[
https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16196683#comment-16196683
]
Davide Giannella commented on OAK-6650:
---------------------------------------
managed to manually check we have {{sha1}} extension by applying the following
patch on top of the feature branch and running {{mvn clean install
-Papache-release -DskipTests}}
{noformat}
diff --git a/pom.xml b/pom.xml
index 3b631c42b3..24d8bf2d95 100644
--- a/pom.xml
+++ b/pom.xml
@@ -182,7 +182,7 @@
<goals>
<goal>run</goal>
</goals>
- <phase>deploy</phase>
+ <phase>package</phase>
<configuration>
<tasks>
<mkdir dir="${basedir}/target/${project.version}" />
{noformat}
> new release checksum requirements
> ---------------------------------
>
> Key: OAK-6650
> URL: https://issues.apache.org/jira/browse/OAK-6650
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Reporter: Davide Giannella
> Assignee: Davide Giannella
> Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4,
> candidate_oak_1_6
> Fix For: 1.8
>
>
> As of various SHA algorithm the Apache policies around signatures and
> checksums changed requiring to specify the sha algorithm as part of the file
> extension: sha1, sha256, sha512.
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> currently Oak signs with sha-1 and we should at least change the file
> extension
> h3. impacted areas
> - release process (pom.xml)
> - check release
> - html download page
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
