Hi, I’ve not done a full check (which I will do) but I would be -1 on this release as it looks like it’s been signed with an expired key:
gpg: Good signature from "Brennan Ashton <bash...@brennanashton.com>" [expired] gpg: Note: This key has expired! It's also a good idea to sign with an “@apache.org” email address. Thanks, Justin
