You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@beam.apache.org by Luke Cwik <lc...@google.com> on 2020/03/03 18:31:51 UTC
[VOTE] Vendored Dependencies Release gRPC 1.26.0 v0.3 for BEAM-9288
Please review the release of the following artifacts that we vendor:
* beam-vendor-grpc-1_26_0
Hi everyone,
Please review and vote on the release candidate #1 for the version 0.3, as
follows:
[ ] +1, Approve the release
[ ] -1, Do not approve the release (please provide specific comments)
The complete staging area is available for your review, which includes:
* the official Apache source release to be deployed to dist.apache.org [1],
which is signed with the key with
fingerprint EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2],
* all artifacts to be deployed to the Maven Central Repository [3],
* commit hash "7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230" [4],
The vote will be open for at least 72 hours. It is adopted by majority
approval, with at least 3 PMC affirmative votes.
Thanks,
Release Manager
[1] https://dist.apache.org/repos/dist/dev/beam/vendor/
[2] https://dist.apache.org/repos/dist/release/beam/KEYS
[3] https://repository.apache.org/content/repositories/orgapachebeam-1096/
[4]
https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230
Re: [VOTE] Vendored Dependencies Release gRPC 1.26.0 v0.3 for BEAM-9288
Posted by Luke Cwik <lc...@google.com>.
Looks like the vote is cancelled.
On Tue, Mar 3, 2020 at 2:03 PM Ismaël Mejía <ie...@gmail.com> wrote:
> -1
>
> It seems we still are adding the conscrypt native libraries as part in
> META-INF
>
> $ jar tvf beam-vendor-grpc-1_26_0-0.3.jar | grep conscrypt
> 2218176 Mon Sep 17 10:36:24 CEST 2018
> META-INF/native/libconscrypt_openjdk_jni-linux-x86_64.so
> 1720832 Mon Sep 17 10:36:24 CEST 2018
> META-INF/native/conscrypt_openjdk_jni-windows-x86.dll
> 2637496 Mon Sep 17 10:36:24 CEST 2018
> META-INF/native/libconscrypt_openjdk_jni-osx-x86_64.dylib
> 2557952 Mon Sep 17 10:36:24 CEST 2018
> META-INF/native/conscrypt_openjdk_jni-windows-x86_64.dll
>
>
> On Tue, Mar 3, 2020 at 9:50 PM Pablo Estrada <pa...@google.com> wrote:
> >
> > +1 (binding)
> > verified hashes
> >
> > On Tue, Mar 3, 2020 at 11:20 AM Luke Cwik <lc...@google.com> wrote:
> >>
> >> +1 (binding)
> >> Verified signatures
> >> Verified that there are no conscrypt classes in jar
> >> Verified pom.xml has runtime dependency on conscrypt
> >>
> >> On Tue, Mar 3, 2020 at 10:35 AM Jean-Baptiste Onofré <jb...@nanthrax.net>
> wrote:
> >>>
> >>> +1 (binding)
> >>>
> >>> Regards
> >>> JB
> >>>
> >>> Le mar. 3 mars 2020 ? 19:31, Luke Cwik <lc...@google.com> a ?crit :
> >>>>
> >>>> Please review the release of the following artifacts that we vendor:
> >>>> * beam-vendor-grpc-1_26_0
> >>>>
> >>>> Hi everyone,
> >>>> Please review and vote on the release candidate #1 for the version
> 0.3, as follows:
> >>>> [ ] +1, Approve the release
> >>>> [ ] -1, Do not approve the release (please provide specific comments)
> >>>>
> >>>>
> >>>> The complete staging area is available for your review, which
> includes:
> >>>> * the official Apache source release to be deployed to
> dist.apache.org [1], which is signed with the key with fingerprint
> EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2],
> >>>> * all artifacts to be deployed to the Maven Central Repository [3],
> >>>> * commit hash "7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230" [4],
> >>>>
> >>>> The vote will be open for at least 72 hours. It is adopted by
> majority approval, with at least 3 PMC affirmative votes.
> >>>>
> >>>> Thanks,
> >>>> Release Manager
> >>>>
> >>>> [1] https://dist.apache.org/repos/dist/dev/beam/vendor/
> >>>> [2] https://dist.apache.org/repos/dist/release/beam/KEYS
> >>>> [3]
> https://repository.apache.org/content/repositories/orgapachebeam-1096/
> >>>> [4]
> https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230
>
Re: [VOTE] Vendored Dependencies Release gRPC 1.26.0 v0.3 for BEAM-9288
Posted by Ismaël Mejía <ie...@gmail.com>.
-1
It seems we still are adding the conscrypt native libraries as part in META-INF
$ jar tvf beam-vendor-grpc-1_26_0-0.3.jar | grep conscrypt
2218176 Mon Sep 17 10:36:24 CEST 2018
META-INF/native/libconscrypt_openjdk_jni-linux-x86_64.so
1720832 Mon Sep 17 10:36:24 CEST 2018
META-INF/native/conscrypt_openjdk_jni-windows-x86.dll
2637496 Mon Sep 17 10:36:24 CEST 2018
META-INF/native/libconscrypt_openjdk_jni-osx-x86_64.dylib
2557952 Mon Sep 17 10:36:24 CEST 2018
META-INF/native/conscrypt_openjdk_jni-windows-x86_64.dll
On Tue, Mar 3, 2020 at 9:50 PM Pablo Estrada <pa...@google.com> wrote:
>
> +1 (binding)
> verified hashes
>
> On Tue, Mar 3, 2020 at 11:20 AM Luke Cwik <lc...@google.com> wrote:
>>
>> +1 (binding)
>> Verified signatures
>> Verified that there are no conscrypt classes in jar
>> Verified pom.xml has runtime dependency on conscrypt
>>
>> On Tue, Mar 3, 2020 at 10:35 AM Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
>>>
>>> +1 (binding)
>>>
>>> Regards
>>> JB
>>>
>>> Le mar. 3 mars 2020 ? 19:31, Luke Cwik <lc...@google.com> a ?crit :
>>>>
>>>> Please review the release of the following artifacts that we vendor:
>>>> * beam-vendor-grpc-1_26_0
>>>>
>>>> Hi everyone,
>>>> Please review and vote on the release candidate #1 for the version 0.3, as follows:
>>>> [ ] +1, Approve the release
>>>> [ ] -1, Do not approve the release (please provide specific comments)
>>>>
>>>>
>>>> The complete staging area is available for your review, which includes:
>>>> * the official Apache source release to be deployed to dist.apache.org [1], which is signed with the key with fingerprint EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2],
>>>> * all artifacts to be deployed to the Maven Central Repository [3],
>>>> * commit hash "7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230" [4],
>>>>
>>>> The vote will be open for at least 72 hours. It is adopted by majority approval, with at least 3 PMC affirmative votes.
>>>>
>>>> Thanks,
>>>> Release Manager
>>>>
>>>> [1] https://dist.apache.org/repos/dist/dev/beam/vendor/
>>>> [2] https://dist.apache.org/repos/dist/release/beam/KEYS
>>>> [3] https://repository.apache.org/content/repositories/orgapachebeam-1096/
>>>> [4] https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230
Re: [VOTE] Vendored Dependencies Release gRPC 1.26.0 v0.3 for BEAM-9288
Posted by Pablo Estrada <pa...@google.com>.
+1 (binding)
verified hashes
On Tue, Mar 3, 2020 at 11:20 AM Luke Cwik <lc...@google.com> wrote:
> +1 (binding)
> Verified signatures
> Verified that there are no conscrypt classes in jar
> Verified pom.xml has runtime dependency on conscrypt
>
> On Tue, Mar 3, 2020 at 10:35 AM Jean-Baptiste Onofré <jb...@nanthrax.net>
> wrote:
>
>> +1 (binding)
>>
>> Regards
>> JB
>>
>> Le mar. 3 mars 2020 ? 19:31, Luke Cwik <lc...@google.com> a ?crit :
>>
>>> Please review the release of the following artifacts that we vendor:
>>> * beam-vendor-grpc-1_26_0
>>>
>>> Hi everyone,
>>> Please review and vote on the release candidate #1 for the version 0.3,
>>> as follows:
>>> [ ] +1, Approve the release
>>> [ ] -1, Do not approve the release (please provide specific comments)
>>>
>>>
>>> The complete staging area is available for your review, which includes:
>>> * the official Apache source release to be deployed to dist.apache.org [1],
>>> which is signed with the key with
>>> fingerprint EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2],
>>> * all artifacts to be deployed to the Maven Central Repository [3],
>>> * commit hash "7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230" [4],
>>>
>>> The vote will be open for at least 72 hours. It is adopted by majority
>>> approval, with at least 3 PMC affirmative votes.
>>>
>>> Thanks,
>>> Release Manager
>>>
>>> [1] https://dist.apache.org/repos/dist/dev/beam/vendor/
>>> [2] https://dist.apache.org/repos/dist/release/beam/KEYS
>>> [3]
>>> https://repository.apache.org/content/repositories/orgapachebeam-1096/
>>> [4]
>>> https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230
>>>
>>
Re: [VOTE] Vendored Dependencies Release gRPC 1.26.0 v0.3 for BEAM-9288
Posted by Luke Cwik <lc...@google.com>.
+1 (binding)
Verified signatures
Verified that there are no conscrypt classes in jar
Verified pom.xml has runtime dependency on conscrypt
On Tue, Mar 3, 2020 at 10:35 AM Jean-Baptiste Onofré <jb...@nanthrax.net>
wrote:
> +1 (binding)
>
> Regards
> JB
>
> Le mar. 3 mars 2020 ? 19:31, Luke Cwik <lc...@google.com> a ?crit :
>
>> Please review the release of the following artifacts that we vendor:
>> * beam-vendor-grpc-1_26_0
>>
>> Hi everyone,
>> Please review and vote on the release candidate #1 for the version 0.3,
>> as follows:
>> [ ] +1, Approve the release
>> [ ] -1, Do not approve the release (please provide specific comments)
>>
>>
>> The complete staging area is available for your review, which includes:
>> * the official Apache source release to be deployed to dist.apache.org [1],
>> which is signed with the key with
>> fingerprint EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2],
>> * all artifacts to be deployed to the Maven Central Repository [3],
>> * commit hash "7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230" [4],
>>
>> The vote will be open for at least 72 hours. It is adopted by majority
>> approval, with at least 3 PMC affirmative votes.
>>
>> Thanks,
>> Release Manager
>>
>> [1] https://dist.apache.org/repos/dist/dev/beam/vendor/
>> [2] https://dist.apache.org/repos/dist/release/beam/KEYS
>> [3]
>> https://repository.apache.org/content/repositories/orgapachebeam-1096/
>> [4]
>> https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230
>>
>
Re: [VOTE] Vendored Dependencies Release gRPC 1.26.0 v0.3 for
BEAM-9288
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
+1 (binding)
Regards
JB
Le mar. 3 mars 2020 ? 19:31, Luke Cwik <lc...@google.com> a ?crit :
> Please review the release of the following artifacts that we vendor:
> * beam-vendor-grpc-1_26_0
>
> Hi everyone,
> Please review and vote on the release candidate #1 for the version 0.3, as
follows:
> [ ] +1, Approve the release
> [ ] -1, Do not approve the release (please provide specific comments)
>
>
> The complete staging area is available for your review, which includes:
> * the official Apache source release to be deployed to
[dist.apache.org](http://dist.apache.org/) [1], which is signed with the key
with fingerprint EAD5DE293F4A03DD2E77565589E68A56E371CCA2 [2],
> * all artifacts to be deployed to the Maven Central Repository [3],
> * commit hash "7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230" [4],
>
> The vote will be open for at least 72 hours. It is adopted by majority
approval, with at least 3 PMC affirmative votes.
>
> Thanks,
> Release Manager
>
>
>
>
>
> [1]
[https://dist.apache.org/repos/dist/dev/beam/vendor/](https://dist.apache.org/repos/dist/dev/beam/vendor/)
> [2]
[https://dist.apache.org/repos/dist/release/beam/KEYS](https://dist.apache.org/repos/dist/release/beam/KEYS)
> [3]
[https://repository.apache.org/content/repositories/orgapachebeam-1096/](https://repository.apache.org/content/repositories/orgapachebeam-1096/)
> [4]
[https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230](https://github.com/apache/beam/commit/7df0d6cda0b1e1d5d360ea68c9ee01ca35acc230)