I hope we don’t have to create another RC because of this… Andor
> On 2019. Oct 9., at 18:08, Enrico Olivelli <eolive...@gmail.com> wrote: > > Il mer 9 ott 2019, 17:55 Jordan Zimmerman <jor...@jordanzimmerman.com> ha > scritto: > >> It's required by the Apache Release process: >> >> http://www.apache.org/dev/release-distribution < >> http://www.apache.org/dev/release-distribution> >> >> For every artifact distributed to the public through Apache channels, the >> PMC >> >> • MUST supply a valid OpenPGP-compatible ASCII-armored detached >> signature file >> • MUST supply at least one checksum file >> • SHOULD supply a SHA-256 and/or SHA-512 checksum file >> • SHOULD NOT supply a MD5 or SHA-1 checksum file (because these >> are deprecated) >> >> For new releases, PMCs MUST supply SHA-256 and/or SHA-512; and SHOULD NOT >> supply MD5 or SHA-1. Existing releases do not need to be changed. >> >>> On Oct 9, 2019, at 6:50 PM, Andor Molnar <an...@apache.org> wrote: >>> >>> Checking. >>> Why do we generated SHA512 sums for the gpg signatures? >>> Is that intentional? >> > > Good catch. > The build generated those files and I uploaded all of them to the staging > area. > > It happens when you run > mvn deploy -Papache-release > > I felt they are desirable. > > I will start another email thread. > > Enrico > >> >>> Andor >>> >>> >>> >>>> On 2019. Oct 8., at 22:36, Enrico Olivelli <eolive...@gmail.com> wrote: >>>> >>>> This is a bugfix release candidate for 3.5.6. >>>> >>>> It fixes 29 issues, including upgrade of third party libraries, >>>> TTL Node APIs for C API, support for PCKS12 Keystores, upgrade of Netty >> 4 >>>> and better procedure for the upgrade of servers from 3.4 to 3.5. >>>> >>>> The full release notes is available at: >>>> >>>> >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12345243 >>>> >>>> *** Please download, test and vote by October 11th 2019, 23:59 UTC+0. >> *** >>>> >>>> Source files: >>>> https://people.apache.org/~eolivelli/zookeeper-3.5.6-candidate-4 >>>> >>>> Maven staging repo: >>>> >> https://repository.apache.org/content/repositories/orgapachezookeeper-1044 >>>> >>>> The release candidate tag in git to be voted upon: release-3.5.6-rc4 >>>> https://github.com/apache/zookeeper/tree/release-3.5.6-rc4 >>>> >>>> ZooKeeper's KEYS file containing PGP keys we use to sign the release: >>>> https://www.apache.org/dist/zookeeper/KEYS >>>> >>>> Should we release this candidate? >>>> >>>> Enrico Olivelli
