Hey all, Quick comment on the release notes for v1.0.3.
This is my fault for not renaming the GitHub issue, but we actually upgraded the project all the way to Log4j 2.17.1 (see https://github.com/apache/helix/blob/helix-1.0.3/pom.xml#L457) whereas the release notes say "Upgrade Log4j to 2.16.0 to address CVE-2021-44228 (#1922)." Not a big deal, but just wanted to point it out in case anyone brings it up since Log4j has been such a hot topic. Thanks for the effort in getting a new release out! I'll be upgrading shortly. ~Brent On Mon, Apr 18, 2022 at 3:26 PM Junkai Xue <j...@apache.org> wrote: > Hi, > > This is to call for a vote on releasing the following candidate as > Apache Helix 1.0.3. This is the 24th release of Helix as an Apache > project, as well as the 20th release as a top-level Apache project. > > Apache Helix is a generic cluster management framework that makes it > easy to build partitioned and replicated, fault-tolerant and scalable > distributed systems. > > (*ATTENTION: Due to webpage publishing problem, we use source code for > release to unblock the Apache release. We are asking Apache Folks > helping us now!*) > Release notes: > https://github.com/apache/helix/blob/master/website/1.0.3/src/site/apt/releasenotes/release-1.0.3.apt > > Release artifacts: > https://repository.apache.org/content/repositories/orgapachehelix-1050 > > Distribution: > * binaries:https://dist.apache.org/repos/dist/dev/helix/1.0.3/binaries/ > * sources:https://dist.apache.org/repos/dist/dev/helix/1.0.3/src/ > > The [VERSION] release > tag: > https://gitbox.apache.org/repos/asf?p=helix.git;a=tag;h=refs/tags/helix-1.0.3 > > KEYS file available here:https://dist.apache.org/repos/dist/dev/helix/KEYS > > Please vote on the release. The vote will be open for at least 72 hours. > > [+1] -- "YES, release" > [0] -- "No opinion" > [-1] -- "NO, do not release" > > Thanks, > The Apache Helix Team >
