+1 On Fri, 24 Apr 2026 at 13:27, Yicong Huang <[email protected]> wrote:
> > +1 (non binding) > > Best regards, > Yicong Huang > > On Thu, Apr 23, 2026 at 4:14 PM Szehon Ho <[email protected]> wrote: > >> +1 (non binding) >> >> Thanks! >> Szehon >> >> On Fri, Apr 24, 2026 at 1:03 AM Tian Gao via dev <[email protected]> >> wrote: >> >>> Hi, as discussed in >>> https://lists.apache.org/thread/lwgqo36pqzlddtq2f8fxy6c1jj8go4x6 >>> <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.apache.org%2Fthread%2Flwgqo36pqzlddtq2f8fxy6c1jj8go4x6&data=05%7C02%7Cyiconghuang%40umass.edu%7Ce164041d3152450d8ecc08dea18e207b%7C7bd08b0b33954dc194bbd0b2e56a497f%7C0%7C0%7C639125828966178972%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=I9tJ6bd9Xw8i5JPzk9toccRrFCk8OEPtP1nOJu%2Bh70s%3D&reserved=0> >>> , I'm proposing a vote for a buffer time to upgrade our dependencies. >>> >>> The proposal is: >>> For the apache/spark repo only, we can only upgrade third-party >>> dependencies (including Apache projects) to a version released at least >>> seven days ago. This covers Java, Python and all other dependencies. >>> Security upgrades are exempted and will be conducted by PMCs. >>> >>> [ ] +1: approve >>> [ ] 0: no opinion >>> [ ] - 1: disapprove >>> >>> This is a procedural vote (no code change) so we need a simple majority >>> (more +1s than -1s). >>> >>> Tian >>> >>
