Forwarding my checks from the grails list: +1 paulk (binding)
I checked (both plugins): * incubating in name * no unexpected binaries in distribution * LICENSE, NOTICE, DISCLAIMER files exist and appear correct * NOTICE file for security can be slightly reduced (I created a PR to improve this for the next release) * checked signatures and checksums (manually and see below) * bootstrapped gradlew (manually and see below) * checked rat (manually and see below; must be done before next step) * I locally (macOS) ran "etc/bin/verify.sh" and obtained currently expected results (details below) [results for security plugin which I believe show the known ordering issues but otherwise good] grails-spring-security> mkdir downloads grails-spring-security> etc/bin/verify.sh v7.0.0-M4 downloads ... ❌ Differences Found ❌ [NOTE: due to known ordering issues] acl-plugin-7.0.0-M4.jar core-plugin-7.0.0-M4.jar oauth2-plugin-7.0.0-M4.jar ui-plugin-7.0.0-M4.jar [results for redis plugin with I believe one bogus false positive message but otherwise good] grails-redis> mkdir downloads grails-redis> etc/bin/verify.sh v5.0.0-M4 downloads ... ✅ No differences remain for grails-redis-5.0.0-M4-sources.jar. Removing from diff.txt. mv: cannot stat 'diff_purged.txt': No such file or directory ❌ Verification failed. ❌ [NOTE: bogus, No differences remain above is the key part] Cheers, Paul. On Sun, Jun 15, 2025 at 8:43 PM James Daugherty <jdaughe...@jdresources.net> wrote: > Hi Everyone, > > > The Apache Grails podling has voted to approve the release of Apache > Grails (incubating) Plugins - Spring Security 7.0.0-M4 & Redis 5.0.0-M4. We > are releasing these plugins together as they are dependent on each other. > At a high level, these plugins are being updated to support the recent > Grails 7.0.0-M4 release. > > > As the incubation host, we now kindly request the Groovy PMC to review & > approve our initial ASF release. > > > Grails vote thread: > > * https://lists.apache.org/thread/3o7qs2bhrly7ykxsdcbzb3k4q1zrdco1 > > > Vote result thread: > > * https://lists.apache.org/thread/2tb52ytmxd17cfltlh147o6qjj6wwrrt > > > Tags: > grails-redis: > https://github.com/apache/grails-redis/releases/tag/v5.0.0-M4 > Tag commit id: d45b4339e0cf1a15738ce37623eec481bb5664c4 > > grails-spring-security: > https://github.com/apache/grails-spring-security/releases/tag/v7.0.0-M4 > Tag commit id: e7028fb90464f44116ecac6a7385d56594f432bb > > > The sources artifacts to be voted on are located as follows: > > grails-redis (r77505): > https://dist.apache.org/repos/dist/dev/grails/redis/5.0.0-M4/sources/ > grails-spring-security (r77506): > > https://dist.apache.org/repos/dist/dev/grails/spring-security/7.0.0-M4/sources/ > > > Release artifacts are signed with a key from the following file: > > https://dist.apache.org/repos/dist/release/grails/KEYS > > > Please vote on releasing these packages together as: > Apache Grails (incubating) - Redis Plugin 5.0.0-M4 > Apache Grails (incubating) - Spring Security Plugin 7.0.0-M4 > > Hints on validating checksums/signatures (but replace md5sum with > sha512sum): > https://www.apache.org/info/verification.html > > > The release process of these repositories, including verification, is > somewhat similar to grails-core which is documented at: > https://github.com/apache/grails-core/blob/7.0.x/RELEASE.md > Build instructions are located in each project's README.md. > > > The vote for this release is open for the next 72 hours. > > > [ ] +1 Release Apache Grails (incubating) - Redis Plugin 5.0.0-M4 & Spring > Security Plugin 7.0.0-M4 > [ ] 0 I don't have a strong opinion about this, but I assume it's ok > [ ] -1 Do not release Apache Grails (incubating) - Redis Plugin 5.0.0-M4 & > Spring Security Plugin 7.0.0-M4 because... > >
