+1, I checked (both plugins): * incubating in name * no unexpected binaries in distribution * LICENSE, NOTICE, DISCLAIMER files exist and appear correct * NOTICE file for security can be slightly reduced (I created a PR to improve this for the next release) * checked signatures and checksums (manually and see below) * bootstrapped gradlew (manually and see below) * checked rat (manually and see below; must be done before next step) * I locally (macOS) ran "etc/bin/verify.sh" and obtained currently expected results (details below)
[results for security plugin which I believe show the known ordering issues but otherwise good] grails-spring-security> mkdir downloads grails-spring-security> etc/bin/verify.sh v7.0.0-M4 downloads ... ❌ Differences Found ❌ [NOTE: due to known ordering issues] acl-plugin-7.0.0-M4.jar core-plugin-7.0.0-M4.jar oauth2-plugin-7.0.0-M4.jar ui-plugin-7.0.0-M4.jar [results for redis plugin with I believe one bogus false positive message but otherwise good] grails-redis> mkdir downloads grails-redis> etc/bin/verify.sh v5.0.0-M4 downloads ... ✅ No differences remain for grails-redis-5.0.0-M4-sources.jar. Removing from diff.txt. mv: cannot stat 'diff_purged.txt': No such file or directory ❌ Verification failed. ❌ [NOTE: bogus, No differences remain above is the key part] Cheers, Paul. On Thu, Jun 12, 2025 at 4:02 PM James Daugherty <jdaughe...@apache.org> wrote: > > Hi Everyone, > > I am happy to start the VOTE thread for Apache Grails (incubating) Plugins > - Spring Security 7.0.0-M4 & Redis 5.0.0-M4! > > We are releasing these plugins together as they are dependent on each > other. At a high level, these plugins are being updated to support the > recent Grails 7.0.0-M4 release. Further details of this release can be > found on the GitHub pre-release & in the discussion: > https://lists.apache.org/thread/ktpwvq50hlj022mqrd2fc7487ksdq1jc > > Tags: > grails-redis: https://github.com/apache/grails-redis/releases/tag/v5.0.0-M4 > Tag commit id: d45b4339e0cf1a15738ce37623eec481bb5664c4 > > grails-spring-security: > https://github.com/apache/grails-spring-security/releases/tag/v7.0.0-M4 > Tag commit id: e7028fb90464f44116ecac6a7385d56594f432bb > > The sources artifacts to be voted on are located as follows: > > grails-redis (r77505): > https://dist.apache.org/repos/dist/dev/grails/redis/5.0.0-M4/sources/ > grails-spring-security (r77506): > https://dist.apache.org/repos/dist/dev/grails/spring-security/7.0.0-M4/sources/ > > Artifacts are signed with a key from the following file: > https://dist.apache.org/repos/dist/release/grails/KEYS > > Please vote on releasing these packages together as: > Apache Grails (incubating) - Redis Plugin 5.0.0-M4 > Apache Grails (incubating) - Spring Security Plugin 7.0.0-M4 > > Reminder on ASF release approval requirements for PPMC members: > https://www.apache.org/legal/release-policy.html#release-approval > > Hints on validating checksums/signatures (but replace md5sum with > sha512sum): > https://www.apache.org/info/verification.html > > The release process of these repositories, including verification, is > somewhat similar to grails-core which is documented at: > https://github.com/apache/grails-core/blob/7.0.x/RELEASE.md > > The vote is open for the next 72 hours and passes if a majority of at least > three +1 PPMC votes are cast. > > [ ] +1 Release Apache Grails (incubating) - Redis Plugin 5.0.0-M4 & Spring > Security Plugin 7.0.0-M4 > [ ] 0 I don't have a strong opinion about this, but I assume it's ok > [ ] -1 Do not release Apache Grails (incubating) - Redis Plugin 5.0.0-M4 & > Spring Security Plugin 7.0.0-M4 because... > > Here is my vote: > > +1 (binding)
