+1 - verified checksums and signatures - checkstyle, spotbugs, apache-rat run clean - built the source code java and C on Mac OS 15.6.1 (Java 8) and Debian 11 (Java 11) - all Java and C unit tests passed (based on CI) - built the C client and zkpython libs on Debian 11 - created 3-node ensemble with and without TLS - did some manual testing - run zk-smoketests.py and zk-latency.py tests
Thanks guys. Mate, I’ll update the release notes page when publishing the release tomorrow. Thanks, Andor > On Sep 17, 2025, at 01:50, tison <[email protected]> wrote: > > +1 binding > > - [x] Download links are valid. > - [x] Checksums and signatures. > - [x] LICENSE/NOTICE files exist > - [x] No unexpected binary files > - [x] All source files have ASF headers > - [x] Can compile from source > - [x] Play some simple apps and all works well. > > Best, > tison. > > Szalay-Bekő Máté <[email protected]> 于2025年9月16日周二 20:16写道: >> >> +1 (binding) >> >> I found only one problem with the RC when I compared the generated release >> notes ( >> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/website/releasenotes.html) >> with Jira ( >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12354431) >> and found two tickets that were missing from the release notes (please >> check these): >> - Bug: [ZOOKEEPER-4960] - Upgrade OWASP plugin to 12.1.3 due to recent >> parsing errors >> - Task: [ZOOKEEPER-4959] - Fix license files after logback/slf4j upgrade >> I don't consider this to be a blocker for the RC, if we make sure to fix it >> soon (so in our public website we should have the correct release notes by >> the time we send out the notification about the release). >> >> WDYT? >> >> Also I was unable to run the owasp (CVE) check, because the online NVD >> database is in maintenance currently. >> But I saw that the branch-3.8.5 was passed on CI three days ago ( >> https://ci-hadoop.apache.org/view/ZooKeeper/job/zookeeper-multi-branch-owasp/job/branch-3.8.5/) >> >> >> >> Other than these, everything worked. I did the following tests for the >> release candidate: >> - verified checksum and gpg signature of the artifacts >> - I built the source code (incl. the C-client, using -Pfull-build) on >> Ubuntu 22.04.4 using OpenJDK 8u402, maven 3.9.6 and GCC version 11.4.0 >> - all the java unit tests passed for me >> - I was unable to make all the C-client tests to succeed, but I think the >> problem was on my machine. On Hadoop CI the tests for branch-3.9 were green >> in the last 5 days. That daily job also tests the C-Client, so I think this >> will be fine. >> - I also built and executed unit tests for zkpython >> - I also built the java code (without -Pfull-build) using other JDK >> versions: 11.0.28, 17.0.16, 21.0.8, 23.0.2 (but didn't run the tests this >> time, just used 'clean install -DskipTests') >> - checkstyle and spotbugs passed >> - apache-rat passed >> - fatjar built >> - I executed quick rolling-upgrade tests without SSL (using >> https://github.com/symat/zk-rolling-upgrade-test): >> - rolling upgrade from 3.6.4 to 3.8.5 RC0 >> - rolling upgrade from 3.7.2 to 3.8.5 RC0 >> - rolling upgrade from 3.8.4 to 3.8.5 RC0 >> - rolling upgrade from 3.8.5 RC0 to 3.9.4 >> - checked the uploaded documentation ( >> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/website/ >> ) >> >> >> Best regards, >> Máté >> >> On Fri, Sep 12, 2025 at 11:55 PM Andor Molnar <[email protected]> wrote: >> >>> Thanks Pat! >>> >>> Folks, please take some time and validate the release. We need two more >>> votes to release the candidate. >>> >>> Andor >>> >>> >>> >>> >>>> On Sep 8, 2025, at 11:57, Patrick Hunt <[email protected]> wrote: >>>> >>>> +1 - I validated the checksums, compiled and ran some manual tests on a >>>> distributed cluster, lgtm. >>>> >>>> Thanks, >>>> >>>> Patrick >>>> >>>> On Wed, Sep 3, 2025 at 3:03 PM Andor Molnar <[email protected]> wrote: >>>> >>>>> This is a release candidate for 3.8.5. >>>>> >>>>> This is a minor release with bug- and security fixes. Important to note >>>>> that due to security issues we’ve upgraded logback to 1.3.15 and slf4j >>> to >>>>> 2.0.13. No ZooKeeper code changes have been involved in this upgrade, >>> but >>>>> the SLF4j upgrade was a major version increase, so keep an eye on that >>>>> during your testing. >>>>> >>>>> The full release notes is available at: >>>>> >>>>> >>>>> >>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12354431 >>>>> >>>>> *** Please download, test and vote by September 17th 2025, 23:59 UTC+0. >>> (2 >>>>> weeks) *** >>>>> >>>>> Source files: >>>>> >>>>> >>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/ >>>>> >>>>> Maven staging repo: >>>>> >>> https://repository.apache.org/content/repositories/orgapachezookeeper-1111/ >>>>> >>>>> The release candidate tag in git to be voted upon: release-3.8.5-0 >>>>> https://github.com/apache/zookeeper/tree/release-3.8.5-0 >>>>> >>>>> ZooKeeper's KEYS file containing PGP keys we use to sign the release: >>>>> https://www.apache.org/dist/zookeeper/KEYS >>>>> >>>>> The staging version of the website is: >>>>> >>>>> >>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/website/index.html >>>>> >>>>> Should we release this candidate? >>>>> >>>>> Andor >>>>> >>>>> >>>>> >>> >>>
