Hi Stravya/Hao, It's strange, it looks like Firefox corrupts the ".sha" file when downloading it. When I download it via "wget" it's fine. I guess we can ignore this anyway.
Everything looks good, however I can't verify the signature on the release, as Hao's key is not included in: https://dist.apache.org/repos/dist/release/sentry/KEYS The only keys in there are: gpg: key 22E26224: public key "Shreepadma Venugopalan (CODE SIGNING KEY) < shreepa...@apache.org>" imported gpg: key 7D66174C: public key "Tuong Truong (CODE SIGNING KEY) < tuong.tru...@gmail.com>" imported gpg: key E2DE1E32: public key "gqshen (CODE SIGNING KEY) <gqs...@apache.org>" imported gpg: key AED7ED79: public key "Dapeng Sun (CODE SIGNING KEY) <s...@apache.org>" imported Colm. On Fri, Jun 3, 2016 at 9:43 PM, Sravya Tirukkovalur <sra...@cloudera.com> wrote: > I checked as well and sha seems fine to me too. @Colm what exactly do you > see ? > > +1 from me. > > Verified the following. > > - Made sure RCs are hosted @ > https://dist.apache.org/repos/dist/dev/sentry > - Is in format apache-$project-$version.tar.gz > - Verified Signatures and hashes. > - git tag matches the released bits (diff -rf) > - Can compile successfully from source > - Verified NOTICE has correct year > - All files have correct headers (Rat check is clean) > - No jar files in the release > > > Regards, > > On Fri, Jun 3, 2016 at 11:59 AM, Hao Hao <hao....@cloudera.com> wrote: > >> Hi Colm, >> >> Thanks for checking! But not sure how did you verify it? I downloaded the >> sha file and it seems look good to me: >> >> cat apache-sentry-1.7.0-src.tar.gz.sha >> 81c23908bc35e79a1a7c7e031cb904ee187f12bb apache-sentry-1.7.0-src.tar.gz >> >> Does anyone else give it a try? Thanks a lot! >> >> Best, >> Hao >> >> On Thu, Jun 2, 2016 at 7:57 AM, Colm O hEigeartaigh <cohei...@apache.org> >> wrote: >> >> > I think the ".sha" file is corrupted, it appears to contain binary data. >> > >> > Colm. >> > >> > On Thu, Jun 2, 2016 at 7:56 AM, Hao Hao <hao....@cloudera.com> wrote: >> > >> > > Hi all, >> > > >> > > This is the release of Apache Sentry, version 1.7.0. The list of fixed >> > > issues, added features and improvements can be found here: >> > > https://s.apache.org/FTD1 >> > > >> > > Source files: >> https://dist.apache.org/repos/dist/dev/sentry/1.7.0-rc0/ >> > > >> > > Tag to be voted on (rc0): >> > > >> > > >> > >> https://git-wip-us.apache.org/repos/asf?p=sentry.git;a=commit;h=735543e71d478f5bcd6be2b991ed26fc95abbb1b >> > > Sentry's KEYS containing the PGP key we used to sign the release: >> > > https://people.apache.org/keys/group/sentry.asc >> > > >> > > Note that this is a source only release and we are voting on the >> > > source: tag=release-1.7.0, >> SHA=735543e71d478f5bcd6be2b991ed26fc95abbb1b >> > > >> > > >> > > Vote will be open for 72 hours. >> > > >> > > [ ] +1 approve >> > > [ ] +0 no opinion >> > > [ ] -1 disapprove (and reason why) >> > > >> > > >> > > Thanks, >> > > Hao >> > > >> > >> > >> > >> > -- >> > Colm O hEigeartaigh >> > >> > Talend Community Coder >> > http://coders.talend.com >> > >> > > > > -- > Sravya Tirukkovalur > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
