Requiring signed commits

2023-01-13 Thread Volkan Yazıcı 
[I am resurrecting this post from March 2022
.]

I am in favor of enabling *the "requires signature"* setting.
I see Carter, Matt, Piotr, and myself always signing the commits.
Ralph and Gary need to join the band too.
it is pretty straightforward to configure
, though the
practice doesn't pay off unless we all do it.

*Question:* Shall we require signed commits?

Re: Requiring signed commits

2023-01-13 Thread Gary Gregory 
Sounds reasonable to sign commits if you think it could catch problems
sooner, I onky sign tags usually.

Gary

On Fri, Jan 13, 2023, 04:56 Volkan Yazıcı  wrote:

> [I am resurrecting this post from March 2022
> .]
>
> I am in favor of enabling *the "requires signature"* setting.
> I see Carter, Matt, Piotr, and myself always signing the commits.
> Ralph and Gary need to join the band too.
> it is pretty straightforward to configure
> , though the
> practice doesn't pay off unless we all do it.
>
> *Question:* Shall we require signed commits?
>

Re: Requiring signed commits

2023-01-13 Thread Piotr P. Karwasz 
Hi Volkan,

On Fri, 13 Jan 2023 at 10:56, Volkan Yazıcı  wrote:
> *Question:* Shall we require signed commits?

I am obviously Ok with signing, but what should we do with unsigned
PRs? I would prefer to document the requirement somewhere (in the PR
template?) so that we don't have to `rebase -f` everything.

Piotr

Re: [VOTE] Release Apache Log4j Tools 0.1.0

2023-01-13 Thread Volkan Yazıcı 
Adding my +1.

With that, the release passes with 4 binding +1 votes from me, Piotr, Matt,
and Remko.

On Tue, Jan 10, 2023 at 11:55 AM Volkan Yazıcı  wrote:

> The Apache Log4j Tools 0.1.0 release is now available for voting.
>
> The 0.1.0 version is the very first release of this relatively old
> repository, which is repurposed for `log4j-changelog`, Log4j's
> `maven-changes-plugin` successor. This enables us to build the Log4j
> website (incl. manual) in less than 30 seconds and use multiple issue
> trackers, e.g., JIRA and GitHub Issues. All these Log4j improvements
> are already submitted as PRs against the `release-2.x` branch and
> waiting for this `log4j-tools` release.
>
> `log4j-changelog` README:
>
> https://github.com/apache/logging-log4j-tools/blob/master/log4j-changelog/README.adoc
>
> This release also constitutes another milestone in the history of ASF:
> *the very first release signed and deployed via CI.*
>
> Source repository: https://github.com/apache/logging-log4j-tools
> Branch: release/0.1.0
> Commit: e82a44142280d013bd76ea18951fde00dcee192b
> CI run:
> https://github.com/apache/logging-log4j-tools/actions/runs/3882476949
> Artifacts: https://dist.apache.org/repos/dist/dev/logging/log4j/
> Nexus repository:
> https://repository.apache.org/content/repositories/orgapachelogging-1096
> Signing key:
> https://keyserver.ubuntu.com/pks/lookup?search=077e8893a6dcc33dd4a4d5b256e73ba9a0b592d0&fingerprint=on&op=index
>
> Please download, test, and cast your votes on the Log4j developers list.
>
> [ ] +1, release the artifacts
> [ ] -1, don't release, because...
>
> The vote will remain open for 24 hours (or more if required). All
> votes are welcome and we encourage everyone to test the release, but
> only the Logging Services PMC votes are officially counted. At least 3
> +1 votes and more positive than negative votes are required.
>

Re: [logging-log4j2] branch release-2.x updated: Enable GitHub issues and projects

2023-01-13 Thread Matt Sicker 
I eventually figured it out: I was putting the flags in the wrong section.

> On Jan 12, 2023, at 11:00 PM, Matt Sicker  wrote:
> 
> Projects got enabled, but Issues are still pending. Maybe this will sync up 
> in the next several hours.
> —
> Matt Sicker
> 
>> On Jan 12, 2023, at 22:56, mattsic...@apache.org wrote:
>> 
>> This is an automated email from the ASF dual-hosted git repository.
>> 
>> mattsicker pushed a commit to branch release-2.x
>> in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
>> 
>> 
>> The following commit(s) were added to refs/heads/release-2.x by this push:
>>new 6fc092e673 Enable GitHub issues and projects
>>new a791477d7b Merge pull request #1200 from jvz/release-2.x
>> 6fc092e673 is described below
>> 
>> commit 6fc092e67341a037212af59effca029c6d6dbe08
>> Author: Matt Sicker 
>> AuthorDate: Thu Jan 12 22:49:34 2023 -0600
>> 
>>   Enable GitHub issues and projects
>> 
>>   And update the tags. More tags.
>> ---
>> .asf.yaml | 18 ++
>> 1 file changed, 18 insertions(+)
>> 
>> diff --git a/.asf.yaml b/.asf.yaml
>> index 6d85638ba1..d3040ea441 100644
>> --- a/.asf.yaml
>> +++ b/.asf.yaml
>> @@ -24,14 +24,32 @@ notifications:
>> github:
>>  description: "Apache Log4j 2 is an upgrade to Log4j that provides 
>> significant improvements over its predecessor, Log4j 1.x, and provides many 
>> of the improvements available in Logback while fixing some inherent problems 
>> in Logback's architecture."
>>  homepage: https://logging.apache.org/log4j/2.x/
>> +  # enable GitHub Issues and Projects
>> +  issues: true
>> +  projects: true
>> +  # and enable support for our old Jira instance
>> +  autolink_jira:
>> +- LOG4J2
>>  labels:
>>- apache
>>- api
>>- java
>> +- jvm
>>- library
>>- log4j
>>- log4j2
>>- logging
>> +- logger
>> +- api
>> +- async
>> +- asynchronous
>> +- syslog
>> +- structured-logging
>> +- json
>> +- performance
>> +- high-performance
>> +#  ultra-high-max-plus-performance
>> +- concurrency
>>  protected_branches:
>># Prevent force pushes to primary branches
>>master: {}
>> 
>