Closed the Nexus repo. Will create a JIRA ticket for the Legal to update the release policy.
On Tue, Jul 4, 2023 at 8:20 AM Ralph Goers <ralph.go...@dslextreme.com> wrote: > > I have verified the artifact in the distribution directory. It looks fine. > > I am hesitant to vote on this though as you have not closed the release in > the Nexus repo at repository.apache.org, which means you can still add stuff > to that. Once you close that I will vote on this. > > I am still concerned about the lack of documentation around using a signing > key by "ASF Logging Services RM <priv...@logging.apache.org>”. I do not want > to continue to be questioned about this and we need some sort of > documentation indicating that doing this is OK - such as getting > https://www.apache.org/legal/release-policy.html#release-signing changed as > it currently says "All release artifacts within the directory MUST be signed > by a committer, preferably a PMC member” and/or > https://infra.apache.org/release-publishing.html which does say "Infra > strongly recommends that projects set up automated infrastructure to sign the > files to simplify the work” which seems to be on the right track but isn’t > really as clear as it needs to be. For example, Log4j uses an automated > infrastructure to currently sign releases. The RM’s machine just has to be > configured for it. It isn’t at all clear that they are approving not having > the key be owned by an individual. > > Since the main release policy page is owned by legal I would suggest you > create a Jira issue to get the page updated. > > Ralph > > > On Jul 3, 2023, at 2:29 PM, Volkan Yazıcı <vol...@yazi.ci> wrote: > > > > This is a vote to release the Apache Log4j Tools 0.4.0. > > > > Source repository: https://github.com/apache/logging-log4j-tools > > Commit: 15d888fe488660b0bb5d3fc3e95c9915f277fbee > > Distribution: https://dist.apache.org/repos/dist/dev/logging/log4j > > Signing key: 0x077e8893a6dcc33dd4a4d5b256e73ba9a0b592d0 > > > > Please download, test, and cast your votes on the Log4j developers list. > > > > [ ] +1, release the artifacts > > [ ] -1, don't release, because... > > > > This vote is open for 72 hours and will pass unless getting a net > > negative vote count. All votes are welcome and we encourage everyone to > > test the release, but only the Logging Services PMC votes are officially > > counted. At least 3 +1 votes and more positive than negative votes are > > required. > > > > # Release Notes > > > > This minor release contains small enhancements. > > Most importantly, this marks the first release where the project uses > > itself to generate release notes! > > > > ## Changes > > > > ### Added > > > > * Add `versionPattern` (i.e., the regular expression pattern for > > parsing versions) parameter to the Maven `release` goal (#63) > > > > ### Changed > > > > * Change the default value of `outputDirectory` to > > `${project.build.directory}/generated-sources/site/changelog` for the > > Maven `export` goal > > * Migrate from `CHANGELOG.adoc` to using `log4j-changelog-maven-plugin` > > > > ### Fixed > > > > * Improve Maven `release` goal to accommodate repetitive invocations >
