I vote +1 * Confirmed sigs & hashes with `coho verify-archive` * Verified sha1s match tags with `coho verify-tags` * CI is green * run 'npm install' in package * tests success on local * checked licenses with coho and manually
One minor issue: "npm audit" finds one low vulnerability for minimist April 8, 2020 6:22 AM, "Bryan Ellis" <er...@apache.org> wrote: > Please review and vote on this cordova-js Major Release v6.0.0 > by replying to this email (and keep discussion on the DISCUSS thread) > > The archive has been published to dist/dev: > https://dist.apache.org/repos/dist/dev/cordova/js-6.0.0 > > The package was published from its corresponding git tag: > cordova-js: 6.0.0 (58c14e62c3) > > Upon a successful vote I will upload the archive to dist/, publish it to > npm, and post the blog post. > > Voting guidelines: > https://github.com/apache/cordova-coho/blob/master/docs/release-voting.md > > Voting will go on for a minimum of 48 hours. > > I vote +1: > * Ran coho audit-license-headers over the relevant repos > * Ran coho check-license to ensure all dependencies and subdependencies > have Apache-compatible licenses > * Ensured continuous build was green when repo was tagged > * NPM Audit > * NPM Test --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org For additional commands, e-mail: dev-h...@cordova.apache.org