+1 (binding)
Source package
- license and notice present
- verified signature
- verified checksum
- rat checks passed
- built dist from source
- ran dist from source on k8s with Druid operator
- batch and Kafka ingest
- msq compaction supervisors
- queries with sql, json, msq select
Binary package
- license and notice present
- verified signature
- verified checksum
Docker
- pulled
- ran embedded tests
- verified checksum
On Tue, Apr 28, 2026 at 5:17 PM Cece Mei <[email protected]> wrote:
> Hi all,
>
> I have created a build for Apache Druid 37.0.0, release candidate 2.
>
> Thanks to everyone who has helped contribute to the release! You can read
> the proposed release notes here:
> https://github.com/apache/druid/issues/19287
>
> The release candidate has been tagged in GitHub as druid-37.0.0-rc2
> (b206640c830bc2c3bdc2867cfb317c902a0e1acb),
> available here:
> https://github.com/apache/druid/releases/tag/druid-37.0.0-rc2
>
> The artifacts to be voted on are located here:
> https://dist.apache.org/repos/dist/dev/druid/37.0.0-rc2/
>
> A staged Maven repository is available for review at:
> https://repository.apache.org/content/repositories/orgapachedruid-1098/
>
> Staged druid.apache.org website documentation is available here:
> https://druid.staged.apache.org/docs/37.0.0/design/index.html
>
> A Docker image containing the binary of the release candidate can be
> retrieved via:
> docker pull apache/druid:37.0.0-rc2
>
> artifact checksums
> src:
>
> f0ba5dbd3897b61d8956b5e9d1075d3f1681ff6905db505ac674c8f5b5bc899876cc3fee52b1799323a4fff8282d61d693dfef15d037cab656945952c2abefa2
> bin:
>
> ba2f23755676a057df93e6ceb5cc9d158d1b0c8f693a9b189d7048c57aea161773b039076bfeb5d2eb1bc1cd318d8f80a5030bcb6ab7deaf30ba8b019cfb57be
> docker:
> 15be98e21ac7c63cab1a60d26a0499c362173970e38046ae73624e01ae387641
>
> Release artifacts are signed with the following key:
> https://people.apache.org/keys/committer/yqm.asc
>
> This key and the key of other committers can also be found in the project's
> KEYS file here:
> https://dist.apache.org/repos/dist/release/druid/KEYS
>
> (If you are a committer, please feel free to add your own key to that file
> by following the instructions in the file's header.)
>
> Verify checksums:
> diff <(shasum -a512 apache-druid-37.0.0-src.tar.gz | cut -d ' ' -f1) \
> <(cat apache-druid-37.0.0-src.tar.gz.sha512 ; echo)
>
> diff <(shasum -a512 apache-druid-37.0.0-bin.tar.gz | cut -d ' ' -f1) \
> <(cat apache-druid-37.0.0-bin.tar.gz.sha512 ; echo)
>
> Verify signatures:
> gpg --verify apache-druid-37.0.0-src.tar.gz.asc
> apache-druid-37.0.0-src.tar.gz
>
> gpg --verify apache-druid-37.0.0-bin.tar.gz.asc
> apache-druid-37.0.0-bin.tar.gz
>
> Please review the proposed artifacts and vote.
> Note that Apache has specific requirements that must be met before +1
> binding votes can be cast by PMC members.
> Please refer to the policy at
> https://www.apache.org/legal/release-policy.html#policy for more details.
>
> As part of the validation process, the release artifacts can be generated
> from source by running:
> mvn clean install -Papache-release,dist -Dgpg.skip
>
> The RAT license check can be run from source by:
> mvn apache-rat:check -Prat
>
> This vote will be open for at least 72 hours. The vote will pass if a
> majority of at least three +1 PMC votes are cast.
>
> [ ] +1 Release this package as Apache Druid 37.0.0
> [ ] 0 I don't feel strongly about it, but I'm okay with the release
> [ ] -1 Do not release this package because...
>
> Thanks!
>
