flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frédéric THOMAS <webdoubl...@hotmail.com>
Subject RE: [VOTE] Release Apache Flex SDK Installer 2.7 - RC1
Date Tue, 22 Oct 2013 06:32:40 GMT
+1 binding

Win64 bits Installed the nightly built Apache Flex 4.11.0 FP 11.9 AIR 3.9
en_US -> ok
FB Integration -> ok

Note: would be nice if the required files to download would be pre-selected
by default.


-----Message d'origine-----
De : Justin Mclean [mailto:justin@classsoftware.com] 
Envoyé : mardi 22 octobre 2013 07:44
À : dev@flex.apache.org
Objet : Re: [VOTE] Release Apache Flex SDK Installer 2.7 - RC1


+1 binding 

Tested on OSX selected FP 11.9/AIR 3.9 en_AU locale

- Compiles
- rat report give 0 unknown licenses
- MD5 hash and sigs all good (but see below)

- Probably should default to 11.9/3.9 not 11.8/3.8
- README refer to 3.0 config file should be 3.1 config file
- README doesn't mention 2.7 re config file change or OSMF change but that
may be OK

Also while the signatures are good - not all are in the Apache web of trust.

gpg: Signature made Mon 21 Oct 18:35:40 2013 EST using RSA key ID C1708693
gpg: Good signature from "OmPrakash Muppirala (CODE SIGNING KEY)
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
Primary key fingerprint: BC1C AA3B 706B 8AB2 B901  5328 5C2B 8102 C170 8693

But I can match that with what's in the KEYS file in the sdk directory which
give it a certain level of trust. Perhaps the installer needs a KEYS file as
well to make it easier to check?

See Validating Authenticity of a Key here for more info:


View raw message