You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Stefan Sperling <st...@apache.org> on 2020/05/27 17:30:17 UTC
[announce-owner@apache.org: Returned post for announce@apache.org]
Out of the blue, I have received nitpicking of changes I made to the
website and the announce message I sent. I've received this feedback
via the mailing list moderation mechanism.
Can anyone tell me what's going on here? Who even wrote this?
FWIW, the announce message was generated by release.py; if there's
something wrong with that, we need to fix that script.
There's nothing I could do now to correct the announce message
itself since it has already been approved (by me).
----- Forwarded message from announce-owner@apache.org -----
Date: 27 May 2020 17:09:19 -0000
From: announce-owner@apache.org
To: stsp@apache.org
Subject: Returned post for announce@apache.org
Message-ID: <15...@apache.org>
Content-Type: multipart/mixed; boundary=lodpbfombmeidpnonnko
X-Spam-Score: (-7.5) SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL
Hi! This is the ezmlm program. I'm managing the
announce@apache.org mailing list.
I'm sorry, your message (enclosed) was not accepted by the moderator.
If the moderator has made any comments, they are shown below.
>>>>> -------------------- >>>>>
Sorry, but the announce message and download page are not acceptable.
The KEYS file must have the name KEYS, and should be at:
https://downloads.apache.org/subversion/KEYS
The download page is confusing, as the verification instructions say to use
https://downloads.apache.org/subversion/KEYS, which is fine,
however the entries for 1.40.0 have different links for the KEYS files.
Please fix the page and submit a corrected email.
Thanks.
<<<<< -------------------- <<<<<
Date: Wed, 27 May 2020 17:56:06 +0200
From: Stefan Sperling <st...@apache.org>
To: announce@subversion.apache.org, users@subversion.apache.org,
dev@subversion.apache.org, announce@apache.org
Subject: [ANNOUNCE] Apache Subversion 1.14.0 released
Message-ID: <20...@ted.stsp.name>
Reply-To: users@subversion.apache.org
Content-Type: text/plain; charset=utf-8
I'm happy to announce the release of Apache Subversion 1.14.0.
Please choose the mirror closest to you by visiting:
https://subversion.apache.org/download.cgi#recommended-release
This is a stable feature release of the Apache Subversion open source
version control system.
SHA-512 checksums are available at:
https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.sha512
https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.sha512
https://www.apache.org/dist/subversion/subversion-1.14.0.zip.sha512
PGP Signatures are available at:
https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.asc
https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.asc
https://www.apache.org/dist/subversion/subversion-1.14.0.zip.asc
For this release, the following people have provided PGP signatures:
Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
Julian Foad [4096R/1FB064B84EECC493] with fingerprint:
6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
Nathan Hartman (CODE SIGNING KEY) [4096R/583F00ADF981C39F] with fingerprint:
3F8E 467C B336 6E30 13E1 120D 583F 00AD F981 C39F
Branko Čibej [4096R/1BCA6586A347943F] with fingerprint:
BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F
James McCoy (Debian) [4096R/DFE691AE331BA3DB] with fingerprint:
91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
These public keys are available at:
https://www.apache.org/dist/subversion/subversion-1.14.0.KEYS
Release notes for the 1.14.x release series may be found at:
https://subversion.apache.org/docs/release-notes/1.14.html
You can find the list of changes between 1.14.0 and earlier versions at:
https://svn.apache.org/repos/asf/subversion/tags/1.14.0/CHANGES
Questions, comments, and bug reports to users@subversion.apache.org.
Thanks,
- The Subversion Team
--
To unsubscribe, please see:
https://subversion.apache.org/mailing-lists.html#unsubscribing
----- End forwarded message -----
Re: [announce-owner@apache.org: Returned post for announce@apache.org]
Posted by Nathan Hartman <ha...@gmail.com>.
On Thu, May 28, 2020 at 3:53 AM Stefan Sperling <st...@elego.de> wrote:
> On Thu, May 28, 2020 at 07:59:07AM +0200, Branko Čibej wrote:
> > On 28.05.2020 07:40, Daniel Shahaf wrote:
> > > Someone could start a discussion with the announce@a.o moderators. The
> > > escalation path, IIRC, is: announce-owner@, press@, VP M&P (= Sally),
> > > operations@, board@, members@.
> >
> > Did that about half an hour ago. Let's see what happens. If whoever
> > blocked the announcement doesn't respond on this list in a reasonable
> > time, then I suggest we send out the same announcement again and see
> > what happens (having fixed the link to KEYS first, I suppose).
>
> Extra effort on my part to re-send this really isn't justified.
>
> If the moderators do not even bother to respond, I would say we should
> drop the announce@a.o list from our template and not use it.
This situation is really irritating, but if it makes anyone feel
better, 1.14.0 did get announced on announce.a.o, in the form of a
Press Release:
https://lists.apache.org/thread.html/rcef2e9d90cff20a25e3519ed1283f2715251002a5ed8eabd0ef1d6f6%40%3Cannounce.apache.org%3E
Which, by the way, doesn't meet that list's high standard of KEYS file
naming, or whatever the nonsense excuse was for blocking our
announcement email.
I agree 100% that moderation is for blocking spam. Our announcement
email was a legitimate announcement from the legitimate release
manager of a legitimate ASF Top Level Project and as such is not spam.
It should not have been blocked.
Waiting to see if the announce moderator(s) respond to Brane's message.
Nathan
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@elego.de>.
On Thu, May 28, 2020 at 08:13:26AM +0000, Daniel Shahaf wrote:
> Stefan Sperling wrote on Thu, 28 May 2020 09:53 +0200:
> > On Thu, May 28, 2020 at 07:59:07AM +0200, Branko Čibej wrote:
> > > On 28.05.2020 07:40, Daniel Shahaf wrote:
> > > > Someone could start a discussion with the announce@a.o moderators. The
> > > > escalation path, IIRC, is: announce-owner@, press@, VP M&P (= Sally),
> > > > operations@, board@, members@.
> > >
> > > Did that about half an hour ago. Let's see what happens. If whoever
> > > blocked the announcement doesn't respond on this list in a reasonable
> > > time, then I suggest we send out the same announcement again and see
> > > what happens (having fixed the link to KEYS first, I suppose).
> >
> > Extra effort on my part to re-send this really isn't justified.
> >
> > If the moderators do not even bother to respond, I would say we should
> > drop the announce@a.o list from our template and not use it.
>
> Then what would you say to fellow full committers jerenkrantz@ and
> striker@, who are currently in the process of bringing a non-Apache
> project into ASF?
That they should be very, very, careful indeed about how they handle
the KEYS files in this project. Or else...!!!
> (Also, does announce@s.a.o get automagically Cc'd to announce@a.o? If
> it does, changing the template wouldn't have any effect.)
That would be surprising.
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Stefan Sperling wrote on Thu, 28 May 2020 09:53 +0200:
> On Thu, May 28, 2020 at 07:59:07AM +0200, Branko Čibej wrote:
> > On 28.05.2020 07:40, Daniel Shahaf wrote:
> > > Someone could start a discussion with the announce@a.o moderators. The
> > > escalation path, IIRC, is: announce-owner@, press@, VP M&P (= Sally),
> > > operations@, board@, members@.
> >
> > Did that about half an hour ago. Let's see what happens. If whoever
> > blocked the announcement doesn't respond on this list in a reasonable
> > time, then I suggest we send out the same announcement again and see
> > what happens (having fixed the link to KEYS first, I suppose).
>
> Extra effort on my part to re-send this really isn't justified.
>
> If the moderators do not even bother to respond, I would say we should
> drop the announce@a.o list from our template and not use it.
Then what would you say to fellow full committers jerenkrantz@ and
striker@, who are currently in the process of bringing a non-Apache
project into ASF?
(Also, does announce@s.a.o get automagically Cc'd to announce@a.o? If
it does, changing the template wouldn't have any effect.)
Cheers,
Daniel
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@elego.de>.
On Thu, May 28, 2020 at 07:59:07AM +0200, Branko Čibej wrote:
> On 28.05.2020 07:40, Daniel Shahaf wrote:
> > Someone could start a discussion with the announce@a.o moderators. The
> > escalation path, IIRC, is: announce-owner@, press@, VP M&P (= Sally),
> > operations@, board@, members@.
>
> Did that about half an hour ago. Let's see what happens. If whoever
> blocked the announcement doesn't respond on this list in a reasonable
> time, then I suggest we send out the same announcement again and see
> what happens (having fixed the link to KEYS first, I suppose).
Extra effort on my part to re-send this really isn't justified.
If the moderators do not even bother to respond, I would say we should
drop the announce@a.o list from our template and not use it.
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Branko Čibej <br...@apache.org>.
On 28.05.2020 07:40, Daniel Shahaf wrote:
> Someone could start a discussion with the announce@a.o moderators. The
> escalation path, IIRC, is: announce-owner@, press@, VP M&P (= Sally),
> operations@, board@, members@.
Did that about half an hour ago. Let's see what happens. If whoever
blocked the announcement doesn't respond on this list in a reasonable
time, then I suggest we send out the same announcement again and see
what happens (having fixed the link to KEYS first, I suppose).
-- Brane
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Julian Foad wrote on Wed, 27 May 2020 21:41 +0100:
> Branko Čibej wrote:
> >>> On 27.05.2020 19:30, Stefan Sperling wrote:
> >>>> Out of the blue, I have received nitpicking of changes I made to the
> >>>> website and the announce message I sent. I've received this feedback
> >>>> via the mailing list moderation mechanism.
> >>>>
> >>>> Can anyone tell me what's going on here? Who even wrote this?
> [...]
>
> Note the response was from moderators of announce.a.o not our own
> announce@s.a.o. They likely haven't seen this ensuing discussion on our
> dev@.
>
Moderators should always sign their names when they reject messages,
because ezmlm doesn't add that information by itself. If the
announce@a.o moderators don't already follow common-sense practice,
they should be reminded to do so.
FWIW, I said so on board@ at 2019-07-15 15:58, but that message was
buried deep in a long thread and could have easily been missed.
> > So, that anonymous moderator's complaint is doubly silly given that
> > there are currently 4 releases on dist/release and you can only have one
> > file named "KEYS" there. I'm pretty sure downstream users who use the
> > source release are intelligent enough to interpret "KEYS" as "*.KEYS" if
> > necessary.
>
Indeed, the policy requires that we have a KEYS file. We _have_ a KEYS
file; it's just that it's per-release rather than per-PMC. Even
presupposing that this design makes us incompliant with the letter of
the policy, the moderator should not have stopped there but proceeded
to ask whether our download page, _as it stands_, achieves the _end_ of
the policy, which is to provide end-users with the data and know-how
required to cryptographically verify the release artifacts in
a standardized manner.¹
It does, so our announcement should have been moderated through, period.
The moderator might have followed up with a bug report on our dev@ list,
of course, but the reasons given did not justify a rejection. Not every
bug is a showstopper; doubly so when one is entrusted with gating the
work of a community one is not a member of.²
Instead, the moderator used their power to unilaterally require us to
change our release artifacts at the eleventh hour according to his or
her personal, strict/pedantic interpretation of the release policy,
holding our users' awareness of our release hostage to ensure our
compliance.
I do not know of a good reason to have a per-PMC KEYS file that covers
all past and future releases, even if that's what the letter of the
policy requires. A per-release KEYS file generated from LDAP is better
in several ways [more on that later].
In fact, I would consider naming the KEYS file for a particular release
a technical decision, and therefore, I'd argue that moderator breached
the convention that the ASF leaves technical decisions to projects.
More generally, the reason ASF works at all is that it doesn't tell
projects what to do, and in the few exceptions to that, it doesn't tell
them _how_ to do it. Foundation-wide expert groups in various domains
are available to advise PMCs on the options available to them, but it is
always up to a PMC to choose from the various courses of action that
meet the few Foundation-wide requirements. The presumption is that PMCs
know what's best for their users.
The ASF is not supposed to be a place where an external party forbids us
to announce our release until some arbitrary formal dicta are met, when
all the substantive, semantic requirements are already met. The ASF
exists to serve its projects and their users. The purpose of announce@,
Infra, Brand, D&I, and the other Foundation-wide groups is to enable and
support, rather than police. For this reason, Apache Software
Foundation cross-project policies SHOULD NOT MUST.³ Variance between
projects is normal and inevitable, given the large number and different
technology stacks and application areas of PMCs.
(Besides, I also question whether those release policy pages are
actually normative/binding. IIRC, changes to them are subject to
neither a consensus process nor approval by an Officer of the
Foundation, which means they simply reflect the opinion of whoever
bothered to spend time editing them to reflect his or her personal
opinion.)
The moderator's point about a link to KEYS download.html is correct —
.
% svn up -q
% ag KEYS | vipe
download.html:230: the <a href="https://www.apache.org/dist/subversion/KEYS"
download.html:231: >KEYS</a> as well as the <code>asc</code> signature file for the
%
.
— but did not justify blocking the release announcement.
> There is some history:
The moderator's advocated approach of using per-PMC KEYS files leads to
committers having to, whenever they update their private keys, manually
update the KEYS file of every Apache project they have commit access to.
Our approach has been to use KEYS files generated automatically from
LDAP, in order to avoid this busywork.
This is the original reason our KEYS files are different.
> the KEYS file issue was discussed between us and them somewhere
> (dev@community.a.o ?) a year or two ago but no consensus was reached.
IIRC, the feedback given to us in that thread was the direct reason I
made release.py create "subversion-%(version)s.KEYS" files in the first
place. This design addresses one of the points of feedback from that
thread, while not introducing the "public keys can never be removed from
the KEYS file, even if they are only required for verifying decade-old
artifacts" problem that the one-KEYS-file-per-PMC design has.
IIRC I made all these points on the thread at the time.
> There is some ASF-wide policy they are trying to enforce.
FWIW, Infra has implicitly endorsed our *.KEYS file naming pattern:
https://issues.apache.org/jira/browse/INFRA-19421
> Clearly this isn't a good way to go about it.
>
> When I received similar rejections on some previous releases, I sighed
> and ignored them, thinking that reaching announce@a.o isn't that
> important and in each case it was the last thing at the end of a tiring
> day so I lacked the motivation to pursue it.
Well, it sounds like we have some technical debt to pay off.
Someone could start a discussion with the announce@a.o moderators. The
escalation path, IIRC, is: announce-owner@, press@, VP M&P (= Sally),
operations@, board@, members@.
However, I think it's a problem worth solving, one way or the other.
Our release managers should not get emotionally fatigued at the very
point where HACKING specifically instructs them to enjoy their
$favorite_beverage.
Cheers,
Daniel
(who's reminded of Incubator's podling releases vetoing saga)
¹ Compare how we don't reject out of hand patches unaccompanied by log
messages.
² Compare the point regularly made on general@incubator, that podling
release reviewers should, upon reviewing a podling release that has
minor incompliances with the release policy, cast "+1 despite the release
policy incompliances, but fix them before your next release" votes rather
than vetoes.
³ "MUST" is to be taken as a verb.
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Stefan Sperling wrote on Thu, 28 May 2020 10:02 +0200:
> On Thu, May 28, 2020 at 07:59:31AM +0000, Daniel Shahaf wrote:
> > Seems to cover everything. I took a stab at a slight reorganization;
> > WDYT? —
>
> Sure, your wording changes are fine with me. +1 to commit :)
>
r1878222.
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@elego.de>.
On Thu, May 28, 2020 at 07:59:31AM +0000, Daniel Shahaf wrote:
> Seems to cover everything. I took a stab at a slight reorganization;
> WDYT? —
Sure, your wording changes are fine with me. +1 to commit :)
> Index: releasing.part.html
> ===================================================================
> --- releasing.part.html (revision 1878220)
> +++ releasing.part.html (working copy)
> @@ -1300,6 +1300,18 @@
> <p>NOTE: We announce the release before updating the website since the website
> update links to the release announcement sent to the announce@ mailing list.</p>
>
> +<p>There are two announce@ mailing lists where the release announcement gets
> +posted: The Subversion project's announce@subversion.apache.org list, and the ASF-wide announce@apache.org
> +list. It is possible that your message to the ASF-wide announce@ list will be
> +rejected. This generates a moderation notification with a Subject line such as:
> +<tt>Returned post for announce@apache.org</tt>. The moderator who ordered the
> +mailing list software to reject the message may neglect to sign their name to
> +the rejection message, making the rejection anonymous, and the grounds for the
> +rejection may be invalid. Be that as it may, keep calm and forward the
> +rejection to the dev@ mailing list so the project can discuss whether anything
> +needs to be done about it. (If necessary, announce@ mailing list moderators can
> +be contacted via the announce-owner@ handle.)</p>
> +
> <p>Update the topics in various Subversion-related IRC channels, such as
> <tt>#svn</tt> and <tt>#svn-dev</tt> on freenode.</p>
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Stefan Sperling wrote on Thu, 28 May 2020 08:46 +0200:
> On Thu, May 28, 2020 at 06:27:54AM +0000, Daniel Shahaf wrote:
> > Stefan Sperling wrote on Thu, 28 May 2020 08:07 +0200:
> > > +++ releasing.part.html (working copy)
> > > @@ -1300,6 +1300,20 @@ Ensure that your mailer doesn't wrap the URLs over
> > > <p>NOTE: We announce the release before updating the website since the website
> > > update links to the release announcement sent to the announce@ mailing list.</p>
> > >
> > > +<p>It is possible that your message to the ASF-wide announce@apache.org will
> > > +be rejected. This generates a moderation notification with a Subject line
> > > +such as: <tt>Returned post for announce@apache.org</tt>.
> >
> > Spell out that this is specifically about announce@a.o, as opposed to announce@s.a.o?
> >
> > > +The originator of such moderation messages is anonymous if the moderator
> > > +neglects to sign the moderation message with their own name, which makes it
> > > +impossible to have an actual conversation with the moderator.
> >
> > Mention that a conversation can be had by emailing announce-owner@?
>
> How about this?
>
Seems to cover everything. I took a stab at a slight reorganization;
WDYT? —
Index: releasing.part.html
===================================================================
--- releasing.part.html (revision 1878220)
+++ releasing.part.html (working copy)
@@ -1300,6 +1300,18 @@
<p>NOTE: We announce the release before updating the website since the website
update links to the release announcement sent to the announce@ mailing list.</p>
+<p>There are two announce@ mailing lists where the release announcement gets
+posted: The Subversion project's announce@subversion.apache.org list, and the ASF-wide announce@apache.org
+list. It is possible that your message to the ASF-wide announce@ list will be
+rejected. This generates a moderation notification with a Subject line such as:
+<tt>Returned post for announce@apache.org</tt>. The moderator who ordered the
+mailing list software to reject the message may neglect to sign their name to
+the rejection message, making the rejection anonymous, and the grounds for the
+rejection may be invalid. Be that as it may, keep calm and forward the
+rejection to the dev@ mailing list so the project can discuss whether anything
+needs to be done about it. (If necessary, announce@ mailing list moderators can
+be contacted via the announce-owner@ handle.)</p>
+
<p>Update the topics in various Subversion-related IRC channels, such as
<tt>#svn</tt> and <tt>#svn-dev</tt> on freenode.</p>
> Index: releasing.part.html
> ===================================================================
> --- releasing.part.html (revision 1878172)
> +++ releasing.part.html (working copy)
> @@ -1300,6 +1300,23 @@ Ensure that your mailer doesn't wrap the URLs over
> <p>NOTE: We announce the release before updating the website since the website
> update links to the release announcement sent to the announce@ mailing list.</p>
>
> +<p>There are two announce@ mailing lists where the release announcement gets
> +posted: The Subversion project's announce@ list, and the ASF-wide announce@
> +list. It is possible that your message to the ASF-wide announce@ list will
> +be rejected. This generates a moderation notification with a Subject line
> +such as: <tt>Returned post for announce@apache.org</tt>.
> +The originator of such moderation messages is anonymous if the moderator
> +neglects to sign the moderation message with their own name, which makes it
> +impossible to have an actual one-on-one conversation with the moderator.
> +If you receive such a moderation message please stay calm and forward it to
> +Subversion's dev@ mailing list so the project can discuss whether anything
> +needs to be done about it. (If necessary, announce@ mailing list moderators
> +can be contacted via the announce-owner@ handle.)
> +In the past, this moderation mechanism was abused to alert the Subversion
> +project about ASF-wide policy changes in the way the KEYS files are supposed
I think it's not actually a recent change in policy, but simply
a case where we were never in compliance with the letter of the
self-styled "policy" in the first place. For example, here's one
document from 2011 that describes itself as a "policy" (right at the
top, under "Abstract") and describes the KEYS-file-per-PMC practice:
https://web.archive.org/web/20110716160744/http://www.apache.org/dev/release-signing.html#keys-policy
And here's our practice back then:
https://mail-archives.apache.org/mod_mbox/subversion-dev/201109.mbox/%3CCAJjMeYMcu94n7%3DGSEQ_LLVoPa0acZKPHy-R8sCyZHLpT0AtThw%40mail.gmail.com%3E
> +to be handled. This is inappropriate because moderation is supposed to filter
> +out spam. Policy changes should be discussed on the dev@ list instead.</p>
> +
It's unfortunate that this patch is needed. The Foundation should not
be something we have to work around. I wish the announce@ moderation
policy would change, but until and unless that happens, documenting the
issue is the Right Thing.
Cheers,
Daniel
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@elego.de>.
On Thu, May 28, 2020 at 06:27:54AM +0000, Daniel Shahaf wrote:
> Stefan Sperling wrote on Thu, 28 May 2020 08:07 +0200:
> > +++ releasing.part.html (working copy)
> > @@ -1300,6 +1300,20 @@ Ensure that your mailer doesn't wrap the URLs over
> > <p>NOTE: We announce the release before updating the website since the website
> > update links to the release announcement sent to the announce@ mailing list.</p>
> >
> > +<p>It is possible that your message to the ASF-wide announce@apache.org will
> > +be rejected. This generates a moderation notification with a Subject line
> > +such as: <tt>Returned post for announce@apache.org</tt>.
>
> Spell out that this is specifically about announce@a.o, as opposed to announce@s.a.o?
>
> > +The originator of such moderation messages is anonymous if the moderator
> > +neglects to sign the moderation message with their own name, which makes it
> > +impossible to have an actual conversation with the moderator.
>
> Mention that a conversation can be had by emailing announce-owner@?
How about this?
Index: releasing.part.html
===================================================================
--- releasing.part.html (revision 1878172)
+++ releasing.part.html (working copy)
@@ -1300,6 +1300,23 @@ Ensure that your mailer doesn't wrap the URLs over
<p>NOTE: We announce the release before updating the website since the website
update links to the release announcement sent to the announce@ mailing list.</p>
+<p>There are two announce@ mailing lists where the release announcement gets
+posted: The Subversion project's announce@ list, and the ASF-wide announce@
+list. It is possible that your message to the ASF-wide announce@ list will
+be rejected. This generates a moderation notification with a Subject line
+such as: <tt>Returned post for announce@apache.org</tt>.
+The originator of such moderation messages is anonymous if the moderator
+neglects to sign the moderation message with their own name, which makes it
+impossible to have an actual one-on-one conversation with the moderator.
+If you receive such a moderation message please stay calm and forward it to
+Subversion's dev@ mailing list so the project can discuss whether anything
+needs to be done about it. (If necessary, announce@ mailing list moderators
+can be contacted via the announce-owner@ handle.)
+In the past, this moderation mechanism was abused to alert the Subversion
+project about ASF-wide policy changes in the way the KEYS files are supposed
+to be handled. This is inappropriate because moderation is supposed to filter
+out spam. Policy changes should be discussed on the dev@ list instead.</p>
+
<p>Update the topics in various Subversion-related IRC channels, such as
<tt>#svn</tt> and <tt>#svn-dev</tt> on freenode.</p>
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Stefan Sperling wrote on Thu, 28 May 2020 08:07 +0200:
> +++ releasing.part.html (working copy)
> @@ -1300,6 +1300,20 @@ Ensure that your mailer doesn't wrap the URLs over
> <p>NOTE: We announce the release before updating the website since the website
> update links to the release announcement sent to the announce@ mailing list.</p>
>
> +<p>It is possible that your message to the ASF-wide announce@apache.org will
> +be rejected. This generates a moderation notification with a Subject line
> +such as: <tt>Returned post for announce@apache.org</tt>.
Spell out that this is specifically about announce@a.o, as opposed to announce@s.a.o?
> +The originator of such moderation messages is anonymous if the moderator
> +neglects to sign the moderation message with their own name, which makes it
> +impossible to have an actual conversation with the moderator.
Mention that a conversation can be had by emailing announce-owner@?
Cheers,
Daniel
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@apache.org>.
On Thu, May 28, 2020 at 07:59:48AM +0200, Stefan Sperling wrote:
> Receiving such a message at the end of a long release preparation day is
> indeed rather discouraging. Since this is recurring behaviour and can
> potentially have toxic results in affected project communities, I think
> we should document this in our release preparation guidelines to make the
> release manager aware ahead of time about the possibility of receiving
> moderation messages from annouce@a.o.
Updated wording after having read Daniel's post, which mentioned that
moderators could in fact sign their name on rejection messages to avoid
at least the anonymity aspect of the issue.
Index: releasing.part.html
===================================================================
--- releasing.part.html (revision 1878172)
+++ releasing.part.html (working copy)
@@ -1300,6 +1300,20 @@ Ensure that your mailer doesn't wrap the URLs over
<p>NOTE: We announce the release before updating the website since the website
update links to the release announcement sent to the announce@ mailing list.</p>
+<p>It is possible that your message to the ASF-wide announce@apache.org will
+be rejected. This generates a moderation notification with a Subject line
+such as: <tt>Returned post for announce@apache.org</tt>.
+The originator of such moderation messages is anonymous if the moderator
+neglects to sign the moderation message with their own name, which makes it
+impossible to have an actual conversation with the moderator.
+If you receive such a moderation message please stay calm and forward it to
+Subversion's dev@ mailing list so the project can discuss whether anything
+needs to be done about it.
+In the past, this medoration mechanism was abused to alert the Subversion
+project about ASF-wide policy changes in the way the KEYS files are supposed
+to be handled. This is inappropriate because moderation is supposed to filter
+out spam. Policy changes should be discussed on the dev@ list instead.</p>
+
<p>Update the topics in various Subversion-related IRC channels, such as
<tt>#svn</tt> and <tt>#svn-dev</tt> on freenode.</p>
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@apache.org>.
On Wed, May 27, 2020 at 09:41:18PM +0100, Julian Foad wrote:
> Branko Čibej wrote:
> > > > On 27.05.2020 19:30, Stefan Sperling wrote:
> > > > > Out of the blue, I have received nitpicking of changes I made to the
> > > > > website and the announce message I sent. I've received this feedback
> > > > > via the mailing list moderation mechanism.
> > > > >
> > > > > Can anyone tell me what's going on here? Who even wrote this?
> [...]
>
> Note the response was from moderators of announce.a.o not our own
> announce@s.a.o. They likely haven't seen this ensuing discussion on our
> dev@.
>
> > So, that anonymous moderator's complaint is doubly silly given that
> > there are currently 4 releases on dist/release and you can only have one
> > file named "KEYS" there. I'm pretty sure downstream users who use the
> > source release are intelligent enough to interpret "KEYS" as "*.KEYS" if
> > necessary.
>
> There is some history: the KEYS file issue was discussed between us and them
> somewhere (dev@community.a.o ?) a year or two ago but no consensus was
> reached. There is some ASF-wide policy they are trying to enforce. Clearly
> this isn't a good way to go about it.
>
> When I received similar rejections on some previous releases, I sighed and
> ignored them, thinking that reaching announce@a.o isn't that important and
> in each case it was the last thing at the end of a tiring day so I lacked
> the motivation to pursue it.
>
> - Julian
>
Thank you Julian. The possibility that such a message could originate
outside of our project's community didn't even occur to me! I misread
the moderation message and assumed it was moderation of our own
announce@s.a.o list.
Receiving such a message at the end of a long release preparation day is
indeed rather discouraging. Since this is recurring behaviour and can
potentially have toxic results in affected project communities, I think
we should document this in our release preparation guidelines to make the
release manager aware ahead of time about the possibility of receiving
moderation messages from annouce@a.o.
Index: releasing.part.html
===================================================================
--- releasing.part.html (revision 1878172)
+++ releasing.part.html (working copy)
@@ -1300,6 +1300,19 @@ Ensure that your mailer doesn't wrap the URLs over
<p>NOTE: We announce the release before updating the website since the website
update links to the release announcement sent to the announce@ mailing list.</p>
+<p>It is possible that your message to the ASF-wide announce@apache.org will
+be rejected. This generates a moderation notification with a Subject line
+such as: <tt>Returned post for announce@apache.org</tt>.
+The originator of such moderation messages is anonymous, which makes it
+impossible to have an actual conversation with the sender.
+If you receive such a moderation message please stay calm and forward it to
+Subversion's dev@ mailing list so the project can discuss whether anything
+needs to be done about it.
+In the past, this medoration mechanism was abused to alert the Subversion
+project about ASF-wide policy changes in the way the KEYS files are supposed
+to be handled. This is inappropriate because moderation is supposed to filter
+out spam. Policy changes should be discussed on the dev@ list instead.</p>
+
<p>Update the topics in various Subversion-related IRC channels, such as
<tt>#svn</tt> and <tt>#svn-dev</tt> on freenode.</p>
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Julian Foad <ju...@apache.org>.
Branko Čibej wrote:
>>> On 27.05.2020 19:30, Stefan Sperling wrote:
>>>> Out of the blue, I have received nitpicking of changes I made to the
>>>> website and the announce message I sent. I've received this feedback
>>>> via the mailing list moderation mechanism.
>>>>
>>>> Can anyone tell me what's going on here? Who even wrote this?
[...]
Note the response was from moderators of announce.a.o not our own
announce@s.a.o. They likely haven't seen this ensuing discussion on our
dev@.
> So, that anonymous moderator's complaint is doubly silly given that
> there are currently 4 releases on dist/release and you can only have one
> file named "KEYS" there. I'm pretty sure downstream users who use the
> source release are intelligent enough to interpret "KEYS" as "*.KEYS" if
> necessary.
There is some history: the KEYS file issue was discussed between us and
them somewhere (dev@community.a.o ?) a year or two ago but no consensus
was reached. There is some ASF-wide policy they are trying to enforce.
Clearly this isn't a good way to go about it.
When I received similar rejections on some previous releases, I sighed
and ignored them, thinking that reaching announce@a.o isn't that
important and in each case it was the last thing at the end of a tiring
day so I lacked the motivation to pursue it.
- Julian
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Branko Čibej <br...@apache.org>.
On 27.05.2020 20:35, Stefan Sperling wrote:
> On Wed, May 27, 2020 at 07:48:41PM +0200, Branko Čibej wrote:
>> On 27.05.2020 19:30, Stefan Sperling wrote:
>>> Out of the blue, I have received nitpicking of changes I made to the
>>> website and the announce message I sent. I've received this feedback
>>> via the mailing list moderation mechanism.
>>>
>>> Can anyone tell me what's going on here? Who even wrote this?
>>>
>>> FWIW, the announce message was generated by release.py; if there's
>>> something wrong with that, we need to fix that script.
>>> There's nothing I could do now to correct the announce message
>>> itself since it has already been approved (by me).
>>
>> This moderation is completely inappropriate. Moderation is supposed to
>> filter spam from the announce@ list, not pontificate about the names of
>> the files in a release. That's what dev@ is for. You don't block a
>> release announcement because of typos unless they've very serious indeed.
> I agree.
>
> A moderation mechanism is not an appropriate way of initiating a conversation.
> This approach is rather problematic and doesn't align at all with our
> collaborative work flow.
>
> Dear anonymous robot(?), please use the dev@ list for such purposes, so we
> know who is providing feedback and can have an actual conversation together
> about whatever might need to be done exactly to satisfy your concerns.
>
> Thanks :)
So, that anonymous moderator's complaint is doubly silly given that
there are currently 4 releases on dist/release and you can only have one
file named "KEYS" there. I'm pretty sure downstream users who use the
source release are intelligent enough to interpret "KEYS" as "*.KEYS" if
necessary.
-- Brane
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Stefan Sperling <st...@apache.org>.
On Wed, May 27, 2020 at 07:48:41PM +0200, Branko Čibej wrote:
> On 27.05.2020 19:30, Stefan Sperling wrote:
> > Out of the blue, I have received nitpicking of changes I made to the
> > website and the announce message I sent. I've received this feedback
> > via the mailing list moderation mechanism.
> >
> > Can anyone tell me what's going on here? Who even wrote this?
> >
> > FWIW, the announce message was generated by release.py; if there's
> > something wrong with that, we need to fix that script.
> > There's nothing I could do now to correct the announce message
> > itself since it has already been approved (by me).
>
>
> This moderation is completely inappropriate. Moderation is supposed to
> filter spam from the announce@ list, not pontificate about the names of
> the files in a release. That's what dev@ is for. You don't block a
> release announcement because of typos unless they've very serious indeed.
I agree.
A moderation mechanism is not an appropriate way of initiating a conversation.
This approach is rather problematic and doesn't align at all with our
collaborative work flow.
Dear anonymous robot(?), please use the dev@ list for such purposes, so we
know who is providing feedback and can have an actual conversation together
about whatever might need to be done exactly to satisfy your concerns.
Thanks :)
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Branko Čibej <br...@apache.org>.
On 27.05.2020 19:30, Stefan Sperling wrote:
> Out of the blue, I have received nitpicking of changes I made to the
> website and the announce message I sent. I've received this feedback
> via the mailing list moderation mechanism.
>
> Can anyone tell me what's going on here? Who even wrote this?
>
> FWIW, the announce message was generated by release.py; if there's
> something wrong with that, we need to fix that script.
> There's nothing I could do now to correct the announce message
> itself since it has already been approved (by me).
This moderation is completely inappropriate. Moderation is supposed to
filter spam from the announce@ list, not pontificate about the names of
the files in a release. That's what dev@ is for. You don't block a
release announcement because of typos unless they've very serious indeed.
-- Brane
>
> ----- Forwarded message from announce-owner@apache.org -----
>
> Date: 27 May 2020 17:09:19 -0000
> From: announce-owner@apache.org
> To: stsp@apache.org
> Subject: Returned post for announce@apache.org
> Message-ID: <15...@apache.org>
> Content-Type: multipart/mixed; boundary=lodpbfombmeidpnonnko
> X-Spam-Score: (-7.5) SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL
>
>
> Hi! This is the ezmlm program. I'm managing the
> announce@apache.org mailing list.
>
> I'm sorry, your message (enclosed) was not accepted by the moderator.
> If the moderator has made any comments, they are shown below.
>
>>>>>> -------------------- >>>>>
> Sorry, but the announce message and download page are not acceptable.
>
> The KEYS file must have the name KEYS, and should be at:
> https://downloads.apache.org/subversion/KEYS
>
> The download page is confusing, as the verification instructions say to use
> https://downloads.apache.org/subversion/KEYS, which is fine,
> however the entries for 1.40.0 have different links for the KEYS files.
>
> Please fix the page and submit a corrected email.
>
> Thanks.
> <<<<< -------------------- <<<<<
>
>
> Date: Wed, 27 May 2020 17:56:06 +0200
> From: Stefan Sperling <st...@apache.org>
> To: announce@subversion.apache.org, users@subversion.apache.org,
> dev@subversion.apache.org, announce@apache.org
> Subject: [ANNOUNCE] Apache Subversion 1.14.0 released
> Message-ID: <20...@ted.stsp.name>
> Reply-To: users@subversion.apache.org
> Content-Type: text/plain; charset=utf-8
>
> I'm happy to announce the release of Apache Subversion 1.14.0.
> Please choose the mirror closest to you by visiting:
>
> https://subversion.apache.org/download.cgi#recommended-release
>
> This is a stable feature release of the Apache Subversion open source
> version control system.
>
> SHA-512 checksums are available at:
>
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.sha512
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.sha512
> https://www.apache.org/dist/subversion/subversion-1.14.0.zip.sha512
>
> PGP Signatures are available at:
>
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.asc
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.asc
> https://www.apache.org/dist/subversion/subversion-1.14.0.zip.asc
>
> For this release, the following people have provided PGP signatures:
>
> Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
> 8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
> Julian Foad [4096R/1FB064B84EECC493] with fingerprint:
> 6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
> Nathan Hartman (CODE SIGNING KEY) [4096R/583F00ADF981C39F] with fingerprint:
> 3F8E 467C B336 6E30 13E1 120D 583F 00AD F981 C39F
> Branko Čibej [4096R/1BCA6586A347943F] with fingerprint:
> BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F
> James McCoy (Debian) [4096R/DFE691AE331BA3DB] with fingerprint:
> 91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
> Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
> 8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
>
> These public keys are available at:
>
> https://www.apache.org/dist/subversion/subversion-1.14.0.KEYS
>
> Release notes for the 1.14.x release series may be found at:
>
> https://subversion.apache.org/docs/release-notes/1.14.html
>
> You can find the list of changes between 1.14.0 and earlier versions at:
>
> https://svn.apache.org/repos/asf/subversion/tags/1.14.0/CHANGES
>
> Questions, comments, and bug reports to users@subversion.apache.org.
>
> Thanks,
> - The Subversion Team
>
> --
> To unsubscribe, please see:
>
> https://subversion.apache.org/mailing-lists.html#unsubscribing
>
>
>
>
> ----- End forwarded message -----
Re: [announce-owner@apache.org: Returned post for announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Good morning Mark,
Thanks for the reply, and for signing it.
Thanks also for the offer to moderate the announcement through if we re-
send it. However, the press release has already been announced on the
same list and a 1.14.1 release is in the offing, so I'm not sure if
we'll take you up on it.
Once 1.14.1 is released, I hope its release announcement will be
moderated through. That announcement will be generated from the same
template as the 1.14.0 announcement.
Cheers,
Daniel
Private List Moderation wrote on Thu, 11 Jun 2020 11:37 +00:00:
> Hi Subversion folks,
>
> Moderation of announce@ is handled by a shared moderation system. Any
> rejection message is meant to be signed to you can identify who sent
> it. Please accept my apologies that this didn't happen in this case.
> Having reviewed the sent mail log it appears that it was sebb who
> rejected the announcement.
>
> I see that Sally's broader announcement on the 1.40.0 release has been
> moderated through. I don't see the message below on the announce@ list.
> I'd offer to moderate it through but it will have expired by now. If
> you want to resend it to announce@ I can moderate it through for you.
>
> Kind regards,
>
> Mark
> (markt)
>
> On Thu, 28 May 2020 at 18:16, Daniel Shahaf <d....@daniel.shahaf.name> wrote:
> > Branko Čibej wrote on Thu, 28 May 2020 07:05 +0200:
> > > Dear announce@ moderators,
> > >
> > > Moderation is not an appropriate venue for discussing policy. It is a
> > > way to prevent spam. If you have something to say, you're welcome to say
> > > it on dev@subversion.apache.org. You are not responsible for the
> > > contents of a release. The PMC is. Your anonymous pontification does not
> > > encourage discussion and collaboration and as such is itself a violation
> > > of the core principles of the ASF. Community over code, eh?
> > >
> >
> > To clarify: The Subversion PMC strongly considers your points
> > about the naming of KEYS files and links thereto insufficient grounds
> > for rejecting its release announcements. Care to respond?
> >
> > > -- Brane
> > >
> > >
> > > On 27.05.2020 19:30, Stefan Sperling wrote:
> > > > Out of the blue, I have received nitpicking of changes I made to the
> > > > website and the announce message I sent. I've received this feedback
> > > > via the mailing list moderation mechanism.
> > > >
> > > > Can anyone tell me what's going on here? Who even wrote this?
> > > >
> > > > FWIW, the announce message was generated by release.py; if there's
> > > > something wrong with that, we need to fix that script.
> > > > There's nothing I could do now to correct the announce message
> > > > itself since it has already been approved (by me).
> > > >
> > > > ----- Forwarded message from announce-owner@apache.org -----
> > > >
> > > > Date: 27 May 2020 17:09:19 -0000
> > > > From: announce-owner@apache.org
> > > > To: stsp@apache.org
> > > > Subject: Returned post for announce@apache.org
> > > > Message-ID: <15...@apache.org>
> > > > Content-Type: multipart/mixed; boundary=lodpbfombmeidpnonnko
> > > > X-Spam-Score: (-7.5) SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL
> > > >
> > > >
> > > > Hi! This is the ezmlm program. I'm managing the
> > > > announce@apache.org mailing list.
> > > >
> > > > I'm sorry, your message (enclosed) was not accepted by the moderator.
> > > > If the moderator has made any comments, they are shown below.
> > > >
> > > >>>>>> -------------------- >>>>>
> > > > Sorry, but the announce message and download page are not acceptable.
> > > >
> > > > The KEYS file must have the name KEYS, and should be at:
> > > > https://downloads.apache.org/subversion/KEYS
> > > >
> > > > The download page is confusing, as the verification instructions say to use
> > > > https://downloads.apache.org/subversion/KEYS, which is fine,
> > > > however the entries for 1.40.0 have different links for the KEYS files.
> > > >
> > > > Please fix the page and submit a corrected email.
> > > >
> > > > Thanks.
> > > > <<<<< -------------------- <<<<<
> > > >
> > > >
> > > > Date: Wed, 27 May 2020 17:56:06 +0200
> > > > From: Stefan Sperling <st...@apache.org>
> > > > To: announce@subversion.apache.org, users@subversion.apache.org,
> > > > dev@subversion.apache.org, announce@apache.org
> > > > Subject: [ANNOUNCE] Apache Subversion 1.14.0 released
> > > > Message-ID: <20...@ted.stsp.name>
> > > > Reply-To: users@subversion.apache.org
> > > > Content-Type: text/plain; charset=utf-8
> > > >
> > > > I'm happy to announce the release of Apache Subversion 1.14.0.
> > > > Please choose the mirror closest to you by visiting:
> > > >
> > > > https://subversion.apache.org/download.cgi#recommended-release
> > > >
> > > > This is a stable feature release of the Apache Subversion open source
> > > > version control system.
> > > >
> > > > SHA-512 checksums are available at:
> > > >
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.sha512
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.sha512
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.zip.sha512
> > > >
> > > > PGP Signatures are available at:
> > > >
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.asc
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.asc
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.zip.asc
> > > >
> > > > For this release, the following people have provided PGP signatures:
> > > >
> > > > Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
> > > > 8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
> > > > Julian Foad [4096R/1FB064B84EECC493] with fingerprint:
> > > > 6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
> > > > Nathan Hartman (CODE SIGNING KEY) [4096R/583F00ADF981C39F] with fingerprint:
> > > > 3F8E 467C B336 6E30 13E1 120D 583F 00AD F981 C39F
> > > > Branko Čibej [4096R/1BCA6586A347943F] with fingerprint:
> > > > BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F
> > > > James McCoy (Debian) [4096R/DFE691AE331BA3DB] with fingerprint:
> > > > 91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
> > > > Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
> > > > 8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
> > > >
> > > > These public keys are available at:
> > > >
> > > > https://www.apache.org/dist/subversion/subversion-1.14.0.KEYS
> > > >
> > > > Release notes for the 1.14.x release series may be found at:
> > > >
> > > > https://subversion.apache.org/docs/release-notes/1.14.html
> > > >
> > > > You can find the list of changes between 1.14.0 and earlier versions at:
> > > >
> > > > https://svn.apache.org/repos/asf/subversion/tags/1.14.0/CHANGES
> > > >
> > > > Questions, comments, and bug reports to users@subversion.apache.org.
> > > >
> > > > Thanks,
> > > > - The Subversion Team
> > > >
> > > > --
> > > > To unsubscribe, please see:
> > > >
> > > > https://subversion.apache.org/mailing-lists.html#unsubscribing
> > > >
> > > >
> > > >
> > > >
> > > > ----- End forwarded message -----
> > >
> >
Re: [announce-owner@apache.org: Returned post for announce@apache.org]
Posted by Private List Moderation <mo...@gsuite.cloud.apache.org>.
Hi Subversion folks,
Moderation of announce@ is handled by a shared moderation system. Any
rejection message is meant to be signed to you can identify who sent it.
Please accept my apologies that this didn't happen in this case. Having
reviewed the sent mail log it appears that it was sebb who rejected the
announcement.
I see that Sally's broader announcement on the 1.40.0 release has been
moderated through. I don't see the message below on the announce@ list. I'd
offer to moderate it through but it will have expired by now. If you want
to resend it to announce@ I can moderate it through for you.
Kind regards,
Mark
(markt)
On Thu, 28 May 2020 at 18:16, Daniel Shahaf <d....@daniel.shahaf.name> wrote:
> Branko Čibej wrote on Thu, 28 May 2020 07:05 +0200:
> > Dear announce@ moderators,
> >
> > Moderation is not an appropriate venue for discussing policy. It is a
> > way to prevent spam. If you have something to say, you're welcome to say
> > it on dev@subversion.apache.org. You are not responsible for the
> > contents of a release. The PMC is. Your anonymous pontification does not
> > encourage discussion and collaboration and as such is itself a violation
> > of the core principles of the ASF. Community over code, eh?
> >
>
> To clarify: The Subversion PMC strongly considers your points
> about the naming of KEYS files and links thereto insufficient grounds
> for rejecting its release announcements. Care to respond?
>
> > -- Brane
> >
> >
> > On 27.05.2020 19:30, Stefan Sperling wrote:
> > > Out of the blue, I have received nitpicking of changes I made to the
> > > website and the announce message I sent. I've received this feedback
> > > via the mailing list moderation mechanism.
> > >
> > > Can anyone tell me what's going on here? Who even wrote this?
> > >
> > > FWIW, the announce message was generated by release.py; if there's
> > > something wrong with that, we need to fix that script.
> > > There's nothing I could do now to correct the announce message
> > > itself since it has already been approved (by me).
> > >
> > > ----- Forwarded message from announce-owner@apache.org -----
> > >
> > > Date: 27 May 2020 17:09:19 -0000
> > > From: announce-owner@apache.org
> > > To: stsp@apache.org
> > > Subject: Returned post for announce@apache.org
> > > Message-ID: <15...@apache.org>
> > > Content-Type: multipart/mixed; boundary=lodpbfombmeidpnonnko
> > > X-Spam-Score: (-7.5) SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL
> > >
> > >
> > > Hi! This is the ezmlm program. I'm managing the
> > > announce@apache.org mailing list.
> > >
> > > I'm sorry, your message (enclosed) was not accepted by the moderator.
> > > If the moderator has made any comments, they are shown below.
> > >
> > >>>>>> -------------------- >>>>>
> > > Sorry, but the announce message and download page are not acceptable.
> > >
> > > The KEYS file must have the name KEYS, and should be at:
> > > https://downloads.apache.org/subversion/KEYS
> > >
> > > The download page is confusing, as the verification instructions say
> to use
> > > https://downloads.apache.org/subversion/KEYS, which is fine,
> > > however the entries for 1.40.0 have different links for the KEYS files.
> > >
> > > Please fix the page and submit a corrected email.
> > >
> > > Thanks.
> > > <<<<< -------------------- <<<<<
> > >
> > >
> > > Date: Wed, 27 May 2020 17:56:06 +0200
> > > From: Stefan Sperling <st...@apache.org>
> > > To: announce@subversion.apache.org, users@subversion.apache.org,
> > > dev@subversion.apache.org, announce@apache.org
> > > Subject: [ANNOUNCE] Apache Subversion 1.14.0 released
> > > Message-ID: <20...@ted.stsp.name>
> > > Reply-To: users@subversion.apache.org
> > > Content-Type: text/plain; charset=utf-8
> > >
> > > I'm happy to announce the release of Apache Subversion 1.14.0.
> > > Please choose the mirror closest to you by visiting:
> > >
> > > https://subversion.apache.org/download.cgi#recommended-release
> > >
> > > This is a stable feature release of the Apache Subversion open source
> > > version control system.
> > >
> > > SHA-512 checksums are available at:
> > >
> > >
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.sha512
> > >
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.sha512
> > >
> https://www.apache.org/dist/subversion/subversion-1.14.0.zip.sha512
> > >
> > > PGP Signatures are available at:
> > >
> > >
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.asc
> > >
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.asc
> > > https://www.apache.org/dist/subversion/subversion-1.14.0.zip.asc
> > >
> > > For this release, the following people have provided PGP signatures:
> > >
> > > Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
> > > 8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
> > > Julian Foad [4096R/1FB064B84EECC493] with fingerprint:
> > > 6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
> > > Nathan Hartman (CODE SIGNING KEY) [4096R/583F00ADF981C39F] with
> fingerprint:
> > > 3F8E 467C B336 6E30 13E1 120D 583F 00AD F981 C39F
> > > Branko Čibej [4096R/1BCA6586A347943F] with fingerprint:
> > > BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F
> > > James McCoy (Debian) [4096R/DFE691AE331BA3DB] with fingerprint:
> > > 91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
> > > Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
> > > 8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
> > >
> > > These public keys are available at:
> > >
> > > https://www.apache.org/dist/subversion/subversion-1.14.0.KEYS
> > >
> > > Release notes for the 1.14.x release series may be found at:
> > >
> > > https://subversion.apache.org/docs/release-notes/1.14.html
> > >
> > > You can find the list of changes between 1.14.0 and earlier versions
> at:
> > >
> > > https://svn.apache.org/repos/asf/subversion/tags/1.14.0/CHANGES
> > >
> > > Questions, comments, and bug reports to users@subversion.apache.org.
> > >
> > > Thanks,
> > > - The Subversion Team
> > >
> > > --
> > > To unsubscribe, please see:
> > >
> > > https://subversion.apache.org/mailing-lists.html#unsubscribing
> > >
> > >
> > >
> > >
> > > ----- End forwarded message -----
> >
>
>
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Branko Čibej wrote on Thu, 28 May 2020 07:05 +0200:
> Dear announce@ moderators,
>
> Moderation is not an appropriate venue for discussing policy. It is a
> way to prevent spam. If you have something to say, you're welcome to say
> it on dev@subversion.apache.org. You are not responsible for the
> contents of a release. The PMC is. Your anonymous pontification does not
> encourage discussion and collaboration and as such is itself a violation
> of the core principles of the ASF. Community over code, eh?
>
To clarify: The Subversion PMC strongly considers your points
about the naming of KEYS files and links thereto insufficient grounds
for rejecting its release announcements. Care to respond?
> -- Brane
>
>
> On 27.05.2020 19:30, Stefan Sperling wrote:
> > Out of the blue, I have received nitpicking of changes I made to the
> > website and the announce message I sent. I've received this feedback
> > via the mailing list moderation mechanism.
> >
> > Can anyone tell me what's going on here? Who even wrote this?
> >
> > FWIW, the announce message was generated by release.py; if there's
> > something wrong with that, we need to fix that script.
> > There's nothing I could do now to correct the announce message
> > itself since it has already been approved (by me).
> >
> > ----- Forwarded message from announce-owner@apache.org -----
> >
> > Date: 27 May 2020 17:09:19 -0000
> > From: announce-owner@apache.org
> > To: stsp@apache.org
> > Subject: Returned post for announce@apache.org
> > Message-ID: <15...@apache.org>
> > Content-Type: multipart/mixed; boundary=lodpbfombmeidpnonnko
> > X-Spam-Score: (-7.5) SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL
> >
> >
> > Hi! This is the ezmlm program. I'm managing the
> > announce@apache.org mailing list.
> >
> > I'm sorry, your message (enclosed) was not accepted by the moderator.
> > If the moderator has made any comments, they are shown below.
> >
> >>>>>> -------------------- >>>>>
> > Sorry, but the announce message and download page are not acceptable.
> >
> > The KEYS file must have the name KEYS, and should be at:
> > https://downloads.apache.org/subversion/KEYS
> >
> > The download page is confusing, as the verification instructions say to use
> > https://downloads.apache.org/subversion/KEYS, which is fine,
> > however the entries for 1.40.0 have different links for the KEYS files.
> >
> > Please fix the page and submit a corrected email.
> >
> > Thanks.
> > <<<<< -------------------- <<<<<
> >
> >
> > Date: Wed, 27 May 2020 17:56:06 +0200
> > From: Stefan Sperling <st...@apache.org>
> > To: announce@subversion.apache.org, users@subversion.apache.org,
> > dev@subversion.apache.org, announce@apache.org
> > Subject: [ANNOUNCE] Apache Subversion 1.14.0 released
> > Message-ID: <20...@ted.stsp.name>
> > Reply-To: users@subversion.apache.org
> > Content-Type: text/plain; charset=utf-8
> >
> > I'm happy to announce the release of Apache Subversion 1.14.0.
> > Please choose the mirror closest to you by visiting:
> >
> > https://subversion.apache.org/download.cgi#recommended-release
> >
> > This is a stable feature release of the Apache Subversion open source
> > version control system.
> >
> > SHA-512 checksums are available at:
> >
> > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.sha512
> > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.sha512
> > https://www.apache.org/dist/subversion/subversion-1.14.0.zip.sha512
> >
> > PGP Signatures are available at:
> >
> > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.asc
> > https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.asc
> > https://www.apache.org/dist/subversion/subversion-1.14.0.zip.asc
> >
> > For this release, the following people have provided PGP signatures:
> >
> > Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
> > 8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
> > Julian Foad [4096R/1FB064B84EECC493] with fingerprint:
> > 6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
> > Nathan Hartman (CODE SIGNING KEY) [4096R/583F00ADF981C39F] with fingerprint:
> > 3F8E 467C B336 6E30 13E1 120D 583F 00AD F981 C39F
> > Branko Čibej [4096R/1BCA6586A347943F] with fingerprint:
> > BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F
> > James McCoy (Debian) [4096R/DFE691AE331BA3DB] with fingerprint:
> > 91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
> > Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
> > 8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
> >
> > These public keys are available at:
> >
> > https://www.apache.org/dist/subversion/subversion-1.14.0.KEYS
> >
> > Release notes for the 1.14.x release series may be found at:
> >
> > https://subversion.apache.org/docs/release-notes/1.14.html
> >
> > You can find the list of changes between 1.14.0 and earlier versions at:
> >
> > https://svn.apache.org/repos/asf/subversion/tags/1.14.0/CHANGES
> >
> > Questions, comments, and bug reports to users@subversion.apache.org.
> >
> > Thanks,
> > - The Subversion Team
> >
> > --
> > To unsubscribe, please see:
> >
> > https://subversion.apache.org/mailing-lists.html#unsubscribing
> >
> >
> >
> >
> > ----- End forwarded message -----
>
Re: [announce-owner@apache.org: Returned post for
announce@apache.org]
Posted by Branko Čibej <br...@apache.org>.
Dear announce@ moderators,
Moderation is not an appropriate venue for discussing policy. It is a
way to prevent spam. If you have something to say, you're welcome to say
it on dev@subversion.apache.org. You are not responsible for the
contents of a release. The PMC is. Your anonymous pontification does not
encourage discussion and collaboration and as such is itself a violation
of the core principles of the ASF. Community over code, eh?
-- Brane
On 27.05.2020 19:30, Stefan Sperling wrote:
> Out of the blue, I have received nitpicking of changes I made to the
> website and the announce message I sent. I've received this feedback
> via the mailing list moderation mechanism.
>
> Can anyone tell me what's going on here? Who even wrote this?
>
> FWIW, the announce message was generated by release.py; if there's
> something wrong with that, we need to fix that script.
> There's nothing I could do now to correct the announce message
> itself since it has already been approved (by me).
>
> ----- Forwarded message from announce-owner@apache.org -----
>
> Date: 27 May 2020 17:09:19 -0000
> From: announce-owner@apache.org
> To: stsp@apache.org
> Subject: Returned post for announce@apache.org
> Message-ID: <15...@apache.org>
> Content-Type: multipart/mixed; boundary=lodpbfombmeidpnonnko
> X-Spam-Score: (-7.5) SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_SPF_WL
>
>
> Hi! This is the ezmlm program. I'm managing the
> announce@apache.org mailing list.
>
> I'm sorry, your message (enclosed) was not accepted by the moderator.
> If the moderator has made any comments, they are shown below.
>
>>>>>> -------------------- >>>>>
> Sorry, but the announce message and download page are not acceptable.
>
> The KEYS file must have the name KEYS, and should be at:
> https://downloads.apache.org/subversion/KEYS
>
> The download page is confusing, as the verification instructions say to use
> https://downloads.apache.org/subversion/KEYS, which is fine,
> however the entries for 1.40.0 have different links for the KEYS files.
>
> Please fix the page and submit a corrected email.
>
> Thanks.
> <<<<< -------------------- <<<<<
>
>
> Date: Wed, 27 May 2020 17:56:06 +0200
> From: Stefan Sperling <st...@apache.org>
> To: announce@subversion.apache.org, users@subversion.apache.org,
> dev@subversion.apache.org, announce@apache.org
> Subject: [ANNOUNCE] Apache Subversion 1.14.0 released
> Message-ID: <20...@ted.stsp.name>
> Reply-To: users@subversion.apache.org
> Content-Type: text/plain; charset=utf-8
>
> I'm happy to announce the release of Apache Subversion 1.14.0.
> Please choose the mirror closest to you by visiting:
>
> https://subversion.apache.org/download.cgi#recommended-release
>
> This is a stable feature release of the Apache Subversion open source
> version control system.
>
> SHA-512 checksums are available at:
>
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.sha512
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.sha512
> https://www.apache.org/dist/subversion/subversion-1.14.0.zip.sha512
>
> PGP Signatures are available at:
>
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.bz2.asc
> https://www.apache.org/dist/subversion/subversion-1.14.0.tar.gz.asc
> https://www.apache.org/dist/subversion/subversion-1.14.0.zip.asc
>
> For this release, the following people have provided PGP signatures:
>
> Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
> 8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
> Julian Foad [4096R/1FB064B84EECC493] with fingerprint:
> 6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
> Nathan Hartman (CODE SIGNING KEY) [4096R/583F00ADF981C39F] with fingerprint:
> 3F8E 467C B336 6E30 13E1 120D 583F 00AD F981 C39F
> Branko Čibej [4096R/1BCA6586A347943F] with fingerprint:
> BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F
> James McCoy (Debian) [4096R/DFE691AE331BA3DB] with fingerprint:
> 91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
> Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
> 8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
>
> These public keys are available at:
>
> https://www.apache.org/dist/subversion/subversion-1.14.0.KEYS
>
> Release notes for the 1.14.x release series may be found at:
>
> https://subversion.apache.org/docs/release-notes/1.14.html
>
> You can find the list of changes between 1.14.0 and earlier versions at:
>
> https://svn.apache.org/repos/asf/subversion/tags/1.14.0/CHANGES
>
> Questions, comments, and bug reports to users@subversion.apache.org.
>
> Thanks,
> - The Subversion Team
>
> --
> To unsubscribe, please see:
>
> https://subversion.apache.org/mailing-lists.html#unsubscribing
>
>
>
>
> ----- End forwarded message -----