Great Job!! +1 Netanel Malka
On 2021/01/07 10:16:11, Jia Yu <ji...@apache.org> wrote: > Hi All, > > After a fruitful discussion about our first Apache Sedona release > 1.0.0-incubator, the release has been created. This is a call for vote to > release Apache Sedona (incubating) 1.0.0. > > Note that: the current sha1 and checksum verification of Sedona will > require us to manually download artifact jars, sha1, asc from > repository.apache.org 12 times each. It is very annoying. Please let me > know if you have any suggestions to speed up the process. > > Release note: > https://sedona.staged.apache.org/download/GeoSpark-All-Modules-Release-notes/#sedona-100 > > Build instructions: > https://sedona.staged.apache.org/download/compile/ > > Git tag: > https://github.com/apache/incubator-sedona/releases/tag/sedona-1.0.0-incubator > > Maven staging repository (search for "sedona", 12 artifacts in total): > https://repository.apache.org/#stagingRepositories > > Release Commit ID: > https://github.com/apache/incubator-sedona/commit/29f897bbcaf65aa5b5b28ea4e93c6b7e783d83a6 > > GPG public key to verify the Release: > https://gist.githubusercontent.com/jiayuasu/8b6cc263c538148490f7a090ee1dbeab/raw/09d3821e2794ddf22542f74c0db5195cf5c1ff49/gpg-public-key.gpg > > The vote will be open for at least 72 hours or until a majority of at least > 3 +1 PMC votes are cast > > Please vote accordingly: > > [ ] +1 approve > > [ ] +0 no opinion > > [ ] -1 disapprove with the reason > > Checklist for reference (because of DISCLAIMER-WIP, other checklist items > are not blockers): > > [ ] Download links are valid. > > [ ] Checksums and PGP signatures are valid. > > [ ] DISCLAIMER is included. > > [ ] Source code artifacts have correct names matching the current release. > > For a detailed checklist please refer to: > https://cwiki.apache.org/confluence/display/INCUBATOR/Incubator+Release+Checklist > > To verify the checksum, > 1. open https://repository.apache.org > 2 (1) click each release jar (12 in total) to see its current SHA1 (under > Artifact tab) (2) download .jar.sha1 to see the content of the uploaded > sha1. This two should match > > To verify the GPG key (12 in total), > gpg --import the-key-file > gpg --verify xxx.jar.asc xxx.jar > > You should see something like "gpg: Good signature from "Jia Yu (Arizona > State University Data Systems Lab) <jia...@asu.edu>" gpg: WARNING: This > key is not certified with a trusted signature!" > > Thanks, > Jia >