+1 (binding)

Verified gpg signatures of src and binary tarballs
Verified hashes of src and binary tarballs
Ran `mvn clean package` and `mvn clean verify -DskipITs`

I found binary artifacts in src tarball but omitted all text, png, or csv
resource types.
The remainder are all test resources and are expected in the release.

find . -type f -exec file -i {} + | grep -v -e "text/" -e "csv" -e "png"
./core/src/test/resources/org/apache/accumulo/core/file/rfile/ver_3.rf:
                                               application/octet-stream;
charset=binary
./core/src/test/resources/org/apache/accumulo/core/file/rfile/ver_4.rf:
                                               application/octet-stream;
charset=binary
./core/src/test/resources/org/apache/accumulo/core/file/rfile/ver_6.rf:
                                               application/octet-stream;
charset=binary
./core/src/test/resources/org/apache/accumulo/core/file/rfile/ver_7.rf:
                                               application/octet-stream;
charset=binary
./core/src/test/resources/accumulo.jceks:

 application/x-java-jce-keystore; charset=binary
./core/src/test/resources/empty.jceks:

application/x-java-jce-keystore; charset=binary
./core/src/test/resources/passwords.jceks:

application/x-java-jce-keystore; charset=binary
./core/src/test/resources/site-cfg.jceks:

 application/x-java-jce-keystore; charset=binary
./minicluster/src/test/resources/FooFilter.jar:
                                               application/java-archive;
charset=binary
./server/monitor/src/main/resources/org/apache/accumulo/monitor/resources/external/bootstrap/css/fonts/bootstrap-icons.woff:
 application/octet-stream; charset=binary
./server/monitor/src/main/resources/org/apache/accumulo/monitor/resources/external/bootstrap/css/fonts/bootstrap-icons.woff2:
application/octet-stream; charset=binary
./server/tserver/src/test/resources/walog-from-14/550e8400-e29b-41d4-a716-446655440000:
                                      application/octet-stream;
charset=binary
./server/tserver/src/test/resources/walog-from-15.walog:

 application/octet-stream; charset=binary
./server/tserver/src/test/resources/walog-from-16.walog:

 application/octet-stream; charset=binary
./server/tserver/src/test/resources/walog-from-20.walog:

 application/octet-stream; charset=binary
./test/src/main/resources/org/apache/accumulo/test/FooConstraint.jar:
                                                  application/java-archive;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/FooConstraint_2_1.jar:
                                                  application/zip;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/FooFilter.jar:
                                                  application/java-archive;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/ShellServerIT-iterators.jar:
                                              application/java-archive;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/TestCombinerX.jar:
                                                  application/java-archive;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/TestCombinerY.jar:
                                                  application/java-archive;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/TestCompactionStrat.jar:
                                                  application/java-archive;
charset=binary
./test/src/main/resources/org/apache/accumulo/test/ver_7.rf:

 application/octet-stream; charset=binary


On Tue, Jun 30, 2026 at 11:53 AM Dave Marion <[email protected]> wrote:

> +1 (binding)
>
> I performed the following verification steps:
>
> verified gpg signatures of src and binary tarballs
> verified hashes of src and binary tarballs
> checked NOTICE and LICENSE files
> Ran `mvn clean verify -PskipITs`
> Found no unexpected binary artifacts in src tarball
>
> On Mon, Jun 29, 2026 at 8:22 PM Christopher <[email protected]> wrote:
>
> > Accumulo Developers,
> >
> > Please consider the following candidate for Apache Accumulo 2.1.5.
> >
> > Git Commit:
> >     885922845f3e8ed2e516060f6b10d1b28001bce2
> > Branch:
> >     2.1.5-rc1
> >
> > If this vote passes, a gpg-signed tag will be created using:
> >     git tag -f -s -m 'Apache Accumulo 2.1.5' \
> >       rel/2.1.5 \
> >       885922845f3e8ed2e516060f6b10d1b28001bce2
> >
> > Staging repo:
> >
> https://repository.apache.org/content/repositories/orgapacheaccumulo-1124
> > Source (official release artifact):
> >
> >
> https://repository.apache.org/content/repositories/orgapacheaccumulo-1124/org/apache/accumulo/accumulo/2.1.5/accumulo-2.1.5-src.tar.gz
> > Binary:
> >
> https://repository.apache.org/content/repositories/orgapacheaccumulo-1124/org/apache/accumulo/accumulo/2.1.5/accumulo-2.1.5-bin.tar.gz
> >
> > Append ".asc" to download the cryptographic signature for a given
> artifact.
> > (You can also append ".sha1" or ".md5" instead in order to verify the
> > checksums
> > generated by Maven to verify the integrity of the Nexus repository
> > staging area.)
> >
> > Signing keys are available at https://www.apache.org/dist/accumulo/KEYS
> > (Expected fingerprint: 8CC4F8A2B29C2B040F2B835D6F0CDAE700B6899D)
> >
> > In addition to the tarballs and their signatures, the following checksum
> > files will be added to the dist/release SVN area after release:
> > accumulo-2.1.5-src.tar.gz.sha512 will contain:
> > SHA512 (accumulo-2.1.5-src.tar.gz) =
> >
> >
> 6baee1322944d9a333c478e1c119d33613948f16a1368514c429e85b62c1ed92249a1f53cfcd0bc4ba16cbbfb54423ba65cc0f910766992e4fbe7ea4ff55a15a
> > accumulo-2.1.5-bin.tar.gz.sha512 will contain:
> > SHA512 (accumulo-2.1.5-bin.tar.gz) =
> >
> >
> 974bd0221950300063dbdc151a754ccdf1fde8498622d44d239c729bf6590d3a88d993e9819cfe5835ec6913a0bbd1f2c6d7090ba625cb6af69a7d9dfa12e1fb
> >
> > Release notes (in progress) can be found at:
> > https://accumulo.apache.org/release/accumulo-2.1.5
> >
> > Issues and pull requests related to this release can be found at:
> > https://github.com/apache/accumulo/issues?q=milestone%3A2.1.5
> >
> > Release testing instructions:
> > https://accumulo.apache.org/contributor/verifying-release
> >
> > Please vote one of:
> > [ ] +1 - I have verified and accept...
> > [ ] +0 - I have reservations, but not strong enough to vote against...
> > [ ] -1 - Because..., I do not accept...
> > ... these artifacts as the 2.1.5 release of Apache Accumulo.
> >
> > This vote will remain open until at least Fri Jul  3 12:30:00 AM UTC
> 2026.
> > (Thu Jul  2 08:30:00 PM EDT 2026 / Thu Jul  2 05:30:00 PM PDT 2026)
> > Voting can continue after this deadline until the release manager
> > sends an email ending the vote.
> >
> > Thanks!
> >
> > P.S. Hint: download the whole staging repo with
> >     wget -erobots=off -r -l inf -np -nH \
> >
> >
> https://repository.apache.org/content/repositories/orgapacheaccumulo-1124/
> >     # note the trailing slash is needed
> >
>

Reply via email to