Sorry for not voting yet. I gave it a try now, but hit a dead end. After downloading the artifacts from ATR, and verifying sigs, I wanted to spin up the MCP server and test it with a local solr. But there are no "smoke test" instructions provided, and trying the invocations described in README.md failed for me. I thought I had cracked the code when I found the PROFILES=http, and saw SpringBoot banner, but still just hanging, no help output, no --help, attempting http://localhost:8080 just gives HTTP 403 with no explanation.
So I cannot vote without having at least spun up the RC locally and see that the happy path is ok. Jan > 27. mai 2026 kl. 23:31 skrev Aditya Parikh <[email protected]>: > > +1 > > > Thanks, > Aditya > > On Wed, May 27, 2026 at 5:31 PM <[email protected]> wrote: > >> Hello Solr, >> >> I'd like to call a vote on releasing the following artifacts as >> Apache Solr MCP 1.0.0. This is a second attempt after the first attempt >> (vote thread >> https://lists.apache.org/thread/o8f1r1vbqt2c7jh9lgyk0ksv4clg7hlc) failed >> due to two potential security issues that were reported. >> >> These security issues have been evaluated as being under the "Response E: >> Reject — no authentication configured or behavior within expected role" as >> they are only impact a insecure Solr. Having said that, we have improved >> the security posture of solr-mcp by enabling security by default when run >> as a HTTP server. These are the improvements that resulted: >> * https://github.com/apache/solr-mcp/pull/126 >> * https://github.com/apache/solr-mcp/pull/119 >> >> This vote is being conducted using an >> Alpha version of the Apache Trusted Releases (ATR) platform. >> Please report any bugs or issues to the ASF Tooling team. >> >> The release candidate page, including downloads, can be found at: >> >> https://release-test.apache.org/vote/solr-mcp/1.0.0 >> >> The release artifacts are signed with one or more OpenPGP keys from: >> >> https://release-test.apache.org/downloads/solr/KEYS >> >> Please review the release candidate and vote accordingly. >> >> [ ] +1 Release this package >> [ ] +0 Abstain >> [ ] -1 Do not release this package (please provide specific comments) >> >> You can vote on ATR at the URL above, or manually by replying to this >> email. >> >> The vote is open for 120 hours. >> >> >> Thanks, >> Eric Pugh (epugh) >> >> This email was sent by [email protected] on the Apache Trusted Releases >> platform >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
