+1 binding I checked * All links are good * checksums and signatures are ok * LiCENSE and NOTICE files are ok * Can run make setup and make dev to start it in macOS 11.5.2
On 2021/08/31 04:02:49, YuanSheng Wang <membp...@apache.org> wrote: > +1 binding > > Check list: > - Download links are fine > - Checksums is fine > - Signature is fine > - LICENSE and NOTICE files > > > > On Fri, Aug 27, 2021 at 3:29 PM Zexuan Luo <spacewan...@apache.org> wrote: > > > Anyway, > > +1 binding > > > > I checked: > > - Download links are valid > > - Checksums is valid > > - Signature is valid > > - LICENSE and NOTICE files > > - make setup successfully > > > > Zexuan Luo <spacewan...@apache.org> 于2021年8月27日周五 下午3:28写道: > > > > > > I got: > > > gpg --verify apisix-python-plugin-runner-0.1.0-src.tgz.asc > > > gpg: assuming signed data in 'apisix-python-plugin-runner-0.1.0-src.tgz' > > > gpg: Signature made 2021年08月26日 星期四 20时00分35秒 CST > > > gpg: using RSA key > > 147CD2ABFA330EC56E4BABF927263EFDC64AACA1 > > > gpg: Good signature from "JinChao Shuai <shuaijinc...@apache.org>" > > [unknown] > > > gpg: WARNING: This key is not certified with a trusted signature! > > > gpg: There is no indication that the signature belongs to the > > owner. > > > Primary key fingerprint: 147C D2AB FA33 0EC5 6E4B ABF9 2726 3EFD C64A > > ACA1 > > > > > > Look like we need to trust the new key: https://serverfault.com/a/569923 > > > > > > JinChao Shuai <shuaijinc...@apache.org> 于2021年8月27日周五 下午1:17写道: > > > > > > > > 2. Checksums and signatures steps > > > > The KEYS file download address is from > > > > wget https://dist.apache.org/repos/dist/release/apisix/KEYS > > > > Change to > > > > wget https://dist.apache.org/repos/dist/dev/apisix/KEYS > > > > Reload the public key via `gpg --import KEYS`, and then verify it. > > > > > > > > JinChao Shuai <shuaijinc...@apache.org> 于2021年8月27日周五 下午12:04写道: > > > > > > > > > KEYS has been updated, please download the KEYS file again, and > > import and > > > > > verify it through `gpg --import KEYS`. > > > > > > > > > > Zhiyuan Ju <juzhiy...@apache.org> 于2021年8月27日周五 上午11:17写道: > > > > > > > > > >> Hi, > > > > >> > > > > >> When I try to import KEYS and trust it, GPG tells me `No public > > key`, do I > > > > >> miss something? > > > > >> > > > > >> Best Regards! > > > > >> @ Zhiyuan Ju <https://github.com/juzhiyuan> > > > > >> > > > > >> > > > > >> Zexuan Luo <spacewan...@apache.org> 于2021年8月27日周五 上午11:13写道: > > > > >> > > > > >> > BTW, I have run "gpg --import KEYS" and confirmed that the key > > from > > > > >> > Jinchao Shuai doesn't change. > > > > >> > > > > > >> > Zexuan Luo <spacewan...@apache.org> 于2021年8月27日周五 上午11:02写道: > > > > >> > > > > > > >> > > I checked: > > > > >> > > - Download links are valid > > > > >> > > - Checksums is valid > > > > >> > > - LICENSE and NOTICE files > > > > >> > > - make setup successfully > > > > >> > > > > > > >> > > When I run "gpg --verify > > > > >> apisix-python-plugin-runner-0.1.0-src.tgz.asc", > > > > >> > I got: > > > > >> > > gpg: assuming signed data in > > > > >> 'apisix-python-plugin-runner-0.1.0-src.tgz' > > > > >> > > gpg: Signature made 2021年08月26日 星期四 20时00分35秒 CST > > > > >> > > gpg: using RSA key > > > > >> > 147CD2ABFA330EC56E4BABF927263EFDC64AACA1 > > > > >> > > gpg: Can't check signature: No public key > > > > >> > > > > > > >> > > Maybe I miss something? > > > > >> > > > > > >> > > > > > > > > > > > > > > > -- > > > > > Thanks, > > > > > Janko > > > > > > > > > > > > > > > > > -- > > > > Thanks, > > > > Janko > > > > > -- > > *MembPhis* > My GitHub: https://github.com/membphis > Apache APISIX: https://github.com/apache/apisix >
