Hi, Guangning It seems that we have to upgrade version of pulsar-client-node to 1.6.2 because 1.6.0 and 1.6.1 already exist on the npm registry. https://www.npmjs.com/package/pulsar-client/v/1.6.0 https://www.npmjs.com/package/pulsar-client/v/1.6.1
Once a package has been uploaded to the npm registry, it cannot be removed from the npm registry because pulsar-client-node has dependent packages in the npm registry. https://docs.npmjs.com/policies/unpublish And, I'm sorry but could you include following PRs into 1.6.2? https://github.com/apache/pulsar-client-node/pull/198 https://github.com/apache/pulsar-client-node/pull/197 There are security fix and avoidance of tarball file corruption by adding the license header. Regards, Hiroyuki ________________________________ From: Guangning E <guangn...@apache.org> Sent: Wednesday, March 2, 2022 10:47 To: Dev <dev@pulsar.apache.org>; us...@pulsar.apache.org <us...@pulsar.apache.org> Subject: Re: [VOTE] Pulsar Node.js Client Release 1.6.0 Candidate 2 Welcome to vote to verify it, thanks. Thanks, Guangning Guangning E <guangn...@apache.org<mailto:guangn...@apache.org>> 于2022年2月28日周一 22:12写道: Hi everyone, Please review and vote on the release candidate #2 for the version 1.6.0, as follows: [ ] +1, Approve the release [ ] -1, Do not approve the release (please provide specific comments) This is the first release candidate for Apache Pulsar Node.js client, version 1.6.0. It fixes the following issues: https://github.com/apache/pulsar-client-node/milestone/1?closed=1 Please download the source files and review this release candidate: - Review release notes - Download the source package (verify shasum and asc) and follow the README.md to build and run the Pulsar Node.js client. The vote will be open for at least 72 hours. It is adopted by majority approval, with at least 3 PMC affirmative votes. Source files: https://dist.apache.org/repos/dist/dev/pulsar/pulsar-client-node/pulsar-client-node-1.6.0-candidate-2/<https://jpn01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdist.apache.org%2Frepos%2Fdist%2Fdev%2Fpulsar%2Fpulsar-client-node%2Fpulsar-client-node-1.6.0-candidate-2%2F&data=04%7C01%7Chsakai%40yahoo-corp.jp%7C90f81382e3974d79957908d9fbeeaca6%7Ca208d369cd4e4f87b11998eaf31df2c3%7C1%7C0%7C637817824890223073%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=KEBmEtLuUbkMYLWBgCWcxSF8NNSvpXMjtvsv%2BBnr6q8%3D&reserved=0> Pulsar's KEYS file containing PGP keys we use to sign the release: https://dist.apache.org/repos/dist/dev/pulsar/KEYS<https://jpn01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdist.apache.org%2Frepos%2Fdist%2Fdev%2Fpulsar%2FKEYS&data=04%7C01%7Chsakai%40yahoo-corp.jp%7C90f81382e3974d79957908d9fbeeaca6%7Ca208d369cd4e4f87b11998eaf31df2c3%7C1%7C0%7C637817824890223073%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=x382pXG05tF7%2Bjq6gqwH1wcv6K6mv5EskX79msLwDb8%3D&reserved=0> SHA-512 checksum: 38352f762e2592ad5387f6391db010e1a00ff25eadc5d4a5963eb24a6f572882269571ebbea45ebc4105dfd0a69995d88f78e0ccd7f39ddc958e357326df9590 pulsar-client-node-1.6.0.tar.gz The tag to be voted upon: v1.6.0-rc.2 https://github.com/apache/pulsar-client-node/releases/tag/v1.6.0-rc.2 Thanks, Guangning
