cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jesse <purplecabb...@gmail.com>
Subject Re: SHA512 does not match
Date Tue, 12 May 2015 08:32:46 GMT
Thanks Alexander!
I can confirm that this worked for me.  On a mac, I
renamed cordova-plugin-vibration-1.1.0.tgz.sha
-> cordova-plugin-vibration-1.1.0.tgz.sha.zip then double clicked it in
Finder.

Primary key fingerprint: EBAC 6409 FA2F 2FCF A42C  1080 3843 B8F9 FFCA 68BE

*./* ============================= Computing MD5 for:
/Repos/cordova/tempVibeVote/cordova-plugin-vibration-1.1.0.tgz

*./* ============================= Computing SHA512 for:
/Repos/cordova/tempVibeVote/cordova-plugin-vibration-1.1.0.tgz

*./* =============================
/Repos/cordova/tempVibeVote/cordova-plugin-vibration-1.1.0.tgz signature
and hashes verified.

*./* ============================= Verified 1 signatures and hashes.

@purplecabbage
risingj.com

On Tue, May 12, 2015 at 12:59 AM, Alexander Sorokin (Akvelon) <
v-alsoro@microsoft.com> wrote:

> Hi Murat.
>
> This issue (not matching SHA512) is happening because your downloaded .sha
> file is compressed for some reason. Try to decompress it using, for
> example, 7zip.
>
> Regards,
> Alexander Sorokin
>
> -----Original Message-----
> From: Murat Sutunc [mailto:muratsu@microsoft.com]
> Sent: Tuesday, May 12, 2015 3:20
> To: dev@cordova.apache.org
> Subject: RE: [VOTE] cordova-plugin-vibration release
>
> Sorry to hijack this thread but this is my first time verifying a release
> and I've some questions before signing off..
>
> 1) I was looking at the coho docs but wasn't able to figure out how to
> download a release from dist/dev. Any tips?
> 2) For now I've manually copied the tgz files from the dist.apache and ran
> my validation. I've ran into the following issue, is it expected?
>
> C:\Users\muratsu\Desktop\plugin>coho verify-archive
> cordova-plugin-vibration-1.1.0.tgz
> Running from c:\dev
> ./ ============================= Executing: gpg --verify
> C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz.asc
> C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz
> gpg: Signature made 05/07/15 17:24:14 Pacific Daylight Time using RSA key
> ID FFCA68BE
> gpg: Good signature from "Steve Gill (code signing key) <steven@apache.org>"
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: EBAC 6409 FA2F 2FCF A42C  1080 3843 B8F9 FFCA
> 68BE ./ ============================= Computing MD5 for:
> C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz
> ./ ============================= Computing SHA512 for:
> C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz
> SHA512 does not match.
>
> Other than this issue, changes look good to me. +1
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message