+1 (binding) I've verified the following: TEST_DEFAULT=0 TEST_SOURCE=1 TEST_SOURCE_REPRODUCIBLE=1 TEST_INTEGRATION=0 ./dev/release/verify-release-candidate.sh 23.0.1 0 TEST_DEFAULT=0 TEST_SOURCE=0 TEST_INTEGRATION=1 ./dev/release/verify-release-candidate.sh 23.0.1 0 TEST_DEFAULT=0 TEST_BINARY=1 ./dev/release/verify-release-candidate.sh 23.0.1 0 USE_CONDA=1 TEST_DEFAULT=0 TEST_WHEELS=1 dev/release/verify-release-candidate.sh 23.0.1 0 TEST_DEFAULT=0 TEST_APT=1 dev/release/verify-release-candidate.sh 23.0.1 0 TEST_DEFAULT=0 TEST_YUM=1 dev/release/verify-release-candidate.sh 23.0.1 0
Tested on Debian Forky 14. A non-blocker issue identified on 23.0.0 verification also appears on 23.0.1. If we build with both tests and integration enabled the integration tests fail. The issue can be found here [1], has been solved and will be included in 24.0.0. As it was a non-blocker for 23.0.0 I consider it a non-blocker for 23.0.1 too. Regards, Raúl [1] https://github.com/apache/arrow/issues/48862 El jue, 12 feb 2026 a las 4:58, Ruoxi Sun (<[email protected]>) escribió: > > +1 (binding) > > On my M1 Mac, macOS Sequoia Version 15.7.3 (24G419), Apple clang version > 17.0.0 (clang-1700.6.3.2), verified cpp: > > TEST_DEFAULT=0 TEST_CPP=1 ./verify-release-candidate.sh 23.0.1 0 > > Hash bd09adb4feac11fe49d1604f296618866702be610c86e2d513b561d877de6b18 is > matching previous votes. > > *Regards,* > *Rossi SUN* > > > On Thu, Feb 12, 2026 at 5:22 AM Julian Hyde <[email protected]> wrote: > > > Changing my vote: > > > > +1 jhyde (PMC) > > > > The hash bd09adb4feac11fe49d1604f296618866702be610c86e2d513b561d877de6b18 > > matches the .tar.gz and .sha256 files in subversion. > > > > I see now that Arrow has a practice of deleting RCs from subversion on > > release, and releases from subversion on the next release. It’s possible > > find historic artifacts but it requires use of the ’svn’ command-line. > > > > Please continue to include sha256 in the release email. Verifying releases > > is very difficult without it. > > > > Julian > > > > > > > On Feb 11, 2026, at 12:49 PM, Dewey Dunnington < > > [email protected]> wrote: > > > > > > Given that no votes have yet been cast, perhaps we can just clarify now > > > that the hash of the RC we're voting on is: > > > > > > bd09adb4feac11fe49d1604f296618866702be610c86e2d513b561d877de6b18 > > > apache-arrow-23.0.1.tar.gz > > > > > > ...and include it in future vote threads. I believe previous updates to > > the > > > distribution directories are logged and checked out (e.g., svn log > > > https://dist.apache.org/repos/dist/dev/arrow) should there be a > > question on > > > a past release). > > > > > > Cheers, > > > > > > -dewey > > > > > > On Wed, Feb 11, 2026 at 1:36 PM Julian Hyde <[email protected]> > > wrote: > > > > > >> -1 jhyde PMC > > >> > > >> I have concerns about Arrow’s release provenance that I have raised in a > > >> recent thread [1] and have not been resolved. > > >> > > >> Specifically, there does not seem to be a permanent record of the SHA of > > >> the RC that people vote on. This creates an opportunity for someone to > > >> substitute a bad .tar.gz for the good .tar.gz at some point after the > > >> release vote has passed. My concerns were about apache-arrow-adbc-21 but > > >> this RC seems to have the same problems. > > >> > > >> In Calcite, we include the SHA in the vote thread [2] and it is also > > >> available in the dist/dev tree [3]. That’s belt-and-suspenders; either > > is > > >> sufficient. > > >> > > >> Sorry to be a**hole. But this needs to be resolved. > > >> > > >> Julian > > >> > > >> [1] https://lists.apache.org/thread/fvfvv4hdkp5fqn2x7wn4wcwxt63yqnq3 > > >> [2] https://lists.apache.org/thread/1zdx79dbplx7czbqbo5m8dff5tst5c8y > > >> [3] > > >> > > https://dist.apache.org/repos/dist/dev/calcite/apache-calcite-avatica-go-5.2.0-rc0/ > > >> > > >>> On Feb 11, 2026, at 5:30 AM, Raúl Cumplido <[email protected]> wrote: > > >>> > > >>> Hi, > > >>> > > >>> I would like to propose the following release candidate (RC0) of Apache > > >>> Arrow version 23.0.1. This is a release consisting of 27 > > >>> resolved GitHub issues[1]. > > >>> > > >>> This release candidate is based on commit: > > >>> 82a374e5f3de5b744f26591e6cd96de6349c76d9 [2] > > >>> > > >>> The source release rc0 is hosted at [3]. > > >>> The binary artifacts are hosted at [4][5][6][7][8][9]. > > >>> The changelog is located at [10]. > > >>> > > >>> Please download, verify checksums and signatures, run the unit tests, > > >>> and vote on the release. See [11] for how to validate a release > > >> candidate. > > >>> > > >>> See also a verification result on GitHub pull request [12]. > > >>> > > >>> The vote will be open for at least 72 hours. > > >>> > > >>> [ ] +1 Release this as Apache Arrow 23.0.1 > > >>> [ ] +0 > > >>> [ ] -1 Do not release this as Apache Arrow 23.0.1 because... > > >>> > > >>> [1]: > > >> > > https://github.com/apache/arrow/issues?q=is%3Aissue+milestone%3A23.0.1+is%3Aclosed > > >>> [2]: > > >> > > https://github.com/apache/arrow/tree/82a374e5f3de5b744f26591e6cd96de6349c76d9 > > >>> [3]: > > >> https://dist.apache.org/repos/dist/dev/arrow/apache-arrow-23.0.1-rc0 > > >>> [4]: https://packages.apache.org/artifactory/arrow/almalinux-rc/ > > >>> [5]: https://packages.apache.org/artifactory/arrow/amazon-linux-rc/ > > >>> [6]: https://packages.apache.org/artifactory/arrow/centos-rc/ > > >>> [7]: https://packages.apache.org/artifactory/arrow/debian-rc/ > > >>> [8]: https://packages.apache.org/artifactory/arrow/ubuntu-rc/ > > >>> [9]: > > >> https://github.com/apache/arrow/releases/tag/apache-arrow-23.0.1-rc0 > > >>> [10]: > > >> > > https://github.com/apache/arrow/blob/82a374e5f3de5b744f26591e6cd96de6349c76d9/CHANGELOG.md > > >>> [11]: > > https://arrow.apache.org/docs/developers/release_verification.html > > >>> [12]: https://github.com/apache/arrow/pull/49212 > > >> > > >> > > > >
