[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16196883#comment-16196883 ]
Julian Reschke commented on OAK-6650: ------------------------------------- Tried with the feature branch and the POM modification for testing, and it indeed generates an SHA1 file. (Is this what I was supposed to test?) > new release checksum requirements > --------------------------------- > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement > Reporter: Davide Giannella > Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)