Hi, The newly added signature cannot be verified for the following reason:
gpg --verify apache-dubbo-js-4.0.0-source-release.zip.asc apache-dubbo-js-4.0.0-source-release.zip gpg: Signature made Tue Jul 6 23:32:10 2021 CST using RSA key ID 3EC3BDC3 gpg: Can't check signature: No public key > The artifacts have been signed with Key :35F44C444B811C10, which can be > found in the keys file: > > https://dist.apache.org/repos/dist/dev/dubbo/KEYS Seems like the key actually used is not the one stated in the voting thread? Jun > On Jul 6, 2021, at 11:38 PM, 胡锋 <[email protected]> wrote: > > Hi, > > I have fixed this problem and svn uploaded the signature file > > hufeng > > Justin Mclean <[email protected]> 于2021年7月6日周二 下午8:42写道: > >> Hi, >> >>> There’s no signature file under this directory. >> >> But that curl be easily fixed and the voting continue. >> >> Kind Regards, >> Justin
