+1 I have checked: 1.NOTICE and LICENSE file exist 2.release note looks ok 3.sha512 is correct 4.git tag is correct 5.source code can build in my PC with nodejs 10
one small issue: I can see __MACOSX and .DS_Store in zip ,those should not be included in here. On Fri, Jul 16, 2021 at 2:37 PM 胡锋 <[email protected]> wrote: > > Hi, > > I have updated the latest keys file and uploaded it to the svn repository. > > Key :6C763D903EC3BDC3 > > Jun Liu <[email protected]> 于2021年7月12日周一 上午10:56写道: > > > Hi, > > > > The newly added signature cannot be verified for the following reason: > > > > gpg --verify apache-dubbo-js-4.0.0-source-release.zip.asc > > apache-dubbo-js-4.0.0-source-release.zip > > gpg: Signature made Tue Jul 6 23:32:10 2021 CST using RSA key ID 3EC3BDC3 > > gpg: Can't check signature: No public key > > > > > The artifacts have been signed with Key :35F44C444B811C10, which can be > > > found in the keys file: > > > > > > https://dist.apache.org/repos/dist/dev/dubbo/KEYS > > > > Seems like the key actually used is not the one stated in the voting > > thread? > > > > Jun > > > > > On Jul 6, 2021, at 11:38 PM, 胡锋 <[email protected]> wrote: > > > > > > Hi, > > > > > > I have fixed this problem and svn uploaded the signature file > > > > > > hufeng > > > > > > Justin Mclean <[email protected]> 于2021年7月6日周二 下午8:42写道: > > > > > >> Hi, > > >> > > >>> There’s no signature file under this directory. > > >> > > >> But that curl be easily fixed and the voting continue. > > >> > > >> Kind Regards, > > >> Justin > > > >
