Author: julianfoad Date: Mon Aug 13 11:55:24 2018 New Revision: 1837939 URL: http://svn.apache.org/viewvc?rev=1837939&view=rev Log: No longer produce SHA1 checksums for release tarballs.
Per ASF policy: https://www.apache.org/dev/release-distribution#sigs-and-sums * tools/dist/release.py (roll_tarballs): Don't create .sha1 files. (get_sha1info): Rename to 'get_fileinfo'. Only return filenames. (write_announcement): Don't fetch SHA1 info. (write_downloads): Track the rename. * tools/dist/templates/download.ezt, tools/dist/templates/rc-release-ann.ezt, tools/dist/templates/stable-release-ann.ezt Remove SHA1 listings. Modified: subversion/trunk/tools/dist/release.py subversion/trunk/tools/dist/templates/download.ezt subversion/trunk/tools/dist/templates/rc-release-ann.ezt subversion/trunk/tools/dist/templates/stable-release-ann.ezt Modified: subversion/trunk/tools/dist/release.py URL: http://svn.apache.org/viewvc/subversion/trunk/tools/dist/release.py?rev=1837939&r1=1837938&r2=1837939&view=diff ============================================================================== --- subversion/trunk/tools/dist/release.py (original) +++ subversion/trunk/tools/dist/release.py Mon Aug 13 11:55:24 2018 @@ -713,9 +713,6 @@ def roll_tarballs(args): filepath = os.path.join(get_tempdir(args.base_dir), filename) shutil.move(filepath, get_deploydir(args.base_dir)) filepath = os.path.join(get_deploydir(args.base_dir), filename) - m = hashlib.sha1() - m.update(open(filepath, 'r').read()) - open(filepath + '.sha1', 'w').write(m.hexdigest()) m = hashlib.sha512() m.update(open(filepath, 'r').read()) open(filepath + '.sha512', 'w').write(m.hexdigest()) @@ -996,35 +993,32 @@ def write_news(args): template.generate(sys.stdout, data) -def get_sha1info(args): - 'Return a list of sha1 info for the release' +def get_fileinfo(args): + 'Return a list of file info (filenames) for the release tarballs' target = get_target(args) - sha1s = glob.glob(os.path.join(target, 'subversion*-%s*.sha1' % args.version)) - sha1s.sort() + files = glob.glob(os.path.join(target, 'subversion*-%s*.asc' % args.version)) + files.sort() class info(object): pass - sha1info = [] - for s in sha1s: + fileinfo = [] + for f in files: i = info() - # strip ".sha1" - i.filename = os.path.basename(s)[:-5] - i.sha1 = open(s, 'r').read() - sha1info.append(i) + # strip ".asc" + i.filename = os.path.basename(f)[:-4] + fileinfo.append(i) - return sha1info + return fileinfo def write_announcement(args): 'Write the release announcement.' - sha1info = get_sha1info(args) siginfo = "\n".join(get_siginfo(args, True)) + "\n" data = { 'version' : str(args.version), - 'sha1info' : sha1info, 'siginfo' : siginfo, 'major-minor' : args.version.branch, 'major-minor-patch' : args.version.base, @@ -1054,10 +1048,10 @@ def write_announcement(args): def write_downloads(args): 'Output the download section of the website.' - sha1info = get_sha1info(args) + fileinfo = get_fileinfo(args) data = { 'version' : str(args.version), - 'fileinfo' : sha1info, + 'fileinfo' : fileinfo, } template = ezt.Template(compress_whitespace = False) Modified: subversion/trunk/tools/dist/templates/download.ezt URL: http://svn.apache.org/viewvc/subversion/trunk/tools/dist/templates/download.ezt?rev=1837939&r1=1837938&r2=1837939&view=diff ============================================================================== --- subversion/trunk/tools/dist/templates/download.ezt (original) +++ subversion/trunk/tools/dist/templates/download.ezt Mon Aug 13 11:55:24 2018 @@ -2,13 +2,11 @@ <table class="centered"> <tr> <th>File</th> - <th>Checksum (SHA1)</th> <th>Checksum (SHA512)</th> <th>Signatures</th> </tr> [for fileinfo]<tr> <td><a href="[[]preferred]subversion/[fileinfo.filename]">[fileinfo.filename]</a></td> - <td class="checksum">[fileinfo.sha1]</td> <!-- The sha512 line does not have a class="checksum" since the link needn't be rendered in monospace. --> <td>[<a href="https://www.apache.org/dist/subversion/[fileinfo.filename].sha512">SHA-512</a>]</td> Modified: subversion/trunk/tools/dist/templates/rc-release-ann.ezt URL: http://svn.apache.org/viewvc/subversion/trunk/tools/dist/templates/rc-release-ann.ezt?rev=1837939&r1=1837938&r2=1837939&view=diff ============================================================================== --- subversion/trunk/tools/dist/templates/rc-release-ann.ezt (original) +++ subversion/trunk/tools/dist/templates/rc-release-ann.ezt Mon Aug 13 11:55:24 2018 @@ -7,10 +7,6 @@ Please choose the mirror closest to you https://subversion.apache.org/download.cgi#[anchor] -The SHA1 checksums are: - -[for sha1info] [sha1info.sha1] [sha1info.filename] -[end] SHA-512 checksums are available at: https://www.apache.org/dist/subversion/subversion-[version].tar.bz2.sha512 Modified: subversion/trunk/tools/dist/templates/stable-release-ann.ezt URL: http://svn.apache.org/viewvc/subversion/trunk/tools/dist/templates/stable-release-ann.ezt?rev=1837939&r1=1837938&r2=1837939&view=diff ============================================================================== --- subversion/trunk/tools/dist/templates/stable-release-ann.ezt (original) +++ subversion/trunk/tools/dist/templates/stable-release-ann.ezt Mon Aug 13 11:55:24 2018 @@ -18,10 +18,6 @@ open source version control system. This is a stable bugfix release of the Apache Subversion open source version control system. [end][end] -The SHA1 checksums are: - -[for sha1info] [sha1info.sha1] [sha1info.filename] -[end] SHA-512 checksums are available at: https://www.apache.org/dist/subversion/subversion-[version].tar.bz2.sha512