This is committed to trunk and branch-1.4.0 now, ready for another RC. Thanks to Aayush for the code review.
Chris Nauroth On Wed, Mar 19, 2025 at 1:51 PM Chris Nauroth <cnaur...@gmail.com> wrote: > -1 > > Signatures look good, but I found a few spots that need an update for the > new protobuf version: > > https://issues.apache.org/jira/browse/HADOOP-19510 > > https://github.com/apache/hadoop-thirdparty/pull/44 > > Chris Nauroth > > > On Tue, Mar 18, 2025 at 8:47 AM Wei-Chiu Chuang <weic...@apache.org> > wrote: > >> I just did >> gpg --verify <artifact>.tar.gz.asc <artifact>.tar.gz >> >> Ok after importing hadoop KEYS >> <https://downloads.apache.org/hadoop/common/KEYS>, this is the output >> which >> looks good to me: >> >> gpg: Signature made Fri Mar 14 08:56:01 2025 PDT >> gpg: using RSA key 38237EE425050285077DB57AD22CF846DBB162A0 >> gpg: Good signature from "Steve Loughran (ASF code sign key - 2018) < >> ste...@apache.org>" [unknown] >> gpg: aka "[jpeg image of size 8070]" [unknown] >> gpg: aka "Steve Loughran <ste...@cloudera.com>" [unknown] >> gpg: aka "Steve Loughran <steve.lough...@gmail.com>" >> [unknown] >> gpg: aka "Steve Loughran <ste...@hortonworks.com>" >> [unknown] >> gpg: WARNING: This key is not certified with a trusted signature! >> gpg: There is no indication that the signature belongs to the >> owner. >> Primary key fingerprint: 3823 7EE4 2505 0285 077D B57A D22C F846 DBB1 >> 62A0 >> >> Sorry. False alarm! >> >> On Mon, Mar 17, 2025 at 12:31 PM Steve Loughran >> <ste...@cloudera.com.invalid> >> wrote: >> >> > can you give me what command you ran to check the signature, and see if >> you >> > can update all your keys from the central servers? >> > >> > My key thinks it is not expired, so maybe its the KEYS file i need to >> > update or you need to refresh your keys. I will have a look at the keys >> > file tomorrow >> > >> > On Fri, 14 Mar 2025 at 21:46, Wei-Chiu Chuang <weic...@apache.org> >> wrote: >> > >> > > Looks like your GPG key expired? >> > > >> > > gpg: Signature made Fri Mar 14 08:56:00 2025 PDT >> > > gpg: using RSA key >> > 38237EE425050285077DB57AD22CF846DBB162A0 >> > > gpg: Good signature from "Steve Loughran (ASF code sign key - 2018) < >> > > ste...@apache.org>" [expired] >> > > gpg: aka "[jpeg image of size 8070]" [expired] >> > > gpg: Note: This key has expired! >> > > Primary key fingerprint: 3823 7EE4 2505 0285 077D B57A D22C F846 DBB1 >> > 62A0 >> > > >> > > On Fri, Mar 14, 2025 at 11:23 AM Steve Loughran >> > > <ste...@cloudera.com.invalid> >> > > wrote: >> > > >> > > > I have built a release candidate (RC0) for Hadoop-Thirdparty 1.4.0. >> > > > >> > > > The RC is available at: >> > > > >> > > >> > >> https://dist.apache.org/repos/dist/dev/hadoop/hadoop-thirdparty-1.4.0-RC0/ >> > > > >> > > > The git tag is release-1.4.0-RC0, >> > > > and commit 5595f1357eaad02e1cfb660bcce7fd34515197ff >> > > > >> > > > The maven artifacts are staged at >> > > > >> > https://repository.apache.org/content/repositories/orgapachehadoop-1433 >> > > > >> > > > Please try the release and vote. The vote will run for 5 days. >> > > > >> > > > I will vote once I've done more of the testing myself >> > > > >> > > > steve >> > > > >> > > >> > >> >
