potiuk commented on issue #311: URL: https://github.com/apache/tooling-trusted-releases/issues/311#issuecomment-3533518407
Ah. That works for mow. I think, however, it would be at least great to mention those are .gitignore checks and some hints on how to exclude things with example :). But I think also that is going to be a common problem -> look here: https://downloads.apache.org/airflow/3.1.3/ The ONLY difference between airflow sdist, and airflow -source is `-source` - and I bet many other projects will have the same (this is basically what manual release process suggested so far). I am not sur if there are other languages where .tar.gz. is a binary package format, but even just python is enough. And the big issue with that is that people won't even realise that their sources are not properly checked in this case. Their checks for -source will be gree, but licences won't be checked. There are two options I can see: * warn if the rules are overlapping and suggest fix * (better) automatically add `!` for rules from `source` to the binary .gitignore (and also communicate that this is happening - maybe even showing an effective .gitignore used for binary packages. I think otherwise we might end up with a lot of not-well-checked source packages. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
