[x] +1 Release these artifacts
Build passing from tag, with `mvn clean install site`, on:
Apache Maven 3.5.4 (1edded0938998edf8bf061f1ceb3cfdeccf443fe;
2018-06-18T06:33:14+12:00)
Maven home: /opt/apache-maven-3.5.4
Java version: 1.8.0_252, vendor: Private Build, runtime:
May I get more reviews please?
Gary
On Sun, Jul 12, 2020 at 9:42 AM Gary Gregory wrote:
> We have fixed quite a few bugs and added some significant enhancements
> since Apache Commons Lang 3.10 was released, so I would like to release
> Apache Commons Lang 3.11.
>
> Apache Commons Lang 3.11
My +1
Gary
On Sun, Jul 12, 2020 at 9:42 AM Gary Gregory wrote:
> We have fixed quite a few bugs and added some significant enhancements
> since Apache Commons Lang 3.10 was released, so I would like to release
> Apache Commons Lang 3.11.
>
> Apache Commons Lang 3.11 RC2 is available for review
+1 (non binding)
built from sources and run tests (Fedora + AdoptOpenJDK14)
tested with a few projects
checked sigs and checksums
Enrico
Il giorno mar 14 lug 2020 alle ore 02:58 Rob Tompkins
ha scritto:
> +1
>
> Validated Java 8 and Java 11
>
> Validated signatures - working on a signature
+1
Validated Java 8 and Java 11
Validated signatures - working on a signature validation shell script (still in
progress
https://github.com/chtompki/notes/blob/master/commons-release-validation/mover-downloader-and-validator.sh
On Mon, 13 Jul 2020 at 15:15, Matt Sicker wrote:
>
> I'm still of the opinion that verifying the GPG signature is logically
> sufficient since they include the message digest by nature of how they
> work. It is particularly useful because .asc files can be safely
> mirrored unlike checksum files
I'm still of the opinion that verifying the GPG signature is logically
sufficient since they include the message digest by nature of how they
work. It is particularly useful because .asc files can be safely
mirrored unlike checksum files which can be maliciously modified.
On Sun, 12 Jul 2020 at
given the consistency of the signatures from the plugins…do we need to check
them for releases anymore? I have been using shell scripts to validate all of
the md5’s, sha1’s, sha512’s, and gpg signatures that come out of the process.
@sebb or @markt do you have an opinion here?
-Rob
> On Jul
We have fixed quite a few bugs and added some significant enhancements
since Apache Commons Lang 3.10 was released, so I would like to release
Apache Commons Lang 3.11.
Apache Commons Lang 3.11 RC2 is available for review here:
https://dist.apache.org/repos/dist/dev/commons/lang/3.11-RC2 (svn