You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apreq-dev@httpd.apache.org by Issac Goldstand <ma...@beamartyr.net> on 2009/01/13 12:40:16 UTC
Re: svn commit: r734094 - /httpd/apreq/branches/1.x/RELEASE
I'd like this to get good review, so posting here so even folks who
aren't on the commit mailing-list can comment.
Please take a look at the 1.x/RELEASE file and comment.
Thanks,
Issac
issac@apache.org wrote:
> Author: issac
> Date: Tue Jan 13 02:35:02 2009
> New Revision: 734094
>
> URL: http://svn.apache.org/viewvc?rev=734094&view=rev
> Log:
> revamp the RM instructions for apreq-1
>
> Modified:
> httpd/apreq/branches/1.x/RELEASE
>
> Modified: httpd/apreq/branches/1.x/RELEASE
>
[snip]
Re: svn commit: r734094 - /httpd/apreq/branches/1.x/RELEASE
Posted by Issac Goldstand <ma...@beamartyr.net>.
Adam Prime wrote:
> Issac Goldstand wrote:
>> I'd like this to get good review, so posting here so even folks who
>> aren't on the commit mailing-list can comment.
>>
>> Please take a look at the 1.x/RELEASE file and comment.
>>
>> Thanks,
>> Issac
>>
>
> This revision still mentions crosspointing to modperl@, is that still
> to be taken out?
I don't think so. It would help to get some modperl folks to test it,
even if they can't cast a binding vote.
> Given the problems with md5, should that hashing algorithm still be
> used? I imagine that it's problems, coupled with the fact that the
> file has to actually untar too would probably mitigate md5's problems
> significantly, but i still thought i'd mention it.
Well, gpg is there to securely provide integrity. I've always seen MD5
as a "quick glance" way of seeing if things look ok.
>
> Just being a bystander on this list, i don't know how you tell the
> difference between who's a committer and who's on the PMC. I imagine
> this isn't a problem for people that have been one or the other for a
> while, but it wouldn't hurt to point to a list of PMC members or
> something.
>
I actually don't know if there's such a list. Anyone?
> Section 8 also confuses me a bit because it says that
>
> if there is a "majority consensus" (three +1 and more +1s
> than -1s) among the httpd PMC members, the RM may proceed with the
> release.
>
> But then goes on to say that
>
> If any -1s are received, the release is rejected.
>
> So which is it? (i presume the last one)
>
Good point. 3 +1s and no -1s
Re: svn commit: r734094 - /httpd/apreq/branches/1.x/RELEASE
Posted by Adam Prime <ad...@utoronto.ca>.
Issac Goldstand wrote:
> I'd like this to get good review, so posting here so even folks who
> aren't on the commit mailing-list can comment.
>
> Please take a look at the 1.x/RELEASE file and comment.
>
> Thanks,
> Issac
>
This revision still mentions crosspointing to modperl@, is that still to
be taken out?
Given the problems with md5, should that hashing algorithm still be
used? I imagine that it's problems, coupled with the fact that the file
has to actually untar too would probably mitigate md5's problems
significantly, but i still thought i'd mention it.
Just being a bystander on this list, i don't know how you tell the
difference between who's a committer and who's on the PMC. I imagine
this isn't a problem for people that have been one or the other for a
while, but it wouldn't hurt to point to a list of PMC members or something.
Section 8 also confuses me a bit because it says that
if there is a "majority consensus" (three +1 and more +1s
than -1s) among the httpd PMC members, the RM may proceed with the
release.
But then goes on to say that
If any -1s are received, the release is rejected.
So which is it? (i presume the last one)
Adam