You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tika.apache.org by Tim Allison <ta...@apache.org> on 2023/12/01 17:25:37 UTC

[VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

A candidate for the Tika 3.0.0-BETA release is available at:
https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA

The release candidate is a zip archive of the sources in:
https://github.com/apache/tika/tree/3.0.0-BETA-rc1/

The SHA-512 checksum of the archive is
6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.

In addition, a staged maven repository is available here:
https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika

Please vote on releasing this package as Apache Tika 3.0.0-BETA.
The vote is open for the next 72 hours and passes if a majority of at
least three +1 Tika PMC votes are cast.

[ ] +1 Release this package as Apache Tika 3.0.0-BETA
[ ] -1 Do not release this package because..

[RESULT][VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

The vote has passed with three PMC +1s and no -1s.

+1s
Konstantin Gribov
Tilman Hausherr
Tim Allison

Thank you all. I'll try to push the artifacts and update the website
shortly.

Best,

        Tim

On Mon, Dec 11, 2023 at 3:45 PM Tim Allison <ta...@apache.org> wrote:

> Thank you, Konstantin!
>
> On Mon, Dec 11, 2023 at 2:22 PM Konstantin Gribov <gr...@gmail.com>
> wrote:
>
>> Hi, folks.
>>
>> All the checksums and PGP signatures seem fine to me.
>>
>> Just built Tika 3.0.0-BETA successfully with OpenJDK 17
>> (Temurin 17.0.9+9) on ArchLinux w/ Tesseract 5.3.3-1 and 1.83.1-1.
>>
>> It seems that solr-solrj 8.11.2 dependency in Solr Emitter brought
>> vulnerable logback-core 1.4.13 [1, 2] transitively via Zookeeper
>> dependency. Downstream user will likely either exclude Logback or use a
>> bare tika-emitter-solr jar alongside tika-server/tika-app.
>>
>> Even if user brings tika-emitter-solr with Maven, Gradle or another
>> dependency management solution with transitive dependencies to
>> successfully exploit CVE-2023-6481/CVE-2023-6378 user have to configure
>> receiver [3] to accept logs from remote systems AFICT.
>>
>> So, I say +1 and think that CVE-2023-6481 should be mentioned in the
>> announcement with note that if downstream project make use of Logback
>> centralized logging via receivers that may be vulnerable to this DoS attack.
>>
>> [1]:
>> https://ossindex.sonatype.org/vulnerability/CVE-2023-6481?component-type=maven&component-name=ch.qos.logback%2Flogback-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
>> [2]: https://logback.qos.ch/news.html#1.3.14
>> [3]: https://logback.qos.ch/manual/receivers.html
>>
>> --
>> Best regards,
>> Konstantin Gribov.
>>
>>
>> On Mon, Dec 11, 2023 at 5:47 PM Tim Allison <ta...@apache.org> wrote:
>>
>>> All,
>>> We have two +1s. We need another +1 for the release. If a fellow dev has
>>> the time to vote, please do!  Thank you.
>>>
>>>     Best,
>>>
>>>        Tim
>>>
>>> On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:
>>>
>>>> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would
>>>> another fellow dev be willing to vote? Thank you!
>>>>
>>>> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
>>>> wrote:
>>>>
>>>>> +1
>>>>>
>>>>> successful build on german windows 10 openjdk version "21.0.1"
>>>>> 2023-10-17 LTS
>>>>>
>>>>> Tilman
>>>>>
>>>>>
>>>>>
>>>>> On 01.12.2023 18:25, Tim Allison wrote:
>>>>> > A candidate for the Tika 3.0.0-BETA release is available at:
>>>>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>>>>> >
>>>>> > The release candidate is a zip archive of the sources in:
>>>>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>>>>> >
>>>>> > The SHA-512 checksum of the archive is
>>>>> >
>>>>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>>>>> >
>>>>> > In addition, a staged maven repository is available here:
>>>>> >
>>>>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>>>>> >
>>>>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>>>>> > The vote is open for the next 72 hours and passes if a majority of at
>>>>> > least three +1 Tika PMC votes are cast.
>>>>> >
>>>>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>>>>> > [ ] -1 Do not release this package because..
>>>>>
>>>>>
>>>>>

[RESULT][VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

The vote has passed with three PMC +1s and no -1s.

+1s
Konstantin Gribov
Tilman Hausherr
Tim Allison

Thank you all. I'll try to push the artifacts and update the website
shortly.

Best,

        Tim

On Mon, Dec 11, 2023 at 3:45 PM Tim Allison <ta...@apache.org> wrote:

> Thank you, Konstantin!
>
> On Mon, Dec 11, 2023 at 2:22 PM Konstantin Gribov <gr...@gmail.com>
> wrote:
>
>> Hi, folks.
>>
>> All the checksums and PGP signatures seem fine to me.
>>
>> Just built Tika 3.0.0-BETA successfully with OpenJDK 17
>> (Temurin 17.0.9+9) on ArchLinux w/ Tesseract 5.3.3-1 and 1.83.1-1.
>>
>> It seems that solr-solrj 8.11.2 dependency in Solr Emitter brought
>> vulnerable logback-core 1.4.13 [1, 2] transitively via Zookeeper
>> dependency. Downstream user will likely either exclude Logback or use a
>> bare tika-emitter-solr jar alongside tika-server/tika-app.
>>
>> Even if user brings tika-emitter-solr with Maven, Gradle or another
>> dependency management solution with transitive dependencies to
>> successfully exploit CVE-2023-6481/CVE-2023-6378 user have to configure
>> receiver [3] to accept logs from remote systems AFICT.
>>
>> So, I say +1 and think that CVE-2023-6481 should be mentioned in the
>> announcement with note that if downstream project make use of Logback
>> centralized logging via receivers that may be vulnerable to this DoS attack.
>>
>> [1]:
>> https://ossindex.sonatype.org/vulnerability/CVE-2023-6481?component-type=maven&component-name=ch.qos.logback%2Flogback-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
>> [2]: https://logback.qos.ch/news.html#1.3.14
>> [3]: https://logback.qos.ch/manual/receivers.html
>>
>> --
>> Best regards,
>> Konstantin Gribov.
>>
>>
>> On Mon, Dec 11, 2023 at 5:47 PM Tim Allison <ta...@apache.org> wrote:
>>
>>> All,
>>> We have two +1s. We need another +1 for the release. If a fellow dev has
>>> the time to vote, please do!  Thank you.
>>>
>>>     Best,
>>>
>>>        Tim
>>>
>>> On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:
>>>
>>>> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would
>>>> another fellow dev be willing to vote? Thank you!
>>>>
>>>> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
>>>> wrote:
>>>>
>>>>> +1
>>>>>
>>>>> successful build on german windows 10 openjdk version "21.0.1"
>>>>> 2023-10-17 LTS
>>>>>
>>>>> Tilman
>>>>>
>>>>>
>>>>>
>>>>> On 01.12.2023 18:25, Tim Allison wrote:
>>>>> > A candidate for the Tika 3.0.0-BETA release is available at:
>>>>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>>>>> >
>>>>> > The release candidate is a zip archive of the sources in:
>>>>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>>>>> >
>>>>> > The SHA-512 checksum of the archive is
>>>>> >
>>>>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>>>>> >
>>>>> > In addition, a staged maven repository is available here:
>>>>> >
>>>>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>>>>> >
>>>>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>>>>> > The vote is open for the next 72 hours and passes if a majority of at
>>>>> > least three +1 Tika PMC votes are cast.
>>>>> >
>>>>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>>>>> > [ ] -1 Do not release this package because..
>>>>>
>>>>>
>>>>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

Thank you, Konstantin!

On Mon, Dec 11, 2023 at 2:22 PM Konstantin Gribov <gr...@gmail.com> wrote:

> Hi, folks.
>
> All the checksums and PGP signatures seem fine to me.
>
> Just built Tika 3.0.0-BETA successfully with OpenJDK 17 (Temurin 17.0.9+9)
> on ArchLinux w/ Tesseract 5.3.3-1 and 1.83.1-1.
>
> It seems that solr-solrj 8.11.2 dependency in Solr Emitter brought
> vulnerable logback-core 1.4.13 [1, 2] transitively via Zookeeper
> dependency. Downstream user will likely either exclude Logback or use a
> bare tika-emitter-solr jar alongside tika-server/tika-app.
>
> Even if user brings tika-emitter-solr with Maven, Gradle or another
> dependency management solution with transitive dependencies to
> successfully exploit CVE-2023-6481/CVE-2023-6378 user have to configure
> receiver [3] to accept logs from remote systems AFICT.
>
> So, I say +1 and think that CVE-2023-6481 should be mentioned in the
> announcement with note that if downstream project make use of Logback
> centralized logging via receivers that may be vulnerable to this DoS attack.
>
> [1]:
> https://ossindex.sonatype.org/vulnerability/CVE-2023-6481?component-type=maven&component-name=ch.qos.logback%2Flogback-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
> [2]: https://logback.qos.ch/news.html#1.3.14
> [3]: https://logback.qos.ch/manual/receivers.html
>
> --
> Best regards,
> Konstantin Gribov.
>
>
> On Mon, Dec 11, 2023 at 5:47 PM Tim Allison <ta...@apache.org> wrote:
>
>> All,
>> We have two +1s. We need another +1 for the release. If a fellow dev has
>> the time to vote, please do!  Thank you.
>>
>>     Best,
>>
>>        Tim
>>
>> On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:
>>
>>> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would
>>> another fellow dev be willing to vote? Thank you!
>>>
>>> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
>>> wrote:
>>>
>>>> +1
>>>>
>>>> successful build on german windows 10 openjdk version "21.0.1"
>>>> 2023-10-17 LTS
>>>>
>>>> Tilman
>>>>
>>>>
>>>>
>>>> On 01.12.2023 18:25, Tim Allison wrote:
>>>> > A candidate for the Tika 3.0.0-BETA release is available at:
>>>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>>>> >
>>>> > The release candidate is a zip archive of the sources in:
>>>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>>>> >
>>>> > The SHA-512 checksum of the archive is
>>>> >
>>>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>>>> >
>>>> > In addition, a staged maven repository is available here:
>>>> >
>>>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>>>> >
>>>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>>>> > The vote is open for the next 72 hours and passes if a majority of at
>>>> > least three +1 Tika PMC votes are cast.
>>>> >
>>>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>>>> > [ ] -1 Do not release this package because..
>>>>
>>>>
>>>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

Thank you, Konstantin!

On Mon, Dec 11, 2023 at 2:22 PM Konstantin Gribov <gr...@gmail.com> wrote:

> Hi, folks.
>
> All the checksums and PGP signatures seem fine to me.
>
> Just built Tika 3.0.0-BETA successfully with OpenJDK 17 (Temurin 17.0.9+9)
> on ArchLinux w/ Tesseract 5.3.3-1 and 1.83.1-1.
>
> It seems that solr-solrj 8.11.2 dependency in Solr Emitter brought
> vulnerable logback-core 1.4.13 [1, 2] transitively via Zookeeper
> dependency. Downstream user will likely either exclude Logback or use a
> bare tika-emitter-solr jar alongside tika-server/tika-app.
>
> Even if user brings tika-emitter-solr with Maven, Gradle or another
> dependency management solution with transitive dependencies to
> successfully exploit CVE-2023-6481/CVE-2023-6378 user have to configure
> receiver [3] to accept logs from remote systems AFICT.
>
> So, I say +1 and think that CVE-2023-6481 should be mentioned in the
> announcement with note that if downstream project make use of Logback
> centralized logging via receivers that may be vulnerable to this DoS attack.
>
> [1]:
> https://ossindex.sonatype.org/vulnerability/CVE-2023-6481?component-type=maven&component-name=ch.qos.logback%2Flogback-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
> [2]: https://logback.qos.ch/news.html#1.3.14
> [3]: https://logback.qos.ch/manual/receivers.html
>
> --
> Best regards,
> Konstantin Gribov.
>
>
> On Mon, Dec 11, 2023 at 5:47 PM Tim Allison <ta...@apache.org> wrote:
>
>> All,
>> We have two +1s. We need another +1 for the release. If a fellow dev has
>> the time to vote, please do!  Thank you.
>>
>>     Best,
>>
>>        Tim
>>
>> On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:
>>
>>> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would
>>> another fellow dev be willing to vote? Thank you!
>>>
>>> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
>>> wrote:
>>>
>>>> +1
>>>>
>>>> successful build on german windows 10 openjdk version "21.0.1"
>>>> 2023-10-17 LTS
>>>>
>>>> Tilman
>>>>
>>>>
>>>>
>>>> On 01.12.2023 18:25, Tim Allison wrote:
>>>> > A candidate for the Tika 3.0.0-BETA release is available at:
>>>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>>>> >
>>>> > The release candidate is a zip archive of the sources in:
>>>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>>>> >
>>>> > The SHA-512 checksum of the archive is
>>>> >
>>>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>>>> >
>>>> > In addition, a staged maven repository is available here:
>>>> >
>>>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>>>> >
>>>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>>>> > The vote is open for the next 72 hours and passes if a majority of at
>>>> > least three +1 Tika PMC votes are cast.
>>>> >
>>>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>>>> > [ ] -1 Do not release this package because..
>>>>
>>>>
>>>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Konstantin Gribov <gr...@gmail.com>.

Hi, folks.

All the checksums and PGP signatures seem fine to me.

Just built Tika 3.0.0-BETA successfully with OpenJDK 17 (Temurin 17.0.9+9)
on ArchLinux w/ Tesseract 5.3.3-1 and 1.83.1-1.

It seems that solr-solrj 8.11.2 dependency in Solr Emitter brought
vulnerable logback-core 1.4.13 [1, 2] transitively via Zookeeper
dependency. Downstream user will likely either exclude Logback or use a
bare tika-emitter-solr jar alongside tika-server/tika-app.

Even if user brings tika-emitter-solr with Maven, Gradle or another
dependency management solution with transitive dependencies to
successfully exploit CVE-2023-6481/CVE-2023-6378 user have to configure
receiver [3] to accept logs from remote systems AFICT.

So, I say +1 and think that CVE-2023-6481 should be mentioned in the
announcement with note that if downstream project make use of Logback
centralized logging via receivers that may be vulnerable to this DoS attack.

[1]:
https://ossindex.sonatype.org/vulnerability/CVE-2023-6481?component-type=maven&component-name=ch.qos.logback%2Flogback-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[2]: https://logback.qos.ch/news.html#1.3.14
[3]: https://logback.qos.ch/manual/receivers.html

-- 
Best regards,
Konstantin Gribov.

On Mon, Dec 11, 2023 at 5:47 PM Tim Allison <ta...@apache.org> wrote:

> All,
> We have two +1s. We need another +1 for the release. If a fellow dev has
> the time to vote, please do!  Thank you.
>
>     Best,
>
>        Tim
>
> On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:
>
>> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would
>> another fellow dev be willing to vote? Thank you!
>>
>> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
>> wrote:
>>
>>> +1
>>>
>>> successful build on german windows 10 openjdk version "21.0.1"
>>> 2023-10-17 LTS
>>>
>>> Tilman
>>>
>>>
>>>
>>> On 01.12.2023 18:25, Tim Allison wrote:
>>> > A candidate for the Tika 3.0.0-BETA release is available at:
>>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>>> >
>>> > The release candidate is a zip archive of the sources in:
>>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>>> >
>>> > The SHA-512 checksum of the archive is
>>> >
>>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>>> >
>>> > In addition, a staged maven repository is available here:
>>> >
>>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>>> >
>>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>>> > The vote is open for the next 72 hours and passes if a majority of at
>>> > least three +1 Tika PMC votes are cast.
>>> >
>>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>>> > [ ] -1 Do not release this package because..
>>>
>>>
>>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Konstantin Gribov <gr...@gmail.com>.

Hi, folks.

All the checksums and PGP signatures seem fine to me.

Just built Tika 3.0.0-BETA successfully with OpenJDK 17 (Temurin 17.0.9+9)
on ArchLinux w/ Tesseract 5.3.3-1 and 1.83.1-1.

It seems that solr-solrj 8.11.2 dependency in Solr Emitter brought
vulnerable logback-core 1.4.13 [1, 2] transitively via Zookeeper
dependency. Downstream user will likely either exclude Logback or use a
bare tika-emitter-solr jar alongside tika-server/tika-app.

Even if user brings tika-emitter-solr with Maven, Gradle or another
dependency management solution with transitive dependencies to
successfully exploit CVE-2023-6481/CVE-2023-6378 user have to configure
receiver [3] to accept logs from remote systems AFICT.

So, I say +1 and think that CVE-2023-6481 should be mentioned in the
announcement with note that if downstream project make use of Logback
centralized logging via receivers that may be vulnerable to this DoS attack.

[1]:
https://ossindex.sonatype.org/vulnerability/CVE-2023-6481?component-type=maven&component-name=ch.qos.logback%2Flogback-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[2]: https://logback.qos.ch/news.html#1.3.14
[3]: https://logback.qos.ch/manual/receivers.html

-- 
Best regards,
Konstantin Gribov.

On Mon, Dec 11, 2023 at 5:47 PM Tim Allison <ta...@apache.org> wrote:

> All,
> We have two +1s. We need another +1 for the release. If a fellow dev has
> the time to vote, please do!  Thank you.
>
>     Best,
>
>        Tim
>
> On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:
>
>> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would
>> another fellow dev be willing to vote? Thank you!
>>
>> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
>> wrote:
>>
>>> +1
>>>
>>> successful build on german windows 10 openjdk version "21.0.1"
>>> 2023-10-17 LTS
>>>
>>> Tilman
>>>
>>>
>>>
>>> On 01.12.2023 18:25, Tim Allison wrote:
>>> > A candidate for the Tika 3.0.0-BETA release is available at:
>>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>>> >
>>> > The release candidate is a zip archive of the sources in:
>>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>>> >
>>> > The SHA-512 checksum of the archive is
>>> >
>>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>>> >
>>> > In addition, a staged maven repository is available here:
>>> >
>>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>>> >
>>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>>> > The vote is open for the next 72 hours and passes if a majority of at
>>> > least three +1 Tika PMC votes are cast.
>>> >
>>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>>> > [ ] -1 Do not release this package because..
>>>
>>>
>>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

All,
We have two +1s. We need another +1 for the release. If a fellow dev has
the time to vote, please do!  Thank you.

    Best,

       Tim

On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:

> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would another
> fellow dev be willing to vote? Thank you!
>
> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
> wrote:
>
>> +1
>>
>> successful build on german windows 10 openjdk version "21.0.1"
>> 2023-10-17 LTS
>>
>> Tilman
>>
>>
>>
>> On 01.12.2023 18:25, Tim Allison wrote:
>> > A candidate for the Tika 3.0.0-BETA release is available at:
>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>> >
>> > The release candidate is a zip archive of the sources in:
>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>> >
>> > The SHA-512 checksum of the archive is
>> >
>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>> >
>> > In addition, a staged maven repository is available here:
>> >
>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>> >
>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>> > The vote is open for the next 72 hours and passes if a majority of at
>> > least three +1 Tika PMC votes are cast.
>> >
>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>> > [ ] -1 Do not release this package because..
>>
>>
>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

All,
We have two +1s. We need another +1 for the release. If a fellow dev has
the time to vote, please do!  Thank you.

    Best,

       Tim

On Wed, Dec 6, 2023 at 3:17 PM Tim Allison <ta...@apache.org> wrote:

> Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would another
> fellow dev be willing to vote? Thank you!
>
> On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
> wrote:
>
>> +1
>>
>> successful build on german windows 10 openjdk version "21.0.1"
>> 2023-10-17 LTS
>>
>> Tilman
>>
>>
>>
>> On 01.12.2023 18:25, Tim Allison wrote:
>> > A candidate for the Tika 3.0.0-BETA release is available at:
>> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>> >
>> > The release candidate is a zip archive of the sources in:
>> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>> >
>> > The SHA-512 checksum of the archive is
>> >
>> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>> >
>> > In addition, a staged maven repository is available here:
>> >
>> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>> >
>> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
>> > The vote is open for the next 72 hours and passes if a majority of at
>> > least three +1 Tika PMC votes are cast.
>> >
>> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
>> > [ ] -1 Do not release this package because..
>>
>>
>>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would another
fellow dev be willing to vote? Thank you!

On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
wrote:

> +1
>
> successful build on german windows 10 openjdk version "21.0.1"
> 2023-10-17 LTS
>
> Tilman
>
>
>
> On 01.12.2023 18:25, Tim Allison wrote:
> > A candidate for the Tika 3.0.0-BETA release is available at:
> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
> >
> > The release candidate is a zip archive of the sources in:
> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
> >
> > The SHA-512 checksum of the archive is
> >
> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
> >
> > In addition, a staged maven repository is available here:
> >
> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
> >
> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
> > The vote is open for the next 72 hours and passes if a majority of at
> > least three +1 Tika PMC votes are cast.
> >
> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
> > [ ] -1 Do not release this package because..
>
>
>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tim Allison <ta...@apache.org>.

Oops, I forgot to include my +1 for this RC1 for 3.0.0-BETA. Would another
fellow dev be willing to vote? Thank you!

On Sat, Dec 2, 2023 at 5:39 AM Tilman Hausherr <TH...@t-online.de>
wrote:

> +1
>
> successful build on german windows 10 openjdk version "21.0.1"
> 2023-10-17 LTS
>
> Tilman
>
>
>
> On 01.12.2023 18:25, Tim Allison wrote:
> > A candidate for the Tika 3.0.0-BETA release is available at:
> > https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
> >
> > The release candidate is a zip archive of the sources in:
> > https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
> >
> > The SHA-512 checksum of the archive is
> >
> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
> >
> > In addition, a staged maven repository is available here:
> >
> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
> >
> > Please vote on releasing this package as Apache Tika 3.0.0-BETA.
> > The vote is open for the next 72 hours and passes if a majority of at
> > least three +1 Tika PMC votes are cast.
> >
> > [ ] +1 Release this package as Apache Tika 3.0.0-BETA
> > [ ] -1 Do not release this package because..
>
>
>

Re: [VOTE] Release Apache Tika 3.0.0-BETA Candidate #1

Posted by Tilman Hausherr <TH...@t-online.de>.

+1

successful build on german windows 10 openjdk version "21.0.1" 
2023-10-17 LTS

Tilman



On 01.12.2023 18:25, Tim Allison wrote:
> A candidate for the Tika 3.0.0-BETA release is available at:
> https://dist.apache.org/repos/dist/dev/tika/3.0.0-BETA
>
> The release candidate is a zip archive of the sources in:
> https://github.com/apache/tika/tree/3.0.0-BETA-rc1/
>
> The SHA-512 checksum of the archive is
> 6a98e19f73e0ccf9c902cf869fb50c0c7314231d1c83d3d84220846d6f46a3983087f6199b14c8bbc62dea54411c7f40d7cf5040efb1ce18b5fd4d61de059736.
>
> In addition, a staged maven repository is available here:
> https://repository.apache.org/content/repositories/orgapachetika-1097/org/apache/tika
>
> Please vote on releasing this package as Apache Tika 3.0.0-BETA.
> The vote is open for the next 72 hours and passes if a majority of at
> least three +1 Tika PMC votes are cast.
>
> [ ] +1 Release this package as Apache Tika 3.0.0-BETA
> [ ] -1 Do not release this package because..