The vote has now closed. The results are: Positive Binding Votes: 3
* Bryan Ellis * Niklas Merz * Ken Naito Negative Binding Votes: 0 The vote has passed. Thanks everyone! > On Dec 15, 2021, at 4:33 AM, Niklas Merz <niklasm...@apache.org> wrote: > > I vote +1: > > I checked: > > * changes look good > * git tag matches > * tests pass locally > * signature and hash correct > * license exists > * license headers ok > * licenses ok > > On December 14, 2021, Erisu <er...@apache.org> wrote: >> Please review and vote on this cordova-lib release v11.0.0 >> by replying to this email (and keep discussion on the DISCUSS thread) >> >> The archive has been published to dist/dev: >> https://dist.apache.org/repos/dist/dev/cordova/lib-11.0.0 >> >> The package was published from its corresponding git tag: >> cordova-lib: 11.0.0 (559bbb4947) >> >> Upon a successful vote I will upload the archive to dist/, publish it >> to npm, and post the blog post. >> >> Voting guidelines: https://github.com/apache/cordova- >> coho/blob/master/docs/release-voting.md >> >> Voting will go on for a minimum of 48 hours. >> >> ==== >> >> I vote +1: >> >> * Ran coho audit-license-headers over the relevant repos >> * Ran coho check-license to ensure all dependencies and sub- >> dependencies have Apache-compatible licenses >> * Ensured the continuous build was green when repo was tagged >> * Ran `npm test` >> * Ran various `cordova` test w/ sample app: >> * `cordova` >> * `cordova -v` >> * `cordova create` >> * `cordova info` >> * `cordova help` >> * `cordova config ls` >> * `cordova requirements` >> * `cordova telemetry` >> * `cordova plugin` >> * `cordova plugin add` >> * `cordova plugin rm` >> * `cordova platform` >> * `cordova platform add` >> * `cordova platform rm` >> * `cordova build` >> * `cordova prepare` >> * `cordova compile` >> * `cordova run` >> * `cordova serve` >> >> * Ran `npm audit` >> There were six moderate severity vulnerabilities but are not a part >> of the production release dependencies. The issues come from the >> "rewire" package, a testing dependency. >> Since this issue does not affect the production release, this audit >> will not block the release process. >> When auditing the npm package for release, use the "--prod" to >> explicitly check against the production-only dependencies. >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org >> For additional commands, e-mail: dev-h...@cordova.apache.org
