santuario?

It will be an official release next week, but it has nothing to do with this vote, I'm stuck dealing with Xerces now in addition to this library. They just both happen to be hosted in the same place.

-- Scott

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Colm O hEigeartaigh <co...@apache.org>]

Hi Scott,

Is this an official RC that you plan on uploading to the main Apache
distribution server? If so we need a link to a tag used to generate the
release, e.g. one of these:

http://svn.apache.org/viewvc/santuario/xml-security-cpp/tags/

What is the xerces dependency included above? Is it an official Xerces
release, and if so is it intended for inclusion with Santuario?

Colm.

On Tue, Mar 10, 2015 at 6:12 PM, Cantor, Scott <ca...@osu.edu> wrote:

> I've uploaded a release candidate of the 1.7.3 patch release [1] for the
> vote. There have been no changes since the beta last week and I've
> encountered no issues testing it.
>
> This is my +1.
>
> -- Scott
>
> [1] https://people.apache.org/~scantor/
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Marc Giger <gi...@apache.org>]

+1

Thanks,

Marc


On Fri, 13 Mar 2015 16:24:42 +0000
"Cantor, Scott" <ca...@osu.edu> wrote:

> On 3/13/15, 12:20 PM, "Colm O hEigeartaigh" <co...@apache.org>
> wrote:
> 
> >The normal process is to create an SVN tag "first", and then to
> >build the release off that tag.
> 
> I've never done that. It violates my general sense of rightness about
> tags, and it also isn't how all my other projects do it, so that's
> why I didn't do it here. (You can go back and see all the earlier
> votes, which you yourself participated in.)
> 
> > That way we can see the exact SVN revision that we are voting on.
> > In this case though, it's sufficient to link to the exact SVN
> > revision on trunk that you used to create the release. Is this it?
> >
> >http://svn.apache.org/viewvc?view=revision&revision=1665627
> 
> That's a fair point, Apache using one project in the repo for all
> projects is, umm, flat wrong. So that makes it hard to actually tie
> them together easily since the revs just keep climbing from other
> commits elsewhere.
> 
> But anyway, yes, that's the rev I built from, r1665627, and as you
> see it's the last commit on that tree.
> 
> -- Scott
> 

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

On 3/13/15, 12:41 PM, "Colm O hEigeartaigh" <co...@apache.org> wrote:
>
>Ok +1 from me then.

Thanks. Given the apparent confusion, I'll hold for any objections or concerns until EOB and finalize the release tonight or this weekend otherwise.

-- Scott

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Colm O hEigeartaigh <co...@apache.org>]

Ok +1 from me then.

Colm.

On Fri, Mar 13, 2015 at 4:24 PM, Cantor, Scott <ca...@osu.edu> wrote:

> On 3/13/15, 12:20 PM, "Colm O hEigeartaigh" <co...@apache.org> wrote:
>
> >The normal process is to create an SVN tag "first", and then to build the
> release off that tag.
>
> I've never done that. It violates my general sense of rightness about
> tags, and it also isn't how all my other projects do it, so that's why I
> didn't do it here. (You can go back and see all the earlier votes, which
> you yourself participated in.)
>
> > That way we can see the exact SVN revision that we are voting on. In
> this case though, it's sufficient to link to the exact SVN revision on
> trunk that you used to create the release. Is this it?
> >
> >http://svn.apache.org/viewvc?view=revision&revision=1665627
>
> That's a fair point, Apache using one project in the repo for all projects
> is, umm, flat wrong. So that makes it hard to actually tie them together
> easily since the revs just keep climbing from other commits elsewhere.
>
> But anyway, yes, that's the rev I built from, r1665627, and as you see
> it's the last commit on that tree.
>
> -- Scott
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

On 3/13/15, 12:20 PM, "Colm O hEigeartaigh" <co...@apache.org> wrote:

>The normal process is to create an SVN tag "first", and then to build the release off that tag.

I've never done that. It violates my general sense of rightness about tags, and it also isn't how all my other projects do it, so that's why I didn't do it here. (You can go back and see all the earlier votes, which you yourself participated in.)

> That way we can see the exact SVN revision that we are voting on. In this case though, it's sufficient to link to the exact SVN revision on trunk that you used to create the release. Is this it?
>
>http://svn.apache.org/viewvc?view=revision&revision=1665627

That's a fair point, Apache using one project in the repo for all projects is, umm, flat wrong. So that makes it hard to actually tie them together easily since the revs just keep climbing from other commits elsewhere.

But anyway, yes, that's the rev I built from, r1665627, and as you see it's the last commit on that tree.

-- Scott

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Colm O hEigeartaigh <co...@apache.org>]

The normal process is to create an SVN tag "first", and then to build the
release off that tag. That way we can see the exact SVN revision that we
are voting on. In this case though, it's sufficient to link to the exact
SVN revision on trunk that you used to create the release. Is this it?

http://svn.apache.org/viewvc?view=revision&revision=1665627

Colm.

On Fri, Mar 13, 2015 at 4:05 PM, Cantor, Scott <ca...@osu.edu> wrote:

> On 3/13/15, 11:57 AM, "Colm O hEigeartaigh" <co...@apache.org> wrote:
> >
> >I'm confused - why do we need votes for a non-official release? Is the
> vote to release the "RC" itself?
>
> No, it's to vote out this release so I can tag it and publish it.
>
> > If so why not go through the normal process of creating a tag, etc?
>
> This is the normal process I've used. If I tag before a vote, I've just
> created a release that is not actually approved. Of course I could tag an
> RC, but we have notifications of commits so if you don't see a commit from
> me, you know the tarball *is* the current trunk.
>
> I've followed this same process for every release I've done. There are no
> RC tags in the repo from me, and only one in the history of the repo:
>
> http://svn.apache.org/viewvc/santuario/xml-security-cpp/tags/
>
> The process I follow is:
>
> - prepare a candidate and post to an unofficial place
> - call for testing and then call for a vote
> - when voted, tag and copy to the distribution site and update the web site
>
> I definitely cannot tag now unless I tag it as an RC, and if we vote on
> that, I still have to create the real tag after. I can't create the real
> tag ahead of the vote. If you want me to tag trunk as RC I will, I just
> haven't done it in the past so I didn't now.
>
> -- Scott
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

On 3/13/15, 11:57 AM, "Colm O hEigeartaigh" <co...@apache.org> wrote:
>
>I'm confused - why do we need votes for a non-official release? Is the vote to release the "RC" itself?

No, it's to vote out this release so I can tag it and publish it.

> If so why not go through the normal process of creating a tag, etc?

This is the normal process I've used. If I tag before a vote, I've just created a release that is not actually approved. Of course I could tag an RC, but we have notifications of commits so if you don't see a commit from me, you know the tarball *is* the current trunk.

I've followed this same process for every release I've done. There are no RC tags in the repo from me, and only one in the history of the repo:

http://svn.apache.org/viewvc/santuario/xml-security-cpp/tags/

The process I follow is:

- prepare a candidate and post to an unofficial place
- call for testing and then call for a vote
- when voted, tag and copy to the distribution site and update the web site

I definitely cannot tag now unless I tag it as an RC, and if we vote on that, I still have to create the real tag after. I can't create the real tag ahead of the vote. If you want me to tag trunk as RC I will, I just haven't done it in the past so I didn't now.

-- Scott

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Colm O hEigeartaigh <co...@apache.org>]

Hi Scott,

I'm confused - why do we need votes for a non-official release? Is the vote
to release the "RC" itself? If so why not go through the normal process of
creating a tag, etc?

Colm.

On Fri, Mar 13, 2015 at 3:31 PM, Cantor, Scott <ca...@osu.edu> wrote:

> On 3/10/15, 2:12 PM, "Cantor, Scott" <ca...@osu.edu> wrote:
>
> >I've uploaded a release candidate of the 1.7.3 patch release [1] for the
> vote. There have been no changes since the beta last week and I've
> encountered no issues testing it.
> >
> >This is my +1.
>
> Just noting I still need a couple of votes for this release.
>
> -- Scott
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

Thanks for the votes, I'm preparing the release right now.

-- Scott

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Berin Lautenbach <be...@wingsofhermes.org>]

+1

Cantor, Scott wrote:
> On 3/10/15, 2:12 PM, "Cantor, Scott" <ca...@osu.edu> wrote:
>
>> I've uploaded a release candidate of the 1.7.3 patch release [1] for the vote. There have been no changes since the beta last week and I've encountered no issues testing it.
>>
>> This is my +1.
> Just noting I still need a couple of votes for this release.
>
> -- Scott
>


---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

[Sean Mullan <se...@oracle.com>]

+1 from me.

--Sean

On 03/13/2015 11:31 AM, Cantor, Scott wrote:
> On 3/10/15, 2:12 PM, "Cantor, Scott" <ca...@osu.edu> wrote:
>
>> I've uploaded a release candidate of the 1.7.3 patch release [1] for the vote. There have been no changes since the beta last week and I've encountered no issues testing it.
>>
>> This is my +1.
>
> Just noting I still need a couple of votes for this release.
>
> -- Scott
>

Re: Santuario xml-security-c 1.7.3 release candidate posted, call for vote

["Cantor, Scott" <ca...@osu.edu>]

On 3/10/15, 2:12 PM, "Cantor, Scott" <ca...@osu.edu> wrote:

>I've uploaded a release candidate of the 1.7.3 patch release [1] for the vote. There have been no changes since the beta last week and I've encountered no issues testing it.
>
>This is my +1.

Just noting I still need a couple of votes for this release.

-- Scott