Can you follow up with me on Slack? I looked at security@ going back to November and nothing stood out as Solr MCP specific. I know we had a couple of dependencies around the Spring AI libraries that we merged recently that maybe caused some issues.
On 2026/04/24 15:52:58 Jason Gerlowski wrote: > Hey Eric, > > I'll refer you to our "security@" mailing list for specifics, but in > general there have been a handful of reports on our "security@" > mailing list that relate to the "Solr MCP" project. > > I guess those have been relatively low-priority up to this point since > the "Solr MCP" project doesn't have any releases. But if you're > starting to consider an RC for Solr MCP 1.0, we probably need to > triage those reports. Maybe they'll end up being false-alarms, but > it'll be hard for folks to vote positively on an RC if there are > security questions that haven't even been investigated yet. > > Just a heads up / my 2c. > > Best, > > Jason > > > On Thu, Apr 23, 2026 at 3:39 PM David Eric Pugh via dev > <[email protected]> wrote: > > > > Hi all, > > Aditya and I are going to try and navigate using the Apache Trusted Release > > process to get a candidate 1.0 release of the Solr MCP project. We're > > getting some handholding tomorrow (Friday April 24) at 11 AM EST from some > > of the ASF Infra people (including the all important, how do I sign this > > thing?). > > I will post the zoom link in our slack channels if anyone wants to join and > > see how things go. > > If all goes well, you should see some emails about the release candidate. > > We still have some work to do on refactoring the documentation, but we have > > the candidate website ready to go once there is something to point to! > > I didn't want to surprise anyone. > > Eric > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
