Hi all, Recently the releases became available via the official repositories on Github:
- https://github.com/apache/ofbiz-framework/releases - https://github.com/apache/ofbiz-plugins/releases I tried to verify these with the function available in the ofbiz-tools rep, like: ../dev/asf/ofbiz/ofbiz-tools/verify-ofbiz-release.sh ofbiz-framework-release17.12.01.zip With following result: skipping sha check! (sha checksum file ofbiz-framework-release17.12.01.zip.sha512 not found)skipping signature check! (signature file ofbiz-framework-release17.12.01.zip.asc not found) This is not a good sign reputation wise. With the availability of releases on Github, and our new contribution methodology through Git and Github more people will become aware and download it from there. We must ensure that these files can be verified regarding authenticity. Met vriendelijke groet, Pierre Smits *Proud* *contributor** of* Apache OFBiz <https://ofbiz.apache.org/> since 2008 (without privileges) *Apache Trafodion <https://trafodion.apache.org>, Vice President* *Apache Directory <https://directory.apache.org>, PMC Member* Apache Incubator <https://incubator.apache.org>, committer Apache Steve <https://steve.apache.org>, committer
