My vote is a yes IF the 2 discrepancies listed below are expected/mitigated.
*Checksum:* Valid > cbono@cbonoN3J33 source-comparison % shasum -a 512 -c > pulsar-client-reactive-0.4.0-src.tar.gz.sha512 > pulsar-client-reactive-0.4.0-src.tar.gz: OK *Signature*: Questionable - I ran into this during validation. Is this expected? > cbono@cbonoN3J33 source-comparison % gpg --verify > pulsar-client-reactive-0.4.0-src.tar.gz.asc > gpg: assuming signed data in 'pulsar-client-reactive-0.4.0-src.tar.gz' > gpg: Signature made Tue Sep 26 04:48:50 2023 CDT > gpg: using RSA key <<redacted>> > gpg: Can't check signature: No public key > cbono@cbonoN3J33 source-comparison % *Hash*: Valid > cbono@cbonoN3J33 source-comparison % ( cd > pulsar-client-reactive-0.4.0-candidate-1-source && git rev-parse HEAD ) > 01bf7dcf9a7379e4b325c2f6d0d43ec6c451a670 *Source*: Questionable - I ran into this during validation. Is this expected? > cbono@cbonoN3J33 source-comparison % diff -r pulsar-client-reactive-0.4.0 > pulsar-client-reactive-0.4.0-candidate-1-source > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .asf.yaml > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .git > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .gitattributes > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .github > Only in pulsar-client-reactive-0.4.0-candidate-1-source: .gitignore > Only in pulsar-client-reactive-0.4.0-candidate-1-source/gradle: wrapper > Only in pulsar-client-reactive-0.4.0-candidate-1-source: gradlew > Only in pulsar-client-reactive-0.4.0-candidate-1-source: gradlew.bat *Artifacts work in sample app: *Valid I verified staged artifacts work well in a sample application. On 2023/09/26 10:02:38 Christophe Bornet wrote: > This is release candidate 1 for the Reactive Java client for Apache > Pulsar, version 0.4.0. > > *** Please download, test and vote on this release. This vote will > stay open for at least 72 hours *** > > Note that we are voting upon the source (tag). Binaries in the Maven > repository are provided for convenience. > > Source package: https://dist.apache.org/repos/dist/dev/pulsar/pulsar-client-reactive-0.4.0-candidate-1/ > > SHA-512 checksums: > 289589bd6c37e0ddb3903c0d628e1edb9bb33a7868a86d99af82770cb13a9414f049ff7db0317366e245de2eb89320a5a483a5d0e7381739d303f4e84a166607 > pulsar-client-reactive-0.4.0-src.tar.gz > > Maven staging repo: https://repository.apache.org/content/repositories/orgapachepulsar-1242/ > > The tag to be voted upon: > v0.4.0-candidate-1 > (01bf7dcf9a7379e4b325c2f6d0d43ec6c451a670) https://github.com/apache/pulsar-client-reactive/releases/tag/v0.4.0-candidate-1 > > Please download the source package, and follow detailed instructions > for pulsar-client-reactive release validation at > https://github.com/apache/pulsar-client-reactive/wiki/Release-process#release-validation > . > > Best regards > > Christophe Bornet >