Hi All, Hi
The release verification [1] includes testing release source tarball builds
and also testing the binaries with downstream projects.
Does it also contain, should it contain or is it a conscious omission of:
1. verifying the source tarball is what it should be (source matches the
git repo state)
2. verifying the binaries are what should be built from the source
("repeatable builds")
Best
Piotr
[1]
https://iceberg.apache.org/how-to-release/#validating-a-source-release-candidate
.
