Re: svn commit: r734094 - /httpd/apreq/branches/1.x/RELEASE

[Issac Goldstand <ma...@beamartyr.net>]

I'd like this to get good review, so posting here so even folks who
aren't on the commit mailing-list can comment.

Please take a look at the 1.x/RELEASE file and comment.

Thanks,
  Issac

issac@apache.org wrote:
> Author: issac
> Date: Tue Jan 13 02:35:02 2009
> New Revision: 734094
>
> URL: http://svn.apache.org/viewvc?rev=734094&view=rev
> Log:
> revamp the RM instructions for apreq-1
>
> Modified:
>     httpd/apreq/branches/1.x/RELEASE
>
> Modified: httpd/apreq/branches/1.x/RELEASE
>   
[snip]

Re: svn commit: r734094 - /httpd/apreq/branches/1.x/RELEASE

[Issac Goldstand <ma...@beamartyr.net>]

Adam Prime wrote:
> Issac Goldstand wrote:
>> I'd like this to get good review, so posting here so even folks who
>> aren't on the commit mailing-list can comment.
>>
>> Please take a look at the 1.x/RELEASE file and comment.
>>
>> Thanks,
>>   Issac
>>
>
> This revision still mentions crosspointing to modperl@, is that still
> to be taken out?
I don't think so.  It would help to get some modperl folks to test it,
even if they can't cast a binding vote.
> Given the problems with md5, should that hashing algorithm still be
> used?  I imagine that it's problems, coupled with the fact that the
> file has to actually untar too would probably mitigate md5's problems
> significantly, but i still thought i'd mention it.
Well, gpg is there to securely provide integrity.  I've always seen MD5
as a "quick glance" way of seeing if things look ok.
>
> Just being a bystander on this list, i don't know how you tell the
> difference between who's a committer and who's on the PMC.  I imagine
> this isn't a problem for people that have been one or the other for a
> while, but it wouldn't hurt to point to a list of PMC members or
> something.
>
I actually don't know if there's such a list.  Anyone?
> Section 8 also confuses me a bit because it says that
>
>   if there is a "majority consensus" (three +1 and more +1s
>   than -1s) among the httpd PMC members, the RM may proceed with the
>   release.
>
> But then goes on to say that
>
>   If any -1s are received, the release is rejected.
>
> So which is it?  (i presume the last one)
>

Good point.  3 +1s and no -1s

Re: svn commit: r734094 - /httpd/apreq/branches/1.x/RELEASE

[Adam Prime <ad...@utoronto.ca>]

Issac Goldstand wrote:
> I'd like this to get good review, so posting here so even folks who
> aren't on the commit mailing-list can comment.
> 
> Please take a look at the 1.x/RELEASE file and comment.
> 
> Thanks,
>   Issac
> 

This revision still mentions crosspointing to modperl@, is that still to 
be taken out?

Given the problems with md5, should that hashing algorithm still be 
used?  I imagine that it's problems, coupled with the fact that the file 
has to actually untar too would probably mitigate md5's problems 
significantly, but i still thought i'd mention it.

Just being a bystander on this list, i don't know how you tell the 
difference between who's a committer and who's on the PMC.  I imagine 
this isn't a problem for people that have been one or the other for a 
while, but it wouldn't hurt to point to a list of PMC members or something.

Section 8 also confuses me a bit because it says that

   if there is a "majority consensus" (three +1 and more +1s
   than -1s) among the httpd PMC members, the RM may proceed with the
   release.

But then goes on to say that

   If any -1s are received, the release is rejected.

So which is it?  (i presume the last one)

Adam