ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Velmurugan Periasamy (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (RANGER-2241) Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1
Date Thu, 04 Oct 2018 19:12:00 GMT

     [ https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Velmurugan Periasamy updated RANGER-2241:
-----------------------------------------
    Description: 
Fix the release build scripts to conform to the Apache release guidelines surrounding hashes:

[http://www.apache.org/dev/release-distribution#sigs-and-sums]

<<<

For every artifact distributed to the public through Apache channels, the PMC
 * MUST supply a [valid|http://www.apache.org/dev/release-signing#verifying-signature] [OpenPGP-compatible
ASCII-armored detached signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] file
 * MUST supply at least one checksum file
 * SHOULD supply a [SHA-256 and/or SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum
file
 * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are deprecated)

 >>>

  was:
Fix the release build scripts to conform to the Apache release guidelines surrounding hashes:

[http://www.apache.org/dev/release-distribution#sigs-and-sums]

The names of signature and checksum files MUST be formed by adding to the

name of the artifact the following suffixes:

   - .asc for a (ASCII armored) PGP signature

   - .sha1 for a SHA-1 checksum

   - .sha256 for a SHA-256 checksum

   - .sha512 for a SHA-512 checksum

   - .md5 for a MD5 checksum

 


> Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove
sha1
> -----------------------------------------------------------------------------------------------
>
>                 Key: RANGER-2241
>                 URL: https://issues.apache.org/jira/browse/RANGER-2241
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>            Reporter: Colm O hEigeartaigh
>            Assignee: Velmurugan Periasamy
>            Priority: Major
>             Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines surrounding
hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> <<<
> For every artifact distributed to the public through Apache channels, the PMC
>  * MUST supply a [valid|http://www.apache.org/dev/release-signing#verifying-signature] [OpenPGP-compatible
ASCII-armored detached signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig] file
>  * MUST supply at least one checksum file
>  * SHOULD supply a [SHA-256 and/or SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum
file
>  * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are deprecated)
>  >>>



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message