> Could you include this fix (https://github.com/apache/pulsar-client-go/pull/1155), which fixes a CVE?
Sure. I am closing this vote. And will start releasing candidate 2 later. Thanks, Zike Yang On Fri, Jan 12, 2024 at 3:50 PM Yunze Xu <x...@apache.org> wrote: > > Could you include this fix > (https://github.com/apache/pulsar-client-go/pull/1155), which fixes a > CVE? > > Thanks, > Yunze > > On Wed, Jan 10, 2024 at 3:21 PM Zike Yang <z...@apache.org> wrote: > > > > Hi everyone, > > Please review and vote on the release candidate #1 for the version > > 0.12.0, as follows: > > [ ] +1, Approve the release > > [ ] -1, Do not approve the release (please provide specific comments) > > > > This is the first release candidate for Apache Pulsar Go client, version > > 0.12.0. > > > > The release note/changelog for Go client 0.12.0: > > https://github.com/apache/pulsar-client-go/pull/1153/files > > > > Pulsar Client Go's KEYS file contains PGP keys we used to sign this release: > > https://downloads.apache.org/pulsar/KEYS > > > > Please download these packages and review this release candidate: > > - Review release notes: https://github.com/apache/pulsar-client-go/pull/1153 > > - Download the source package (verify shasum, and asc) and follow the > > README.md to build and run the pulsar-client-go. > > > > The vote will be open for at least 72 hours. It is adopted by majority > > approval, with at least 3 PMC affirmative votes. > > > > Source file: > > https://dist.apache.org/repos/dist/dev/pulsar/pulsar-client-go-0.12.0-candidate-1/ > > > > The tag to be voted upon: > > v0.12.0-candidate-1 > > https://github.com/apache/pulsar-client-go/tree/v0.12.0-candidate-1 > > > > SHA-512 checksums: > > a32e1072646a13aa54f983f0d3fce9c1917773fcb261d3431e2ecf1bac519cf50d3e8c3479f527e3ec8fb69518e987f25f1e3b9eae6736739aaea77941766304 > > apache-pulsar-client-go-0.12.0-src.tar.gz
