Re: [VOTE] Set a buffer time before we upgrade to the latest version of dependencies

+1 (non binding)

Best regards,
Yicong Huang


On Thu, Apr 23, 2026 at 4:14 PM Szehon Ho <[email protected]> wrote:

> +1 (non binding)
>
> Thanks!
> Szehon
>
> On Fri, Apr 24, 2026 at 1:03 AM Tian Gao via dev <[email protected]>
> wrote:
>
>> Hi, as discussed in
>> https://lists.apache.org/thread/lwgqo36pqzlddtq2f8fxy6c1jj8go4x6
>> <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.apache.org%2Fthread%2Flwgqo36pqzlddtq2f8fxy6c1jj8go4x6&data=05%7C02%7Cyiconghuang%40umass.edu%7Ce164041d3152450d8ecc08dea18e207b%7C7bd08b0b33954dc194bbd0b2e56a497f%7C0%7C0%7C639125828966178972%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=I9tJ6bd9Xw8i5JPzk9toccRrFCk8OEPtP1nOJu%2Bh70s%3D&reserved=0>
>> , I'm proposing a vote for a buffer time to upgrade our dependencies.
>>
>> The proposal is:
>> For the apache/spark repo only, we can only upgrade third-party
>> dependencies (including Apache projects) to a version released at least
>> seven days ago. This covers Java, Python and all other dependencies.
>> Security upgrades are exempted and will be conducted by PMCs.
>>
>> [ ] +1: approve
>> [ ] 0: no opinion
>> [ ] - 1: disapprove
>>
>> This is a procedural vote (no code change) so we need a simple majority
>> (more +1s than -1s).
>>
>> Tian
>>
>

Re: [VOTE] Set a buffer time before we upgrade to the latest version of dependencies

Reply via email to