+1
Thanks, Aditya On Wed, May 27, 2026 at 5:31 PM <[email protected]> wrote: > Hello Solr, > > I'd like to call a vote on releasing the following artifacts as > Apache Solr MCP 1.0.0. This is a second attempt after the first attempt > (vote thread > https://lists.apache.org/thread/o8f1r1vbqt2c7jh9lgyk0ksv4clg7hlc) failed > due to two potential security issues that were reported. > > These security issues have been evaluated as being under the "Response E: > Reject — no authentication configured or behavior within expected role" as > they are only impact a insecure Solr. Having said that, we have improved > the security posture of solr-mcp by enabling security by default when run > as a HTTP server. These are the improvements that resulted: > * https://github.com/apache/solr-mcp/pull/126 > * https://github.com/apache/solr-mcp/pull/119 > > This vote is being conducted using an > Alpha version of the Apache Trusted Releases (ATR) platform. > Please report any bugs or issues to the ASF Tooling team. > > The release candidate page, including downloads, can be found at: > > https://release-test.apache.org/vote/solr-mcp/1.0.0 > > The release artifacts are signed with one or more OpenPGP keys from: > > https://release-test.apache.org/downloads/solr/KEYS > > Please review the release candidate and vote accordingly. > > [ ] +1 Release this package > [ ] +0 Abstain > [ ] -1 Do not release this package (please provide specific comments) > > You can vote on ATR at the URL above, or manually by replying to this > email. > > The vote is open for 120 hours. > > > Thanks, > Eric Pugh (epugh) > > This email was sent by [email protected] on the Apache Trusted Releases > platform > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
