I think we're going to need to create a Daffodil 3.2.1 release. We have this current critical bug https://issues.apache.org/jira/browse/DAFFODIL-2608 which is a flaw in unparsing associated with a primary 3.2.0 feature. I'll take the blame for inadequate testing there. I hope to work on this today.
There is also a urgent CVE about Log4J. The cybersecurity community, which uses Daffodil quite a bit, is insisting on updates to software using Log4J within 15 days. The update for this is already in the 3.3.0-SNAPSHOT branch. There have been a number of other changes made on the 3.3.0-SNAPSHOT branch since the official 3.2.0 release. Are there any thoughts on whether we should just release 3.3.0-SNAPSHOT branch as 3.2.1, or whether we should fork from 3.2.0 and apply the minimum amount of fixes?