+1 (binding)
Thanks for putting this together, Guangxu!
* xsums/sigs are great
* RAT check passes on src release
* Can run unit tests (against 2.3.7, 2.4.4, 2.4.8)
* Can build from source
* CHANGES and RELEASENOTES look fine at a glance
* Public key published in KEYS
* Verified log4j2.16 is in the binary release (both as a jar and shaded
inside hbase-hbck)
- Josh
On 12/14/21 10:32 PM, Guangxu Cheng wrote:
Please vote on this Apache hbase operator tools release candidate,
hbase-operator-tools-1.2.0RC0
The VOTE will remain open for at least 72 hours.
[ ] +1 Release this package as Apache hbase operator tools 1.2.0
[ ] -1 Do not release this package because ...
The tag to be voted on is 1.2.0RC0:
https://github.com/apache/hbase-operator-tools/tree/1.2.0RC0
This tag currently points to git reference
76d68624cebb66ec0e509b0a4c0d96445a601685
The release files, including signatures, digests, as well as CHANGES.md
and RELEASENOTES.md included in this RC can be found at:
https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC0/
Maven artifacts are available in a staging repository at:
https://repository.apache.org/content/repositories/orgapachehbase-1474/
Artifacts were signed with the 5EF3A66D57EC647A key which can be found in:
https://dist.apache.org/repos/dist/release/hbase/KEYS
hbase-operator-tools 1.2.0 contains a critical security fix for addressing
the log4j2
CVE-2021-44228. All users who use hbase-operator-tools should upgrade
to hbase-operator-tools 1.2.0 ASAP.
To learn more about Apache hbase operator tools, please see
http://hbase.apache.org/
Thanks,
Your HBase Release Manager
------
Best Regards,
Guangxu