You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by Kathey Marsden <km...@sbcglobal.net> on 2005/10/03 19:08:25 UTC
Snapshot target questions and feedback
Hello Andrew (and all who care about snapshots)
I was using the snapshot target that you documented at:
http://wiki.apache.org/db-derby/DerbySnapshotOrRelease
A couple things I noticed.
1) The target does not include the CHANGES file.
2) You cannot update to a specific revision and make a snapshot of
that revision.
What happens is that the revison comes out in the format xxxxx:yyyyy
and it says that the target is up to date but no jars are made.
I think it would be good to be able to make a snapshot for
revisions on which we have some known results.
At the very least it should fail with an error instead of saying
everything is up to date.
And a question:
Is it necessary to sign snapshot distributions?
Thanks
Kathey
Re: Snapshot target questions and feedback
Posted by Andrew McIntyre <mc...@gmail.com>.
On Oct 3, 2005, at 10:08 AM, Kathey Marsden wrote:
> 1) The target does not include the CHANGES file.
Good idea. One of us should add updating the CHANGES file to the wiki
page and the target as well. I'm currently unable to edit the Wiki
right now as it no longer recognizes my password. :-(
> 2) You cannot update to a specific revision and make a snapshot of
> that revision.
This should be possible, but only if the snapshot target works at the
revision you want to make the snapshot.
> What happens is that the revison comes out in the format xxxxx:yyyyy
This indicates that you have files of mixed revisions in your view,
usually because you recently committed a change and haven't run svn
up, or you svn up -r {rev} some file. svn up -r {rev} at the top of
your tree should bring the whole tree to that revision level. You can
verify this by running 'svnversion . ' It should output a single
revision number, {rev}.
> At the very least it should fail with an error instead of saying
> everything is up to date.
I'll look into that.
> Is it necessary to sign snapshot distributions?
Since they are not official releases, and the snapshots are served
from an Apache machine and not the mirrors, I don't think signing is
necessary. One of the primary reasons for signing official releases
is that the binaries are hosted on mirrors to conserve Apache's
bandwidth. While unlikely, it is possible that the files could become
infected with viruses, or otherwise modified in some nefarious
fashion at the mirrors site, and verifying the signature/hash on the
file guarantees that the file is identical to the official one hosted
at www.apache.org.
andrew