[CC += infra]
Hyrum K Wright wrote on Mon, Feb 13, 2012 at 09:08:26 -0600:
> On Mon, Feb 13, 2012 at 9:02 AM, Daniel Shahaf <d.s_at_daniel.shahaf.name> wrote:
> > Currently we publish releases by uploading them to a specified directory
> > on scp://people.apache.org/.
> >
> > Infra would like to move from this model to a model where releases are
> > stored in a Subversion repository[1].
> >
> > I suggest that we join a few other PMC's who had already converted. The
> > impact on us is that we'll be uploading releases by committing to
> > [1]/subversion, rather than by scp'ing them. It will also shorten the
> > wait period on mirroring new releases from 25 hours to 24 hours.
> >
> > Barring objections I'll follow up with infra in a few days to make this
> > happen.
>
> That would be awesome. Despite my past obstinacy, I'm particularly
> attracted to the part where PMC members would be able to directly
> commit their signatures to the release area, where something (an
> svnpubsub instance?) then verifies the sigs.
>
+1.
As to the implementation: we could run something off of svnpubsub to
verify the signatures, but I wonder if it'd make more sense to do that
ASF-wide in the pre-commit hook on dist.apache.org. Infra people ---
thoughts?
> In addition to working with Infra, release.py would probably need to be updated.
>
> -Hyrum
>
>
> --
>
> uberSVN: Apache Subversion Made Easy
> http://www.uberSVN.com/
Received on 2012-02-13 16:28:19 CET