On Tue, 14 Jul 2026 at 18:38, Branko Čibej <[email protected]> wrote:
> On 14. 7. 2026 17:21, Ivan Zhakov wrote: > > On Tue, 14 Jul 2026 at 18:10, Branko Čibej <[email protected]> wrote: > >> On 14. 7. 2026 15:33, Ivan Zhakov wrote: >> >> On Tue, 14 Jul 2026 at 16:24, Branko Čibej <[email protected]> wrote: >> >>> On 13. 7. 2026 19:34, Ivan Zhakov wrote: >>> >>> On Mon, 13 Jul 2026 at 14:38, Evgeny Kotkov via dev < >>> [email protected]> wrote: >>> >>>> The 1.15.0-rc3 release artifacts are now available for testing/signing. >>>> Please get the tarballs from >>>> https://dist.apache.org/repos/dist/dev/subversion >>>> and add your signatures there. >>>> >>>> Summary: >>> >>> +1 to release. >>> >>> Platform: >>> >>> Windows 11 Version 10.0.26200.8737 (x64) >>> >>> Tested: >>> >>> [ fsfs ] x [ file | svn | http v2] x [x64] >>> >>> Results: >>> >>> All Tests Pass. >>> >>> Dependencies: >>> >>> - APR 1.7.6 (compiled with 1.7.6) >>> - APR-Util 1.6.3 (compiled with 1.6.3) >>> - Expat 2.8.2 (compiled with 2.8.2) >>> - SQLite 3.41.2 (static) >>> - Utf8proc 2.1.0 (compiled with 2.1.0) >>> - ZLib 1.3.2 (compiled with 1.3.2) >>> - LZ4 1.7.5 (compiled with 1.7.5) >>> >>> Build tools: >>> >>> MSVC v14.29-16.11 + vcxproj >>> >>> -- >>> Ivan Zhakov >>> >>> >>> Ivan, did you forget to sign the tarballs? I didn't find your signatures. >>> >>> >> I didn't sign the tarballs yet. I need to recover my key or generate new >> one. I am working on it :) >> >> >> Ah, right, oops. To recover it, all you need is a working quantum >> computer and a couple weeks' time. >> > Yup. Another option is just ask NSA for their copy ;) > > >> Or a supercomputer and a couple decades. To generate a new one, you need >> 10 minutes. Good luck! :D >> >> I decided to go this route. But it seems I need to wait 24h wait ASF will > fetched updated key [1]: > > [1]: https://people.apache.org/keys/ > > > > When I generated my new signing key, I just added it to KEYS myself. Added > the fingerprint on id.apache.org but that's it. And I left my previous > key in KEYS since I used it to sign older releases. > > I have updated fingerprint on id.apache.org, but it took 24h to get KEYS files updated. I see that my key file on https://people.apache.org/keys/ is updated now. > I have added my signatures for the subversion-1.15.0-rc3.zip tarball. I am not sure if I should add my signature for Unix tarballs because I only checked Windows one. -- Ivan Zhakov

