I simply did not have the public key. Looks good to me. Vote is yes.
On 2023/09/26 17:11:47 Chris Bo wrote: > My vote is a yes IF the 2 discrepancies listed below are expected/mitigated. > > *Checksum:* Valid > > > cbono@cbonoN3J33 source-comparison % shasum -a 512 -c > > pulsar-client-reactive-0.4.0-src.tar.gz.sha512 > > pulsar-client-reactive-0.4.0-src.tar.gz: OK > > > *Signature*: Questionable - I ran into this during validation. Is this > expected? > > > cbono@cbonoN3J33 source-comparison % gpg --verify > > pulsar-client-reactive-0.4.0-src.tar.gz.asc > > gpg: assuming signed data in 'pulsar-client-reactive-0.4.0-src.tar.gz' > > gpg: Signature made Tue Sep 26 04:48:50 2023 CDT > > gpg: using RSA key <<redacted>> > > gpg: Can't check signature: No public key > > cbono@cbonoN3J33 source-comparison % > > > > *Hash*: Valid > > > cbono@cbonoN3J33 source-comparison % ( cd > > pulsar-client-reactive-0.4.0-candidate-1-source && git rev-parse HEAD ) > > 01bf7dcf9a7379e4b325c2f6d0d43ec6c451a670 > > > *Source*: Questionable - I ran into this during validation. Is this > expected? > > > cbono@cbonoN3J33 source-comparison % diff -r pulsar-client-reactive-0.4.0 > > pulsar-client-reactive-0.4.0-candidate-1-source > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .asf.yaml > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .git > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .gitattributes > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .github > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .gitignore > > Only in pulsar-client-reactive-0.4.0-candidate-1-source/gradle: wrapper > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: gradlew > > Only in pulsar-client-reactive-0.4.0-candidate-1-source: gradlew.bat > > > > *Artifacts work in sample app: *Valid > I verified staged artifacts work well in a sample application. > > On 2023/09/26 10:02:38 Christophe Bornet wrote: > > This is release candidate 1 for the Reactive Java client for Apache > > Pulsar, version 0.4.0. > > > > *** Please download, test and vote on this release. This vote will > > stay open for at least 72 hours *** > > > > Note that we are voting upon the source (tag). Binaries in the Maven > > repository are provided for convenience. > > > > Source package: > https://dist.apache.org/repos/dist/dev/pulsar/pulsar-client-reactive-0.4.0-candidate-1/ > > > > SHA-512 checksums: > > > 289589bd6c37e0ddb3903c0d628e1edb9bb33a7868a86d99af82770cb13a9414f049ff7db0317366e245de2eb89320a5a483a5d0e7381739d303f4e84a166607 > > pulsar-client-reactive-0.4.0-src.tar.gz > > > > Maven staging repo: > https://repository.apache.org/content/repositories/orgapachepulsar-1242/ > > > > The tag to be voted upon: > > v0.4.0-candidate-1 > > (01bf7dcf9a7379e4b325c2f6d0d43ec6c451a670) > https://github.com/apache/pulsar-client-reactive/releases/tag/v0.4.0-candidate-1 > > > > Please download the source package, and follow detailed instructions > > for pulsar-client-reactive release validation at > > > https://github.com/apache/pulsar-client-reactive/wiki/Release-process#release-validation > > . > > > > Best regards > > > > Christophe Bornet > > >
