Versions Compared

Old Version 19

changes.mady.by.user Gale Naylor

Saved on

compared with

New Version 20

changes.mady.by.user Gale Naylor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 

...

BEFORE you unzip the release candidate

...

Check the unzipped release candidate to ensure the top-level distribution folders contain folder contains the word "incubating" (Is this all that can be checked before building? See 11 below.)

4 Check the top-level LICENSE and NOTICE files

...

LICENSE file

Check the text of the LICENSE file in the top-level release candidate folder, and ensure the Apache License matches the text of the required Apache License.

If additional, third-party licenses are listed below the required Apache License, ensure the licenses are allowed in Apache Software Foundation projects. (See also item 9, Check the dependencies - Review binary licenses)

NOTICE file

Check the text of the NOTICE file in the top-level release candidate folder, and ensure it matches the following:
Apache Taverna Language
Copyright 2014-2016 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
Portions of this software were originally based on the following:
- Copyright 2010-2014 University of Manchester, UK
These have been licensed to the Apache Software Foundation under a software grant.

5 Check the source file headers

...

Build

8 Check for BUILD SUCCESS

TO DO Add information and links.detailed information about how to build (run mvn clean install command from distribution directory? send output to files using > textfile1.txt 2> textfile2.txt ?)

AFTER the Build

9 Check the dependencies

Checking dependencies: TBR)

  • Make sure dependencies are used and declared properly. (Use mvn dependency:analyze and look for warnings or errors.) 
  • Determine if there are any mismatches between resolved dependencies and the dependencyManagement section. (Use mvn dependency:analyze-dep-mgt and look for warnings or errors.)
  • Generate a list of licenses for each third-party dependency and check the licenses to make sure they meet Apache licensing requirements. (See Review Binary License below.)
  • You can create a list of dependencies by module using mvn dependency:list and generate a dependency tree to troubleshoot conflicts using mvn dependency:tree.

Review Binary Licenses. Create a list of third-party dependencies using the license:aggregate-add-third-party plugin and review the dependency licenses.)

  1. In a command line interface, change to the top level directory of the distribution (e.g., apache-taverna-language-<version>-incubator).
  2. Run the following Maven command: mvn license:aggregate-add-third-party. (On Windows, to save the output to a file, add > filename.txt to the end of the command.)
  3. This command will create THIRD-PARTY.txt files in each target folder (in the generated-sources/license subfolder).
  4. Review the THIRD-PARTY.txt files for unknown or disallowed licenses. Note: some unknown licenses have been determined to be allowed.)
    1. One way to do this: cat target/generated-sources/license/THIRD-PARTY.txt | sort

10 Verify the build produce the binaries

Quick check: browse the target folders and make sure there are not any extra folders. (For example, if we are voting on taverna-language there should not be any taverna-engine folders.)

Deeper check: ensure your target folders contains all the same *.jar files as those in the git repo? in the Maven repository? (Example link?)

At least one person should check that all staged JARs are the same as those built from the downloaded release candidate. (One approach is to do a recursive wget of the repository , and then compare the result of "find . -name '*jar'" in the wget-tree with */*/target/*.jar. See StackOverflow response.)

NOTE: Binary releases are considered "convenience only" and are not crucial for the vote: The source release is what everything else should be made from. However, in practical terms most people download the binaries from the Maven repository, so it is important this is checked at least once.

11 Verify all the *.jar files include the word "incubating"

Visually inspect all the *.jar files include the word "incubating" by opening all the /target folders. Is there an easier way to do this?

Are other files supposed to be labeled as well, or is it only the *.jar files?

Tips

 

  • Use a text editor (e.g., Notepad++) or an integrated development environment (IDE), such as Eclipse, to open the LICENSE, NOTICE, DISCLAIMER, and similar files. 
  • In a command line interface, send the console output and error messages to a text file:
    • GitBash example: mvn clean install > Console.txt 2> Err.txt
  • tbd