I vote -1 I could not verify the packages signature. Importing the public keys from [1] did not give me a matching key.
It looks strange and not like the GPG output I am used to. (sorry my machine is German) gpg: die unterzeichneten Daten sind wohl in 'cordova-plugin-camera-4.2.0.tgz' gpg: Signatur vom Do 07 Mai 2020 10:41:00 CEST gpg: mittels RSA-Schlüssel E6BDB1EAE1F49643A1A29ED213148950F12F403C gpg: Signatur kann nicht geprüft werden: Kein öffentlicher Schlüssel [1] https://github.com/apache/cordova-coho/blob/master/docs/setting-up-gpg.md#importing-pmc-members-pgp-keys Am 07.05.20 um 11:07 schrieb Jesse: > Please review and vote on the release of corodova-plugin-camera > by replying to this email (and keep discussion on the DISCUSS thread) > > The plugin has been published to dist/dev: > https://dist.apache.org/repos/dist/dev/cordova/Camera-4.2.0/ > > The packages were published from their corresponding git > tags:cordova-plugin-camera: 4.2.0 (adf15799d9) > > Upon a successful vote I will upload the archives to dist/, upload them to > npm, and post the corresponding blog post. > > Voting guidelines: > https://github.com/apache/cordova-coho/blob/master/docs/release-voting.md > How to vote on a plugins release at > https://github.com/apache/cordova-coho/blob/master/docs/plugins-release-process.md#voting > > Voting will go on for a minimum of 48 hours. > > I vote +1: > * Ran coho audit-license-headers over the relevant repos > * Ran coho check-license to ensure all dependencies and sub-dependencies > have Apache-compatible licenses > * Ensured continuous build was green when repos were tagged > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org For additional commands, e-mail: dev-h...@cordova.apache.org
