Il mer 9 ott 2019, 17:55 Jordan Zimmerman <jor...@jordanzimmerman.com> ha scritto:
> It's required by the Apache Release process: > > http://www.apache.org/dev/release-distribution < > http://www.apache.org/dev/release-distribution> > > For every artifact distributed to the public through Apache channels, the > PMC > > • MUST supply a valid OpenPGP-compatible ASCII-armored detached > signature file > • MUST supply at least one checksum file > • SHOULD supply a SHA-256 and/or SHA-512 checksum file > • SHOULD NOT supply a MD5 or SHA-1 checksum file (because these > are deprecated) > > For new releases, PMCs MUST supply SHA-256 and/or SHA-512; and SHOULD NOT > supply MD5 or SHA-1. Existing releases do not need to be changed. > > > On Oct 9, 2019, at 6:50 PM, Andor Molnar <an...@apache.org> wrote: > > > > Checking. > > Why do we generated SHA512 sums for the gpg signatures? > > Is that intentional? > Good catch. The build generated those files and I uploaded all of them to the staging area. It happens when you run mvn deploy -Papache-release I felt they are desirable. I will start another email thread. Enrico > > > Andor > > > > > > > >> On 2019. Oct 8., at 22:36, Enrico Olivelli <eolive...@gmail.com> wrote: > >> > >> This is a bugfix release candidate for 3.5.6. > >> > >> It fixes 29 issues, including upgrade of third party libraries, > >> TTL Node APIs for C API, support for PCKS12 Keystores, upgrade of Netty > 4 > >> and better procedure for the upgrade of servers from 3.4 to 3.5. > >> > >> The full release notes is available at: > >> > >> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12345243 > >> > >> *** Please download, test and vote by October 11th 2019, 23:59 UTC+0. > *** > >> > >> Source files: > >> https://people.apache.org/~eolivelli/zookeeper-3.5.6-candidate-4 > >> > >> Maven staging repo: > >> > https://repository.apache.org/content/repositories/orgapachezookeeper-1044 > >> > >> The release candidate tag in git to be voted upon: release-3.5.6-rc4 > >> https://github.com/apache/zookeeper/tree/release-3.5.6-rc4 > >> > >> ZooKeeper's KEYS file containing PGP keys we use to sign the release: > >> https://www.apache.org/dist/zookeeper/KEYS > >> > >> Should we release this candidate? > >> > >> Enrico Olivelli > > > >