Introduction¶

Once a Release has been staged on http://repository.apache.org it must be reviewed by each PMC member before casting his VOTE.

The following points need to be checked:

• is the GPG signature fine?
• is there a source archive?
• can the source archive really be built?
• is there a correct LICENSE and NOTICE file in each artifact (both source and binary artifacts)?
• does the NOTICE file contain all necessary attributions?
• check the dependencies. We must not have any GPL dependencies and LGPL only if they are optional, etc! See http://www.apache.org/legal/3party.html
• do all the tests work?
• if there is a TCK to run, does it succeed?
• if there is a tag in the SCM, does it contain reproduceable sources?