I'm happy to announce that we have unanimously approved this release. There are 4 approving votes, all of them are binding:
- Patrick Hunt (binding) - Mate Szalay-Beko (binding) - Tison (binding) - Andor Molnar (binding) There are no disapproving votes. I will promote the artifacts and complete the release procedure. Thanks to every one who contributed to this great release ! Andor > On Sep 17, 2025, at 16:49, Andor Molnar <[email protected]> wrote: > > +1 > > - verified checksums and signatures > - checkstyle, spotbugs, apache-rat run clean > - built the source code java and C on Mac OS 15.6.1 (Java 8) and Debian 11 > (Java 11) > - all Java and C unit tests passed (based on CI) > - built the C client and zkpython libs on Debian 11 > - created 3-node ensemble with and without TLS > - did some manual testing > - run zk-smoketests.py and zk-latency.py tests > > Thanks guys. > Mate, I’ll update the release notes page when publishing the release tomorrow. > > Thanks, > Andor > > > > >> On Sep 17, 2025, at 01:50, tison <[email protected]> wrote: >> >> +1 binding >> >> - [x] Download links are valid. >> - [x] Checksums and signatures. >> - [x] LICENSE/NOTICE files exist >> - [x] No unexpected binary files >> - [x] All source files have ASF headers >> - [x] Can compile from source >> - [x] Play some simple apps and all works well. >> >> Best, >> tison. >> >> Szalay-Bekő Máté <[email protected]> 于2025年9月16日周二 20:16写道: >>> >>> +1 (binding) >>> >>> I found only one problem with the RC when I compared the generated release >>> notes ( >>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/website/releasenotes.html) >>> with Jira ( >>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12354431) >>> and found two tickets that were missing from the release notes (please >>> check these): >>> - Bug: [ZOOKEEPER-4960] - Upgrade OWASP plugin to 12.1.3 due to recent >>> parsing errors >>> - Task: [ZOOKEEPER-4959] - Fix license files after logback/slf4j upgrade >>> I don't consider this to be a blocker for the RC, if we make sure to fix it >>> soon (so in our public website we should have the correct release notes by >>> the time we send out the notification about the release). >>> >>> WDYT? >>> >>> Also I was unable to run the owasp (CVE) check, because the online NVD >>> database is in maintenance currently. >>> But I saw that the branch-3.8.5 was passed on CI three days ago ( >>> https://ci-hadoop.apache.org/view/ZooKeeper/job/zookeeper-multi-branch-owasp/job/branch-3.8.5/) >>> >>> >>> >>> Other than these, everything worked. I did the following tests for the >>> release candidate: >>> - verified checksum and gpg signature of the artifacts >>> - I built the source code (incl. the C-client, using -Pfull-build) on >>> Ubuntu 22.04.4 using OpenJDK 8u402, maven 3.9.6 and GCC version 11.4.0 >>> - all the java unit tests passed for me >>> - I was unable to make all the C-client tests to succeed, but I think the >>> problem was on my machine. On Hadoop CI the tests for branch-3.9 were green >>> in the last 5 days. That daily job also tests the C-Client, so I think this >>> will be fine. >>> - I also built and executed unit tests for zkpython >>> - I also built the java code (without -Pfull-build) using other JDK >>> versions: 11.0.28, 17.0.16, 21.0.8, 23.0.2 (but didn't run the tests this >>> time, just used 'clean install -DskipTests') >>> - checkstyle and spotbugs passed >>> - apache-rat passed >>> - fatjar built >>> - I executed quick rolling-upgrade tests without SSL (using >>> https://github.com/symat/zk-rolling-upgrade-test): >>> - rolling upgrade from 3.6.4 to 3.8.5 RC0 >>> - rolling upgrade from 3.7.2 to 3.8.5 RC0 >>> - rolling upgrade from 3.8.4 to 3.8.5 RC0 >>> - rolling upgrade from 3.8.5 RC0 to 3.9.4 >>> - checked the uploaded documentation ( >>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/website/ >>> ) >>> >>> >>> Best regards, >>> Máté >>> >>> On Fri, Sep 12, 2025 at 11:55 PM Andor Molnar <[email protected]> wrote: >>> >>>> Thanks Pat! >>>> >>>> Folks, please take some time and validate the release. We need two more >>>> votes to release the candidate. >>>> >>>> Andor >>>> >>>> >>>> >>>> >>>>> On Sep 8, 2025, at 11:57, Patrick Hunt <[email protected]> wrote: >>>>> >>>>> +1 - I validated the checksums, compiled and ran some manual tests on a >>>>> distributed cluster, lgtm. >>>>> >>>>> Thanks, >>>>> >>>>> Patrick >>>>> >>>>> On Wed, Sep 3, 2025 at 3:03 PM Andor Molnar <[email protected]> wrote: >>>>> >>>>>> This is a release candidate for 3.8.5. >>>>>> >>>>>> This is a minor release with bug- and security fixes. Important to note >>>>>> that due to security issues we’ve upgraded logback to 1.3.15 and slf4j >>>> to >>>>>> 2.0.13. No ZooKeeper code changes have been involved in this upgrade, >>>> but >>>>>> the SLF4j upgrade was a major version increase, so keep an eye on that >>>>>> during your testing. >>>>>> >>>>>> The full release notes is available at: >>>>>> >>>>>> >>>>>> >>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12354431 >>>>>> >>>>>> *** Please download, test and vote by September 17th 2025, 23:59 UTC+0. >>>> (2 >>>>>> weeks) *** >>>>>> >>>>>> Source files: >>>>>> >>>>>> >>>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/ >>>>>> >>>>>> Maven staging repo: >>>>>> >>>> https://repository.apache.org/content/repositories/orgapachezookeeper-1111/ >>>>>> >>>>>> The release candidate tag in git to be voted upon: release-3.8.5-0 >>>>>> https://github.com/apache/zookeeper/tree/release-3.8.5-0 >>>>>> >>>>>> ZooKeeper's KEYS file containing PGP keys we use to sign the release: >>>>>> https://www.apache.org/dist/zookeeper/KEYS >>>>>> >>>>>> The staging version of the website is: >>>>>> >>>>>> >>>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.5-candidate-0/website/index.html >>>>>> >>>>>> Should we release this candidate? >>>>>> >>>>>> Andor >>>>>> >>>>>> >>>>>> >>>> >>>> >
