This is a question mainly to mentors I guess: https://www.apache.org/legal/release-policy.html
...emphasises that: > Before casting +1 binding votes, individuals are REQUIRED to download all signed source code packages onto their own hardware, verify that they meet all requirements of ASF policy on releases as described below, validate all cryptographic signatures, compile as provided, and test the result on their own platform. Question: Is it frowned upon if project committers distribute to each other bash scripts to automate the individually performed review? I mean do we expect each individual to contribute some randomness and diversity, beyond just another hw and os platform? henrik
