Verifying a Release Candidate

Legal: (required checks for a valid ASF compilant release)

  • Check if checksums and GPG files match the corresponding release files
  • Verify that the source archives do not contains any binaries
  • Verify that the LICENSE and NOTICE file is correct for the source release.
    • All dependencies must be checked for their license and the license must be ASL 2.0 compatible (
    • Compatible non-ASL 2.0 licenses should be contained in the packaged_licenses directory of the respective module
    • The LICENSE and NOTICE files in the root directory refer to dependencies in the source release, i.e., files in the git repository (such as fonts, css, JavaScript, images)
  • Check that all POM files point to the same version

Functional: (checks for delivering a release with good quality)

  • Check if the source release is building properly with Maven (including license header check (default) and checkstyle). Also the tests should be executed (mvn clean verify)
  • Verify that all bundled dependencies are relocated
  • No labels