Thanks Tim, makes sense. I missed we have moved to SHA1. I looked into the release and it looks fine for me.
+1! On Mon, Aug 17, 2015, at 11:01, Tim Barham wrote: > Hah, good question :) ... It's an SHA-1, so... > > gpg --print-md SHA1 ripple-emulator-0.9.32-incubating.tgz > > For previous releases I had used a 512 bit SHA-2 (which is what "gpg > --print-md SHA512" gives you), but since Bertrand (Delacretaz) requested > we include an SHA-1 in our vote emails, and all the Apache projects I > checked (other than Cordova) were using SHA-1 not 512 bit SHA-2, and it's > a lot easier to quickly check visually (because it's shorter), while > still providing very good security, it seemed like it would be the > simplest thing to do to generate an SHA-1 file, and include the same hash > in the vote emails. > > Tim > > -----Original Message----- > From: Christian Grobmeier [mailto:[email protected]] > Sent: Monday, August 17, 2015 5:35 PM > To: [email protected] > Subject: Re: [VOTE] Ripple release 0.9.32 > > Sorry to ask, but how do you create that SHA? > > gpg --print-md SHA512 ripple-emulator-0.9.32-incubating.tgz > ripple-emulator-0.9.32-incubating.tgz: 00629F87 82450176 C3F55E23 > 5968B7A5 > ABFABD9D 2189D424 2C4B4A67 > 3D4681C5 > 7F1020B8 F9822F1D 7A3FFB50 > AFEA5ACF > EBEBBEF8 1EBCED9C 3E882723 > D5B39096 > > But: > > cat ripple-emulator-0.9.32-incubating.tgz.sha1 > 63a997594e4f08df8d48a644962b47bee4efd91e > *ripple-emulator-0.9.32-incubating.tgz > > Thanks! > > Christian > -- > Christian Grobmeier > > https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.grobmeier.de&data=01%7c01%7cTBARHAM%40064d.mgd.microsoft.com%7cfefd12b0ba464c7b8a9608d2a6d65cda%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=ueuVV3LT96t1VTFAdegfisybhvJ4By1GkSfGN44rnDw%3d > > https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.timeandbill.de&data=01%7c01%7cTBARHAM%40064d.mgd.microsoft.com%7cfefd12b0ba464c7b8a9608d2a6d65cda%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=XDB4aY4X7dPdy%2f%2bl1JwO0jbzCFWgyoi9eHluIZKbIrA%3d > > On Mon, Aug 17, 2015, at 07:48, Tim Barham wrote: > > [Since 0.9.31 was a bust because of a regression, here is another > > release that includes a fix for that regression (and a couple of other > > minor fixes)] > > > > Please review and vote on the release of Ripple 0.9.32. > > > > The package you are voting on is available for review at > > https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fdist. > > apache.org%2frepos%2fdist%2fdev%2fincubator%2fripple%2f.&data=01%7c01%7cTBARHAM%40064d.mgd.microsoft.com%7cfefd12b0ba464c7b8a9608d2a6d65cda%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=7SYfTw19CH7OXPps%2fXnHtOs4ZuCqt2XsXFZOR2aQWpo%3d > > The SHA-1 hash for the package is: > > > > 63a997594e4f08df8d48a644962b47bee4efd91e > > > > It was published from its corresponding git tag: > > > > incubator-ripple: 0.9.32 (f8c6a0bc99) > > > > While we need three +1 *binding* votes (which for an Apache Incubator > > project like Ripple means Apache IPMC members), active Ripple > > contributors and committers/PPMC members are still encouraged to > > review the release and vote. Before voting +1, please refer to and > > verify compliance with the checklist at > > https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fincuba > > tor.apache.org%2fguides%2freleasemanagement.html%23check-list&data=01% > > 7c01%7cTBARHAM%40064d.mgd.microsoft.com%7cfefd12b0ba464c7b8a9608d2a6d6 > > 5cda%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=mVviFf8dYfZFTD2Geu25 > > Y34qUPb9Xo7W%2fOLPY4TIMJI%3d (however, we only need to consider > > changes since the previous release). > > > > If you do vote +1, please include the steps you took in order to be > > confident the release meets requirements. > > > > Upon a successful vote, I will upload the archive to > > dist/release/incubator/ripple and publish it to NPM. > > > > I vote +1: > > * Verified license headers with Apache RAT (using 'jake rat'). > > * Manually verified there were no new source files that need license > > headers, nor new third party dependencies that needed to have license > > information included in the LICENSE file. > > * Verified the build works and all tests pass. > > * Manually tested all changes that have been made since the last release. > > > > Thanks! > > > > Tim > >
