All,
>It is ok to include the sha512 checksums in text on the page but you also need
>an https link to the checksum.
It feels from the above like the checksums on the page are ok, but
what really matters are the checksums via the https links. If this is
the case, would anyone object to getting rid of the checksums on our
webpage and just using the https links? This would same a tedious
manual step of updating the website w each release.
Thank you.
Cheers,
Tim
On Wed, Sep 19, 2018 at 1:25 PM Craig Russell <apache....@gmail.com> wrote:
>
> Hi Tim,
>
> Download page looks good now. Thanks for taking care of this so expeditiously.
>
> Regards,
>
> Craig
>
> On Sep 19, 2018, at 8:35 AM, Tim Allison <talli...@apache.org> wrote:
>
> Accidentally dropped Craig in the last email. Doh!
>
> Craig,
>
> I just fixed our downloads page...I think. Let me know if we need to
> do anything else...or if I botched anything in the announcement email.
>
> Thank you, again.
> On Wed, Sep 19, 2018 at 11:10 AM Tim Allison <talli...@apache.org> wrote:
>
>
> Thank you, Craig.
>
> To confirm, I got the info right in the announcement email...what we
> need to fix is our downloads page. I can do that now.
>
> Thank you, again.
>
> Cheers,
>
> Tim
> On Wed, Sep 19, 2018 at 10:50 AM Private LIst Moderation
> <mod-priv...@gsuite.cloud.apache.org> wrote:
>
>
> Hi Tina devs,
>
> I've moderated this announcement due to the urgency of the release.
>
> For future releases, please change the downloads page:
>
> It is ok to include the sha512 checksums in text on the page but you also
> need an https link to the checksum.
>
> The link to the KEYS should link to the KEYS file in your distribution
> directory. The people.apache.org site should not be used.
>
> Regards,
>
> Craig
>
> Announcements of Apache project releases must contain a link to the relevant
> download page, which might be hosted on an Apache site or a third party site
> such as github.com <http://github.com/>. [1]
>
> The download page must provide public download links where current official
> source releases and accompanying cryptographic files may be obtained. [2]
>
> Links to the download artifacts must support downloads from mirrors. Links to
> metadata (SHA, ASC) must be from https://www.apache.org/dist/
> <https://www.apache.org/dist/><project>/<release>
> ** MD5 is no longer considered useful and should not be used. SHA is
> required. **
> Links to KEYS must be from https://www.apache.org/dist/
> <https://www.apache.org/dist/><project>/ not release
> specific.
>
> Announcements that contain a link to the dyn/closer page alone will be
> rejected by the moderators.
>
> Announcements that contain a link to a web page that does not include a link
> to a mirror to the artifact plus links to the signature and at least one sha
> checksum will be rejected.
>
> Announcements that link to dist.apache.org <http://dist.apache.org/> will not
> be accepted.
> Likewise ones which link to SVN or Git code repos.
>
> [1] http://www.apache.org/legal/release-policy.html#release-announcements
> <http://www.apache.org/legal/release-policy.html#release-announcements>[2]
> https://www.apache.org/dev/release-distribution#download-links
> <https://www.apache.org/dev/release-distribution#download-links>
>
>
> Begin forwarded message:
>
> From: announce-reject-1537286294.48587.jgagknhepoajmbbkh...@apache.org
> Subject: MODERATE for annou...@apache.org
> Date: September 18, 2018 at 8:58:14 AM PDT
> To: Recipient list not shown: ;
> Cc:
> announce-allow-tc.1537286294.efngohokkjgkacicfpnk-tallison=apache....@apache.org
> Reply-To: announce-accept-1537286294.48587.jgagknhepoajmbbkh...@apache.org
>
>
> To approve:
> announce-accept-1537286294.48587.jgagknhepoajmbbkh...@apache.org
> To reject:
> announce-reject-1537286294.48587.jgagknhepoajmbbkh...@apache.org
> To give a reason to reject:
> %%% Start comment
> %%% End comment
>
>
> From: Tim Allison <talli...@apache.org>
> Subject: [ANNOUNCE] Apache Tika 1.19 released
> Date: September 18, 2018 at 8:58:02 AM PDT
> To: dev@tika.apache.org, u...@tika.apache.org, annou...@apache.org
>
>
> The Apache Tika project is pleased to announce the release of Apache
> Tika 1.19. The release contents have been pushed out to the main
> Apache release site and to the Maven Central sync, so the releases
> should be available as soon as the mirrors get the syncs.
>
> Apache Tika is a toolkit for detecting and extracting metadata and
> structured text content from various documents using existing parser
> libraries.
>
> Apache Tika 1.19 contains a number of improvements and bug fixes.
> Details can be found in the changes file:
> http://www.apache.org/dist/tika/CHANGES-1.19.txt
>
> Apache Tika is available on the download page:
> http://tika.apache.org/download.html
>
> Apache Tika is also available in binary form or for use using Maven 2
> from the Central Repository:
> http://repo1.maven.org/maven2/org/apache/tika/
>
> In the initial 48 hours, the release may not be available on all mirrors.
>
> When downloading from a mirror site, please remember to verify the
> downloads using signatures found on the Apache site:
> https://www.apache.org/dist/tika/KEYS
>
> For more information on Apache Tika, visit the project home page:
> http://tika.apache.org/
>
> -- Tim Allison, on behalf of the Apache Tika community
>
>
>
>
> Craig L Russell
> Secretary, Apache Software Foundation
> c...@apache.org <mailto:c...@apache.org> http://db.apache.org/jdo
> <http://db.apache.org/jdo>
>
>
> Craig L Russell
> Secretary, Apache Software Foundation
> c...@apache.org http://db.apache.org/jdo
>
