On Thu, Feb 27, 2020 at 5:43 PM Abdelatif Guettouche <abdelatif.guettou...@gmail.com> wrote: > > > but we need to determine how > > many minimum PPMC / IPMC signatures are required to release. > Do we need to determine the number of signatures? Doesn't the RM's > signature suffice? > (I believe I read this in the documentation, but it's kind of hard to > go back and retrieve the relevant article).
Hmmm, I actually don't know. Over at the Subversion project, the RM signs the tarballs, then various PMC members run tests, verify the tarball contents are identical to the relevant revision in version control, sign the tarball, and email the list their signature and +1 to release; we wait for 3 signatures to release. This might be a project-specific policy and not ASF policy. I based what I wrote earlier on that... Nathan
