Thank you for the voting and I see the artifact available in Maven Central. I'll work on the PR to use the published artifact today. https://search.maven.org/artifact/org.apache.beam/beam-vendor-grpc-1_36_0/0.1/jar
On Tue, Mar 16, 2021 at 3:07 PM Kenneth Knowles <k...@apache.org> wrote: > Update on this: there are some minor issues and then I'll send out the RC. > > I think this is worth blocking 2.29.0 release on, so I will do this first. > We are still eliminating other blockers from 2.29.0 anyhow. > > Kenn > > On Mon, Mar 15, 2021 at 7:17 AM Tomo Suzuki <suzt...@google.com> wrote: > >> Hi Beam developers, >> >> I'm working on upgrading the vendored gRPC 1.36.0 >> https://issues.apache.org/jira/browse/BEAM-11227 (PR: >> https://github.com/apache/beam/pull/14028) >> Let me know if you have any questions or concerns. >> >> Background: >> Exchanged messages with Ismaël in BEAM-11227, it seems that it the ticket >> created by some automation is false positive, but it's nice to use an >> artifact without being marked with CVE. >> >> Kenn offered to work as the release manager (as in >> https://s.apache.org/beam-release-vendored-artifacts) of the vendored >> artifact. >> >> -- >> Regards, >> Tomo >> > -- Regards, Tomo
