Hi Brian, What gpg did you use to sign the artifacts? I've imported https://downloads.apache.org/shiro/KEYS but I get the following:
gpg --verify shiro-root-1.6.0-source-release.zip.asc gpg: assuming signed data in 'shiro-root-1.6.0-source-release.zip' gpg: Signature made Tue 11 Aug 2020 21:02:34 IST gpg: using RSA key B26B2F5E93463E91E2F93D2478A3F0D70AE5308C gpg: Can't check signature: No public key Colm. On Wed, Aug 12, 2020 at 9:41 AM Tamás Cservenák <[email protected]> wrote: > +1 > > On Tue, Aug 11, 2020 at 11:47 PM Brian Demers <[email protected]> wrote: > > > This is a call to vote in favor of releasing Apache Shiro version 1.6.0. > > > > The 5 issues solved for 1.6.0: > > > > > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20SHIRO%20AND%20fixVersion%20%3D%201.6.0 > > > > The source to be voted upon: > > e2fcdf3753a9e1d37e8dbe89cd306d01f54fa712 - > > https://github.com/apache/shiro/tree/shiro-root-1.6.0-release-vote1 > > > > Staging repo for binaries: > > https://repository.apache.org/content/repositories/orgapacheshiro-1030 > > > > Project website (just for informational purposes, not to be voted upon): > > http://shiro.apache.org/ > > > > Guide to testing staged releases: > > http://maven.apache.org/guides/development/guide-testing-releases.html > > > > Vote open for 72 hours. Please do examine the source and binaries before > > voting. > > > > [ ] +1 > > [ ] +0 > > [ ] -1 (please include reasoning) > > >
