Does this commit preparing for 4.2 include the appropriate fixes needed to meet Apache Release Distribution Policy? [1]
>> Download Links: http://echarts.apache.org/download >> <http://echarts.apache.org/download> > > The download page does not use the ASF mirror system, there are no > links to KEYS, sigs or hashes and no details on why/how to verify > downloads using sigs or hashes. > > Also the online builder is clever, but does not provide any download > verification. The download link policy can be found here [2] with the signatures and checksum policy here [3] Regards, Dave [1] https://www.apache.org/dev/release-distribution [2] https://www.apache.org/dev/release-distribution#download-links [3] https://www.apache.org/dev/release-distribution#sigs-and-sums
signature.asc
Description: Message signed with OpenPGP
