Cedric do u have a link to key base tools pls ? On Thursday, 9 July 2015, Cédric Champeau <[email protected]> wrote:
> For the signature, I'm using keybase, which is a public web of trust. Just > click the link that the signature check gives you. > > 2015-07-09 23:17 GMT+02:00 Pascal Schumacher <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>>: > >> +1 >> >> >gradle test dist >> BUILD SUCCESSFUL >> >> unziped binDist: groovysh runs; can compile and run a script >> >> signature looks o.k.: >> >gpg --verify apache-groovy-src-2.4.4-incubating.zip.asc >> apache-groovy-src-2.4.4-incubating.zip >> gpg: Signatur vom 07/09/15 22:06:32 Mitteleuropõische Sommerzeit mittels >> RSA-Schlüssel ID D6BDB924 >> gpg: Korrekte Signatur von "keybase.io/melix <[email protected]> >> <javascript:_e(%7B%7D,'cvml','[email protected]');>" [unbekannt] >> gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur! >> gpg: Es gibt keinen Hinweis, daß die Signatur wirklich dem >> vorgeblichen Besitzer gehört. >> Haupt-Fingerabdruck = 3312 24E1 D7BE 883D 16E8 A685 825C 06C8 27AF 6B66 >> Unter-Fingerabdruck = 0191 E61A CBBE 7632 3AC1 5C83 B5AD 94BD D6BD B924 >> >> I guess real name and trusted signature would be nice. ;) >> >> Big thanks to Cédric for doing the work. >> >> Cheers, >> Pascal >> >> >> Am 09.07.2015 um 22:29 schrieb Cédric Champeau: >> >> Dear community, >> >> This is our second attempt to release Apache Groovy 2.4.4 after a first >> missed released a few weeks ago. Since our last try, we fixed the problems >> that were highlighted by our mentors. In particular, we removed the last >> jars from the source distribution, we fixed the missing headers and >> relicensed the documentation to ALv2. >> >> The changelog for this release can be found here: >> <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941> >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941 >> >> Tag for the release: >> https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=commit;h=716b0b1bd56eeab04e4441eecc91c2cd8bfda8b6 >> <https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=tag;h=19f70958f39f0cc5c6b4d3e9471fd297400647d2> >> >> The artifacts to be voted on are located here: >> <http://people.apache.org/%7Ecchampeau/groovy/> >> http://people.apache.org/~cchampeau/groovy/ >> >> Release artifacts are signed with the following keys: >> <http://people.apache.org/%7Ecchampeau/groovy/KEYS> >> http://people.apache.org/~cchampeau/groovy/KEYS >> >> It is expected that mentors or PPMC members check at least checksums and >> signatures, and of course much better if you can also verify the source >> package. >> >> Please vote on releasing this package as Apache Groovy 2.4.4-incubating. >> >> The vote is open for the next 72 hours and passes if a majority of at >> least three +1 PPMC votes are cast. >> >> [ ] +1 Release Apache Groovy 2.4.4-incubating >> [ ] 0 I don't have a strong opinion about this, but I assume it's ok >> [ ] -1 Do not release Apache Groovy 2.4.4-incubating because... >> >> Here is my vote: >> >> +1 (binding) >> >> >> >
