Thanks do much, Mick. I will do a quick update and release again soon.
Now vote is closing. Sheng Wu Apache SkyWalking From Wu Sheng 's phone. ------------------ Original ------------------ From: Mick Semb Wever <m...@apache.org> Date: Fri,Aug 31,2018 9:35 AM To: dev <dev@skywalking.apache.org> Subject: Re: [VOTE] Release Apache SkyWalking (incubating) version 5.0.0-RC > Voting will start now (2018/8/29 date) and will remain open for at least > 72 hours, Request all PPMC members to give their vote. > [ ] +1 Release this package. > [ ] +0 No opinion. > [ ] -1 Do not release this package because.... -1 The digests on the maven artefacts don't meet the new ASF release requirements. The distribution artefacts are good, only asc signatures and sha512 digests, as seen in https://dist.apache.org/repos/dist/dev/incubator/skywalking/5.0.0-RC/ But the artefacts in the maven staging repository don't have sha512 digests, and have the now forbidden md5 and sha1 digests. As seen in https://repository.apache.org/content/repositories/orgapacheskywalking-1017/org/apache/skywalking/agent-grpc-provider/5.0.0-RC/ The relevant ASF documentation is in https://www.apache.org/dev/release-distribution#sigs-and-sums specifically?? > For every artifact distributed to the public through Apache channels, the PMC > > - MUST supply a valid OpenPGP-compatible ASCII-armored detached signature > file > - MUST supply at least one checksum file > - SHOULD supply a SHA-256 and/or SHA-512 checksum file > - SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are > deprecated) > > For new releases, PMCs MUST supply SHA-256 and/or SHA-512; and SHOULD NOT > supply MD5 or SHA-1. Existing releases do not need to be changed. Upgrading to apache pom 21 should fix this. https://lists.apache.org/thread.html/ab0838d16033a54e039cf3dbe3344c7e63b340f0dbc14ad14211ff1d@%3Cannounce.maven.apache.org%3E regards, Mick
