You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@groovy.apache.org by Cédric Champeau <ce...@gmail.com> on 2015/07/10 13:02:29 UTC

Keybase.io [Was] Re: [VOTE] Release Apache Groovy 2.4.4-incubating

Keybase is a website. Under the hood, you can use classic gpg (that's what
I do). See https://keybase.io/melix

2015-07-10 12:34 GMT+02:00 jim northrop <ja...@googlemail.com>:

> Cedric do u have a link to key base tools pls ?
>
>
> On Thursday, 9 July 2015, Cédric Champeau <ce...@gmail.com>
> wrote:
>
>> For the signature, I'm using keybase, which is a public web of trust.
>> Just click the link that the signature check gives you.
>>
>> 2015-07-09 23:17 GMT+02:00 Pascal Schumacher <pa...@gmx.net>:
>>
>>>  +1
>>>
>>> >gradle test dist
>>> BUILD SUCCESSFUL
>>>
>>> unziped binDist: groovysh runs; can compile and run a script
>>>
>>> signature looks o.k.:
>>> >gpg --verify apache-groovy-src-2.4.4-incubating.zip.asc
>>> apache-groovy-src-2.4.4-incubating.zip
>>> gpg: Signatur vom 07/09/15 22:06:32 Mitteleuropõische Sommerzeit mittels
>>> RSA-Schlüssel ID D6BDB924
>>> gpg: Korrekte Signatur von "keybase.io/melix <me...@keybase.io>"
>>> [unbekannt]
>>> gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur!
>>> gpg:          Es gibt keinen Hinweis, daß die Signatur wirklich dem
>>> vorgeblichen Besitzer gehört.
>>> Haupt-Fingerabdruck  = 3312 24E1 D7BE 883D 16E8  A685 825C 06C8 27AF 6B66
>>> Unter-Fingerabdruck  = 0191 E61A CBBE 7632 3AC1  5C83 B5AD 94BD D6BD B924
>>>
>>> I guess real name and trusted signature would be nice. ;)
>>>
>>> Big thanks to Cédric for doing the work.
>>>
>>> Cheers,
>>> Pascal
>>>
>>>
>>> Am 09.07.2015 um 22:29 schrieb Cédric Champeau:
>>>
>>> Dear community,
>>>
>>> This is our second attempt to release Apache Groovy 2.4.4 after a first
>>> missed released a few weeks ago. Since our last try, we fixed the problems
>>> that were highlighted by our mentors. In particular, we removed the last
>>> jars from the source distribution, we fixed the missing headers and
>>> relicensed the documentation to ALv2.
>>>
>>> The changelog for this release can be found here:
>>> <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941>
>>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941
>>>
>>> Tag for the release:
>>> https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=commit;h=716b0b1bd56eeab04e4441eecc91c2cd8bfda8b6
>>> <https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=tag;h=19f70958f39f0cc5c6b4d3e9471fd297400647d2>
>>>
>>> The artifacts to be voted on are located here:
>>> <http://people.apache.org/%7Ecchampeau/groovy/>
>>> http://people.apache.org/~cchampeau/groovy/
>>>
>>> Release artifacts are signed with the following keys:
>>> <http://people.apache.org/%7Ecchampeau/groovy/KEYS>
>>> http://people.apache.org/~cchampeau/groovy/KEYS
>>>
>>> It is expected that mentors or PPMC members check at least checksums and
>>> signatures, and of course much better if you can also verify the source
>>> package.
>>>
>>> Please vote on releasing this package as Apache Groovy 2.4.4-incubating.
>>>
>>> The vote is open for the next 72 hours and passes if a majority of at
>>> least three +1 PPMC votes are cast.
>>>
>>> [ ] +1 Release Apache Groovy 2.4.4-incubating
>>> [ ]  0 I don't have a strong opinion about this, but I assume it's ok
>>> [ ] -1 Do not release Apache Groovy 2.4.4-incubating because...
>>>
>>> Here is my vote:
>>>
>>> +1 (binding)
>>>
>>>
>>>
>>

Re: Keybase.io [Was] Re: [VOTE] Release Apache Groovy 2.4.4-incubating

Posted by ja...@googlemail.com.

This is wonderful! Merck beau coup 😉

Sent from my iPad

> On 10 Jul 2015, at 13:02, Cédric Champeau <ce...@gmail.com> wrote:
> 
> Keybase is a website. Under the hood, you can use classic gpg (that's what I do). See https://keybase.io/melix
> 
> 2015-07-10 12:34 GMT+02:00 jim northrop <ja...@googlemail.com>:
>> Cedric do u have a link to key base tools pls ?
>> 
>> 
>>> On Thursday, 9 July 2015, Cédric Champeau <ce...@gmail.com> wrote:
>>> For the signature, I'm using keybase, which is a public web of trust. Just click the link that the signature check gives you.
>>> 
>>> 2015-07-09 23:17 GMT+02:00 Pascal Schumacher <pa...@gmx.net>:
>>>> +1
>>>> 
>>>> >gradle test dist
>>>> BUILD SUCCESSFUL
>>>> 
>>>> unziped binDist: groovysh runs; can compile and run a script
>>>> 
>>>> signature looks o.k.:
>>>> >gpg --verify apache-groovy-src-2.4.4-incubating.zip.asc apache-groovy-src-2.4.4-incubating.zip
>>>> gpg: Signatur vom 07/09/15 22:06:32 Mitteleuropõische Sommerzeit mittels RSA-Schlüssel ID D6BDB924
>>>> gpg: Korrekte Signatur von "keybase.io/melix <me...@keybase.io>" [unbekannt]
>>>> gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur!
>>>> gpg:          Es gibt keinen Hinweis, daß die Signatur wirklich dem vorgeblichen Besitzer gehört.
>>>> Haupt-Fingerabdruck  = 3312 24E1 D7BE 883D 16E8  A685 825C 06C8 27AF 6B66
>>>> Unter-Fingerabdruck  = 0191 E61A CBBE 7632 3AC1  5C83 B5AD 94BD D6BD B924
>>>> 
>>>> I guess real name and trusted signature would be nice. ;)
>>>> 
>>>> Big thanks to Cédric for doing the work.
>>>> 
>>>> Cheers,
>>>> Pascal
>>>> 
>>>> 
>>>>> Am 09.07.2015 um 22:29 schrieb Cédric Champeau:
>>>>> Dear community,
>>>>> 
>>>>> This is our second attempt to release Apache Groovy 2.4.4 after a first missed released a few weeks ago. Since our last try, we fixed the problems that were highlighted by our mentors. In particular, we removed the last jars from the source distribution, we fixed the missing headers and relicensed the documentation to ALv2.
>>>>> 
>>>>> The changelog for this release can be found here: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941
>>>>> 
>>>>> Tag for the release: https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=commit;h=716b0b1bd56eeab04e4441eecc91c2cd8bfda8b6
>>>>> 
>>>>> The artifacts to be voted on are located here: http://people.apache.org/~cchampeau/groovy/
>>>>> 
>>>>> Release artifacts are signed with the following keys: http://people.apache.org/~cchampeau/groovy/KEYS
>>>>> 
>>>>> It is expected that mentors or PPMC members check at least checksums and signatures, and of course much better if you can also verify the source package.
>>>>> 
>>>>> Please vote on releasing this package as Apache Groovy 2.4.4-incubating.
>>>>> 
>>>>> The vote is open for the next 72 hours and passes if a majority of at least three +1 PPMC votes are cast.
>>>>> 
>>>>> [ ] +1 Release Apache Groovy 2.4.4-incubating
>>>>> [ ]  0 I don't have a strong opinion about this, but I assume it's ok
>>>>> [ ] -1 Do not release Apache Groovy 2.4.4-incubating because...
>>>>> 
>>>>> Here is my vote:
>>>>> 
>>>>> +1 (binding)
>