+1 I verified checksums and digital signatures. Downloaded and built the source and verified all tests passed. Tested the new plugin with some schemas and verified that some of the new features were working (being able to get the full command to run to package the schema with the correct classpath is very helpful).
Josh ________________________________ From: Mike Beckerle <mbecke...@apache.org> Sent: Thursday, January 30, 2025 11:01 AM To: dev@daffodil.apache.org <dev@daffodil.apache.org> Subject: Re: [VOTE] Release Apache Daffodil SBT Plugin 1.3.0-rc1 +1 I verified all md5 hashes, sha1 checksums, and digital signatures (output below) I tested all sbt actions for several active DFDL schema development projects, large and small. Output from hash/checksum/sig check: gpg --verify ./sbt-daffodil-1.3.0.jar.asc ./sbt-daffodil-1.3.0.jar gpg: Signature made Fri 24 Jan 2025 01:15:31 PM EST gpg: using RSA key B58C81142758101A43D5B17D36F3494B033AE661 gpg: Good signature from "Steve Lawrence <slawre...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B58C 8114 2758 101A 43D5 B17D 36F3 494B 033A E661 PASSED GPG Signature Check gpg --verify ./sbt-daffodil_2.12_1.0-1.3.0-javadoc.jar.asc ./sbt-daffodil_2.12_1.0-1.3.0-javadoc.jar gpg: Signature made Fri 24 Jan 2025 01:15:30 PM EST gpg: using RSA key B58C81142758101A43D5B17D36F3494B033AE661 gpg: Good signature from "Steve Lawrence <slawre...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B58C 8114 2758 101A 43D5 B17D 36F3 494B 033A E661 PASSED GPG Signature Check gpg --verify ./sbt-daffodil_2.12_1.0-1.3.0.jar.asc ./sbt-daffodil_2.12_1.0-1.3.0.jar gpg: Signature made Fri 24 Jan 2025 01:15:30 PM EST gpg: using RSA key B58C81142758101A43D5B17D36F3494B033AE661 gpg: Good signature from "Steve Lawrence <slawre...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B58C 8114 2758 101A 43D5 B17D 36F3 494B 033A E661 PASSED GPG Signature Check gpg --verify ./sbt-daffodil_2.12_1.0-1.3.0-sources.jar.asc ./sbt-daffodil_2.12_1.0-1.3.0-sources.jar gpg: Signature made Fri 24 Jan 2025 01:15:29 PM EST gpg: using RSA key B58C81142758101A43D5B17D36F3494B033AE661 gpg: Good signature from "Steve Lawrence <slawre...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B58C 8114 2758 101A 43D5 B17D 36F3 494B 033A E661 PASSED GPG Signature Check gpg --verify ./sbt-daffodil-1.3.0-javadoc.jar.asc ./sbt-daffodil-1.3.0-javadoc.jar gpg: Signature made Fri 24 Jan 2025 01:15:30 PM EST gpg: using RSA key B58C81142758101A43D5B17D36F3494B033AE661 gpg: Good signature from "Steve Lawrence <slawre...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B58C 8114 2758 101A 43D5 B17D 36F3 494B 033A E661 PASSED GPG Signature Check gpg --verify ./sbt-daffodil-1.3.0-sources.jar.asc ./sbt-daffodil-1.3.0-sources.jar gpg: Signature made Fri 24 Jan 2025 01:15:31 PM EST gpg: using RSA key B58C81142758101A43D5B17D36F3494B033AE661 gpg: Good signature from "Steve Lawrence <slawre...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B58C 8114 2758 101A 43D5 B17D 36F3 494B 033A E661 PASSED GPG Signature Check ALL JARS VALIDATED GPG SIGNATURES md5sum ./sbt-daffodil-1.3.0.jar PASS MD5 Comparison md5sum ./sbt-daffodil_2.12_1.0-1.3.0-javadoc.jar PASS MD5 Comparison md5sum ./sbt-daffodil_2.12_1.0-1.3.0.jar PASS MD5 Comparison md5sum ./sbt-daffodil_2.12_1.0-1.3.0-sources.jar PASS MD5 Comparison md5sum ./sbt-daffodil-1.3.0-javadoc.jar PASS MD5 Comparison md5sum ./sbt-daffodil-1.3.0-sources.jar PASS MD5 Comparison md5sum ./sbt-daffodil_2.12_1.0-1.3.0-sources.jar.asc PASS MD5 Comparison md5sum ./sbt-daffodil-1.3.0-javadoc.jar.asc PASS MD5 Comparison md5sum ./sbt-daffodil_2.12_1.0-1.3.0-javadoc.jar.asc PASS MD5 Comparison md5sum ./sbt-daffodil-1.3.0.jar.asc PASS MD5 Comparison md5sum ./sbt-daffodil_2.12_1.0-1.3.0.jar.asc PASS MD5 Comparison md5sum ./sbt-daffodil-1.3.0-sources.jar.asc PASS MD5 Comparison All files checked md5 sums sha1sum ./sbt-daffodil-1.3.0.jar PASS SHA1 Comparison sha1sum ./sbt-daffodil_2.12_1.0-1.3.0-javadoc.jar PASS SHA1 Comparison sha1sum ./sbt-daffodil_2.12_1.0-1.3.0.jar PASS SHA1 Comparison sha1sum ./sbt-daffodil_2.12_1.0-1.3.0-sources.jar PASS SHA1 Comparison sha1sum ./sbt-daffodil-1.3.0-javadoc.jar PASS SHA1 Comparison sha1sum ./sbt-daffodil-1.3.0-sources.jar PASS SHA1 Comparison sha1sum ./sbt-daffodil_2.12_1.0-1.3.0-sources.jar.asc PASS SHA1 Comparison sha1sum ./sbt-daffodil-1.3.0-javadoc.jar.asc PASS SHA1 Comparison sha1sum ./sbt-daffodil_2.12_1.0-1.3.0-javadoc.jar.asc PASS SHA1 Comparison sha1sum ./sbt-daffodil-1.3.0.jar.asc PASS SHA1 Comparison sha1sum ./sbt-daffodil_2.12_1.0-1.3.0.jar.asc PASS SHA1 Comparison sha1sum ./sbt-daffodil-1.3.0-sources.jar.asc PASS SHA1 Comparison All files checked SHA1 sums ALL ARCHIVES VALIDATED GPG SIGNATURES All ARCHIVES checked SHA512 sums ALL PASSED On Tue, Jan 28, 2025 at 11:53 AM Kilo, Olabusayo <ok...@owlcyberdefense.com> wrote: > +1 (binding) > > I checked: > > [OK] release webpage links all work > [X] typo on release notes page: "daffodilVersion 3.2.0 or new" -> > "daffodilVersion 3.2.0 or newer" > [OK] verified links in emails all work > [OK] verified generating saved schema works for 1.3.0 > [OK] verified export functionality works > > > -- > Lola Kilo > ________________________________ > From: Steve Lawrence <slawre...@apache.org> > Sent: Friday, January 24, 2025 1:22 PM > To: dev@daffodil.apache.org <dev@daffodil.apache.org> > Subject: [VOTE] Release Apache Daffodil SBT Plugin 1.3.0-rc1 > > Hi all, > > I'd like to call a vote to release Apache Daffodil SBT Plugin 1.3.0-rc1. > > All distribution packages, including signatures, digests, etc. can be > found at: > > https://dist.apache.org/repos/dist/dev/daffodil/daffodil-sbt/1.3.0-rc1/ > > Staging artifacts can be found at: > > https://repository.apache.org/content/repositories/orgapachedaffodil-1049/ > > This release has been signed with PGP key 36F3494B033AE661, corresponding > to > slawre...@apache.org, which is included in the KEYS file here: > > https://downloads.apache.org/daffodil/KEYS > > The release candidate has been tagged in git with v1.3.0-rc1. > > For reference, here is a list of all resolved issues in the 1.3.0 > milestone: > > https://github.com/apache/daffodil-sbt/milestone/4?closed=1 > > For a summary of the changes in this release, see: > > https://daffodil.apache.org/sbt/1.3.0 > > Please review and vote. The vote will be open for at least 72 hours > (Wednesday, > 29 January 2025, 1:30 PM EST). > > [ ] +1 approve > [ ] +0 no opinion > [ ] -1 disapprove (and reason why) > > Thanks, > - Steve >
