Hey Sung, Thanks for working on the 0.4.0 release! I went through a few steps to verify this release and ran into an issue verifying the signature.
Cannot check the signature: ``` ➜ curl https://downloads.apache.org/iceberg/KEYS -o KEYS gpg --import KEYS ➜ gpg --verify apache-iceberg-rust-0.4.0-src.tar.gz.asc apache-iceberg-rust-0.4.0-src.tar.gz gpg: WARNING: unsafe permissions on homedir '/Users/kevinliu/.gnupg' gpg: Signature made Tue Dec 17 13:23:11 2024 PST gpg: using RSA key D41D8CC8DED1FD6495077949B6847531A1883DA4 gpg: Can't check signature: No public key ``` Checksum is OK ``` ➜ shasum -a 512 --check apache-iceberg-rust-0.4.0-src.tar.gz.sha512 apache-iceberg-rust-0.4.0-src.tar.gz: OK ``` The verify script requires `chmod` to execute, but this is not a blocker. ``` chmod +x ./scripts/verify.py ``` Best, Kevin Liu On Tue, Dec 17, 2024 at 1:50 PM Sung Yun <sungwy...@gmail.com> wrote: > Hello, Apache Iceberg Rust Community, > > This is a call for a vote to release Apache Iceberg rust version > v0.4.0-rc.1. > > The tag to be voted on is v0.4.0-rc.1. > > The release candidate: > > > https://dist.apache.org/repos/dist/dev/iceberg/apache-iceberg-rust-0.4.0-rc.1/ > > Keys to verify the release candidate: > > https://downloads.apache.org/iceberg/KEYS > > Git tag for the release: > > https://github.com/apache/iceberg-rust/releases/tag/v0.4.0-rc.1 > > The associated convenience artifact for pyiceberg_core can be > downloaded by running the following command: > > `pip install -i https://test.pypi.org/simple/ pyiceberg-core` > > All notable features and fixes introduced in this release are > documented in the changelog: > > https://github.com/apache/iceberg-rust/blob/main/CHANGELOG.md > > Please download, verify, and test. > > The VOTE will be open for at least 72 hours and until the necessary > number of votes are reached. > > [ ] +1 approve > [ ] +0 no opinion > [ ] -1 disapprove with the reason > > To learn more about Apache Iceberg, please see > https://rust.iceberg.apache.org/ > > Checklist for reference: > > [ ] Download links are valid. > [ ] Checksums and signatures. > [ ] LICENSE/NOTICE files exist > [ ] No unexpected binary files > [ ] All source files have ASF headers > [ ] Can compile from source > > More detailed checklist please refer to: > https://github.com/apache/iceberg-rust/tree/main/scripts > > To compile from source, please refer to: > https://github.com/apache/iceberg-rust/blob/main/CONTRIBUTING.md > > Here is a Python script in release to help you verify the release > candidate: > > ./scripts/verify.py > > Thank you! > > Sung >
