[jira] [Commented] (HBASE-15630) Improve checksum files for releases for easier verification
[
https://issues.apache.org/jira/browse/HBASE-15630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15235381#comment-15235381
]
Christopher Tubbs commented on HBASE-15630:
---
Out of curiosity: what tool(s) are generating this format? I've noticed Hadoop
checksums also suffer from these problems.
> Improve checksum files for releases for easier verification
> ---
>
> Key: HBASE-15630
> URL: https://issues.apache.org/jira/browse/HBASE-15630
> Project: HBase
> Issue Type: Wish
>Affects Versions: 1.2.1
>Reporter: Christopher Tubbs
>Priority: Trivial
>
> Trying to verify latest release (1.2.1), and I found it a bit inconvenient to
> parse the *.mds checksum file. The line wrapping, white space, and the
> general format of the file does not lend itself for easy verification.
> I suggest using the standard "coreutils" format for md5sum, sha*sum, etc.,
> instead:
> {code}
> # md5
> 3d66c0dd4f38fa881046fe64dd680a7a *hbase-1.2.1-src.tar.gz
> # sha1
> 3666a4829d9a8d9285173bfa8e8d0ff5423a22d6 *hbase-1.2.1-src.tar.gz
> # rmd160
> #fb318e84b6256492cfb990aec2238a64c2da21ad *hbase-1.2.1-src.tar.gz
> # sha224
> 89d341a55069e4875f9e6859737062fd7a4c11596811731c4ba95ca0
> *hbase-1.2.1-src.tar.gz
> # sha256
> e8000a65e98d4c5db7bab54da99a57209fe4ea777ab41e91ae8ccf7bfa2d50dd
> *hbase-1.2.1-src.tar.gz
> # sha384
> 49aa0620bf0fbe20bbde66cecabb76b22defb9ee609936edc3952889e6484e55c88f1c93d6258a2eaab4a9d5188b6170
> *hbase-1.2.1-src.tar.gz
> # sha512
> 28956a35a01ae87e9f733664c52c6fd25f9a60a1ff7047bbf306cd433c2a5b863c9bf05aba1d58792b86eec9943ae00e772c4b76fb81c5d210cf256cd074189b
> *hbase-1.2.1-src.tar.gz
> {code}
> (comment lines added for humans, but ignored by tools; commented out rmd160,
> because not a coreutils supported algorithm; binary flag optional, could use
> another space instead... probably only matters for some dos tools)
> This makes it very easy to verify multiple files and hashes using: {{shasum
> -c file.mds}} or {{sha1sum -c file.mds}} or {{md5sum -c file.mds}}.
> In addition to the file format change, I suggest these two additional changes:
> 1. Drop rmd160. It's not nearly as popular as the others, and it doesn't lend
> itself to easy verification (no coreutils equivalent command like md5sum,
> sha1sum, etc.)
> 2. Concatenate hashes from all files into a single file. This makes it easier
> to verify all downloads at once.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (HBASE-15630) Improve checksum files for releases for easier verification
Christopher Tubbs created HBASE-15630:
-
Summary: Improve checksum files for releases for easier
verification
Key: HBASE-15630
URL: https://issues.apache.org/jira/browse/HBASE-15630
Project: HBase
Issue Type: Wish
Affects Versions: 1.2.1
Reporter: Christopher Tubbs
Priority: Trivial
Trying to verify latest release (1.2.1), and I found it a bit inconvenient to
parse the *.mds checksum file. The line wrapping, white space, and the general
format of the file does not lend itself for easy verification.
I suggest using the standard "coreutils" format for md5sum, sha*sum, etc.,
instead:
{code}
# md5
3d66c0dd4f38fa881046fe64dd680a7a *hbase-1.2.1-src.tar.gz
# sha1
3666a4829d9a8d9285173bfa8e8d0ff5423a22d6 *hbase-1.2.1-src.tar.gz
# rmd160
#fb318e84b6256492cfb990aec2238a64c2da21ad *hbase-1.2.1-src.tar.gz
# sha224
89d341a55069e4875f9e6859737062fd7a4c11596811731c4ba95ca0 *hbase-1.2.1-src.tar.gz
# sha256
e8000a65e98d4c5db7bab54da99a57209fe4ea777ab41e91ae8ccf7bfa2d50dd
*hbase-1.2.1-src.tar.gz
# sha384
49aa0620bf0fbe20bbde66cecabb76b22defb9ee609936edc3952889e6484e55c88f1c93d6258a2eaab4a9d5188b6170
*hbase-1.2.1-src.tar.gz
# sha512
28956a35a01ae87e9f733664c52c6fd25f9a60a1ff7047bbf306cd433c2a5b863c9bf05aba1d58792b86eec9943ae00e772c4b76fb81c5d210cf256cd074189b
*hbase-1.2.1-src.tar.gz
{code}
(comment lines added for humans, but ignored by tools; commented out rmd160,
because not a coreutils supported algorithm; binary flag optional, could use
another space instead... probably only matters for some dos tools)
This makes it very easy to verify multiple files and hashes using: {{shasum -c
file.mds}} or {{sha1sum -c file.mds}} or {{md5sum -c file.mds}}.
In addition to the file format change, I suggest these two additional changes:
1. Drop rmd160. It's not nearly as popular as the others, and it doesn't lend
itself to easy verification (no coreutils equivalent command like md5sum,
sha1sum, etc.)
2. Concatenate hashes from all files into a single file. This makes it easier
to verify all downloads at once.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15630) Improve checksum files for releases for easier verification
[
https://issues.apache.org/jira/browse/HBASE-15630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15235887#comment-15235887
]
Christopher Tubbs commented on HBASE-15630:
---
Ah, so that's how it's done. That's an interesting way to use gpg... especially
since if a user has GPG in order to do this trick, it'd be better if they
ignore this file and check the signature instead. The hashes seem more useful
for people who don't have, or don't want to use, gpg. In that case, it seems
preferable to use the standardized coreutils format.
A few other comments about the gpg output: if one wishes gpg output to be
consistent and its output scriptable, one should specify {{ gpg --with-colons
}}. In this case, order of output also matters, as does the supported
algorithms. Unfortunately, the {{ gpg --with-colons }} option also substitutes
the algorithm names with a numeric ID, which is less useful for human readers.
That's unfortunate.
At least now I know how it's done. Thanks for the tip!
> Improve checksum files for releases for easier verification
> ---
>
> Key: HBASE-15630
> URL: https://issues.apache.org/jira/browse/HBASE-15630
> Project: HBase
> Issue Type: Wish
>Affects Versions: 1.2.1
>Reporter: Christopher Tubbs
>Priority: Trivial
>
> Trying to verify latest release (1.2.1), and I found it a bit inconvenient to
> parse the *.mds checksum file. The line wrapping, white space, and the
> general format of the file does not lend itself for easy verification.
> I suggest using the standard "coreutils" format for md5sum, sha*sum, etc.,
> instead:
> {code}
> # md5
> 3d66c0dd4f38fa881046fe64dd680a7a *hbase-1.2.1-src.tar.gz
> # sha1
> 3666a4829d9a8d9285173bfa8e8d0ff5423a22d6 *hbase-1.2.1-src.tar.gz
> # rmd160
> #fb318e84b6256492cfb990aec2238a64c2da21ad *hbase-1.2.1-src.tar.gz
> # sha224
> 89d341a55069e4875f9e6859737062fd7a4c11596811731c4ba95ca0
> *hbase-1.2.1-src.tar.gz
> # sha256
> e8000a65e98d4c5db7bab54da99a57209fe4ea777ab41e91ae8ccf7bfa2d50dd
> *hbase-1.2.1-src.tar.gz
> # sha384
> 49aa0620bf0fbe20bbde66cecabb76b22defb9ee609936edc3952889e6484e55c88f1c93d6258a2eaab4a9d5188b6170
> *hbase-1.2.1-src.tar.gz
> # sha512
> 28956a35a01ae87e9f733664c52c6fd25f9a60a1ff7047bbf306cd433c2a5b863c9bf05aba1d58792b86eec9943ae00e772c4b76fb81c5d210cf256cd074189b
> *hbase-1.2.1-src.tar.gz
> {code}
> (comment lines added for humans, but ignored by tools; commented out rmd160,
> because not a coreutils supported algorithm; binary flag optional, could use
> another space instead... probably only matters for some dos tools)
> This makes it very easy to verify multiple files and hashes using: {{shasum
> -c file.mds}} or {{sha1sum -c file.mds}} or {{md5sum -c file.mds}}.
> In addition to the file format change, I suggest these two additional changes:
> 1. Drop rmd160. It's not nearly as popular as the others, and it doesn't lend
> itself to easy verification (no coreutils equivalent command like md5sum,
> sha1sum, etc.)
> 2. Concatenate hashes from all files into a single file. This makes it easier
> to verify all downloads at once.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Reopened] (HBASE-15630) Improve checksum files for releases for easier verification
[
https://issues.apache.org/jira/browse/HBASE-15630?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Christopher Tubbs reopened HBASE-15630:
---
Reopening pending a comment explicitly documenting the community decision to
either adopt the proposed changes or not.
While I find the information provided very useful (and I appreciate the
response), I think the suggested changes may still warrant consideration and
discussion, and I think closing it without a discussion of the pros and cons of
what has been proposed is premature.
> Improve checksum files for releases for easier verification
> ---
>
> Key: HBASE-15630
> URL: https://issues.apache.org/jira/browse/HBASE-15630
> Project: HBase
> Issue Type: Wish
>Affects Versions: 1.2.1
>Reporter: Christopher Tubbs
>Assignee: Elliott Clark
>Priority: Trivial
>
> Trying to verify latest release (1.2.1), and I found it a bit inconvenient to
> parse the *.mds checksum file. The line wrapping, white space, and the
> general format of the file does not lend itself for easy verification.
> I suggest using the standard "coreutils" format for md5sum, sha*sum, etc.,
> instead:
> {code}
> # md5
> 3d66c0dd4f38fa881046fe64dd680a7a *hbase-1.2.1-src.tar.gz
> # sha1
> 3666a4829d9a8d9285173bfa8e8d0ff5423a22d6 *hbase-1.2.1-src.tar.gz
> # rmd160
> #fb318e84b6256492cfb990aec2238a64c2da21ad *hbase-1.2.1-src.tar.gz
> # sha224
> 89d341a55069e4875f9e6859737062fd7a4c11596811731c4ba95ca0
> *hbase-1.2.1-src.tar.gz
> # sha256
> e8000a65e98d4c5db7bab54da99a57209fe4ea777ab41e91ae8ccf7bfa2d50dd
> *hbase-1.2.1-src.tar.gz
> # sha384
> 49aa0620bf0fbe20bbde66cecabb76b22defb9ee609936edc3952889e6484e55c88f1c93d6258a2eaab4a9d5188b6170
> *hbase-1.2.1-src.tar.gz
> # sha512
> 28956a35a01ae87e9f733664c52c6fd25f9a60a1ff7047bbf306cd433c2a5b863c9bf05aba1d58792b86eec9943ae00e772c4b76fb81c5d210cf256cd074189b
> *hbase-1.2.1-src.tar.gz
> {code}
> (comment lines added for humans, but ignored by tools; commented out rmd160,
> because not a coreutils supported algorithm; binary flag optional, could use
> another space instead... probably only matters for some dos tools)
> This makes it very easy to verify multiple files and hashes using: {{shasum
> -c file.mds}} or {{sha1sum -c file.mds}} or {{md5sum -c file.mds}}.
> In addition to the file format change, I suggest these two additional changes:
> 1. Drop rmd160. It's not nearly as popular as the others, and it doesn't lend
> itself to easy verification (no coreutils equivalent command like md5sum,
> sha1sum, etc.)
> 2. Concatenate hashes from all files into a single file. This makes it easier
> to verify all downloads at once.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15630) Improve checksum files for releases for easier verification
[
https://issues.apache.org/jira/browse/HBASE-15630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15239762#comment-15239762
]
Christopher Tubbs commented on HBASE-15630:
---
Which maven plugin generates this file in this format? I've not seen this
anywhere else using the Apache parent POM (MPOM).
> Improve checksum files for releases for easier verification
> ---
>
> Key: HBASE-15630
> URL: https://issues.apache.org/jira/browse/HBASE-15630
> Project: HBase
> Issue Type: Wish
>Affects Versions: 1.2.1
>Reporter: Christopher Tubbs
>Assignee: Elliott Clark
>Priority: Trivial
>
> Trying to verify latest release (1.2.1), and I found it a bit inconvenient to
> parse the *.mds checksum file. The line wrapping, white space, and the
> general format of the file does not lend itself for easy verification.
> I suggest using the standard "coreutils" format for md5sum, sha*sum, etc.,
> instead:
> {code}
> # md5
> 3d66c0dd4f38fa881046fe64dd680a7a *hbase-1.2.1-src.tar.gz
> # sha1
> 3666a4829d9a8d9285173bfa8e8d0ff5423a22d6 *hbase-1.2.1-src.tar.gz
> # rmd160
> #fb318e84b6256492cfb990aec2238a64c2da21ad *hbase-1.2.1-src.tar.gz
> # sha224
> 89d341a55069e4875f9e6859737062fd7a4c11596811731c4ba95ca0
> *hbase-1.2.1-src.tar.gz
> # sha256
> e8000a65e98d4c5db7bab54da99a57209fe4ea777ab41e91ae8ccf7bfa2d50dd
> *hbase-1.2.1-src.tar.gz
> # sha384
> 49aa0620bf0fbe20bbde66cecabb76b22defb9ee609936edc3952889e6484e55c88f1c93d6258a2eaab4a9d5188b6170
> *hbase-1.2.1-src.tar.gz
> # sha512
> 28956a35a01ae87e9f733664c52c6fd25f9a60a1ff7047bbf306cd433c2a5b863c9bf05aba1d58792b86eec9943ae00e772c4b76fb81c5d210cf256cd074189b
> *hbase-1.2.1-src.tar.gz
> {code}
> (comment lines added for humans, but ignored by tools; commented out rmd160,
> because not a coreutils supported algorithm; binary flag optional, could use
> another space instead... probably only matters for some dos tools)
> This makes it very easy to verify multiple files and hashes using: {{shasum
> -c file.mds}} or {{sha1sum -c file.mds}} or {{md5sum -c file.mds}}.
> In addition to the file format change, I suggest these two additional changes:
> 1. Drop rmd160. It's not nearly as popular as the others, and it doesn't lend
> itself to easy verification (no coreutils equivalent command like md5sum,
> sha1sum, etc.)
> 2. Concatenate hashes from all files into a single file. This makes it easier
> to verify all downloads at once.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15630) Improve checksum files for releases for easier verification
[
https://issues.apache.org/jira/browse/HBASE-15630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15239781#comment-15239781
]
Christopher Tubbs commented on HBASE-15630:
---
Okay, that's fine. I'm not familiar with HBase community practices, so I
figured a proposed change via a JIRA issue marked "Wish" and "Trivial" priority
would be a sufficient way to make a minor suggestion.
Apologies for proposing a change in the wrong forum.
However, I didn't quite expect the issue to be closed (and, especially not by
somebody other than the assignee) without a comment explaining why, and with a
resolution status that did not seem appropriate to the contents of the issue
(it wasn't a request for information, it was a proposed change... but it was
closed as "Information Provided"). That seemed like a mistake to me, so I
reopened in good faith with an explanation, in an attempt to continue the
conversation.
> Improve checksum files for releases for easier verification
> ---
>
> Key: HBASE-15630
> URL: https://issues.apache.org/jira/browse/HBASE-15630
> Project: HBase
> Issue Type: Wish
>Affects Versions: 1.2.1
>Reporter: Christopher Tubbs
>Assignee: Elliott Clark
>Priority: Trivial
>
> Trying to verify latest release (1.2.1), and I found it a bit inconvenient to
> parse the *.mds checksum file. The line wrapping, white space, and the
> general format of the file does not lend itself for easy verification.
> I suggest using the standard "coreutils" format for md5sum, sha*sum, etc.,
> instead:
> {code}
> # md5
> 3d66c0dd4f38fa881046fe64dd680a7a *hbase-1.2.1-src.tar.gz
> # sha1
> 3666a4829d9a8d9285173bfa8e8d0ff5423a22d6 *hbase-1.2.1-src.tar.gz
> # rmd160
> #fb318e84b6256492cfb990aec2238a64c2da21ad *hbase-1.2.1-src.tar.gz
> # sha224
> 89d341a55069e4875f9e6859737062fd7a4c11596811731c4ba95ca0
> *hbase-1.2.1-src.tar.gz
> # sha256
> e8000a65e98d4c5db7bab54da99a57209fe4ea777ab41e91ae8ccf7bfa2d50dd
> *hbase-1.2.1-src.tar.gz
> # sha384
> 49aa0620bf0fbe20bbde66cecabb76b22defb9ee609936edc3952889e6484e55c88f1c93d6258a2eaab4a9d5188b6170
> *hbase-1.2.1-src.tar.gz
> # sha512
> 28956a35a01ae87e9f733664c52c6fd25f9a60a1ff7047bbf306cd433c2a5b863c9bf05aba1d58792b86eec9943ae00e772c4b76fb81c5d210cf256cd074189b
> *hbase-1.2.1-src.tar.gz
> {code}
> (comment lines added for humans, but ignored by tools; commented out rmd160,
> because not a coreutils supported algorithm; binary flag optional, could use
> another space instead... probably only matters for some dos tools)
> This makes it very easy to verify multiple files and hashes using: {{shasum
> -c file.mds}} or {{sha1sum -c file.mds}} or {{md5sum -c file.mds}}.
> In addition to the file format change, I suggest these two additional changes:
> 1. Drop rmd160. It's not nearly as popular as the others, and it doesn't lend
> itself to easy verification (no coreutils equivalent command like md5sum,
> sha1sum, etc.)
> 2. Concatenate hashes from all files into a single file. This makes it easier
> to verify all downloads at once.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-19713) Enable TestInterfaceAudienceAnnotations
[ https://issues.apache.org/jira/browse/HBASE-19713?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16394270#comment-16394270 ] Christopher Tubbs commented on HBASE-19713: --- I maintain the warbucks-maven-plugin as a personal project. It as active as it needs to be, and I'll happily accept contributions :) I'm just glad somebody else is interested in using it! > Enable TestInterfaceAudienceAnnotations > --- > > Key: HBASE-19713 > URL: https://issues.apache.org/jira/browse/HBASE-19713 > Project: HBase > Issue Type: Bug >Reporter: Chia-Ping Tsai >Assignee: Chia-Ping Tsai >Priority: Critical > Fix For: 2.0.0 > > Attachments: HBASE-19713.branch-2.v0.patch, > HBASE-19713.branch-2.v1.patch, HBASE-19713.branch-2.v2.patch, > HBASE-19713.v0.patch > > > Make sure TestInterfaceAudienceAnnotations pass before 2.0 release. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-20212) Make all Public classes have InterfaceAudience category
[ https://issues.apache.org/jira/browse/HBASE-20212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16404092#comment-16404092 ] Christopher Tubbs commented on HBASE-20212: --- I haven't benchmarked it, but I'd expect a second compiled "exclude" pattern and the extra plugin code needed to process it, to be on par with, or slightly worse than any performance hit due to a small lookahead buffer. If there's a clear benefit (such as being able to express includes/excludes that aren't possible with lookahead syntax, or dramatic simplification of include/exclude expressions, or big performance benefit), I'd happily accept a PR, though. > Make all Public classes have InterfaceAudience category > --- > > Key: HBASE-20212 > URL: https://issues.apache.org/jira/browse/HBASE-20212 > Project: HBase > Issue Type: Task >Reporter: Chia-Ping Tsai >Assignee: Chia-Ping Tsai >Priority: Critical > Fix For: 2.0.0, 3.0.0, 2.1.0 > > > The tasks will be resolved are shown below. > # add warbucks-maven-plugin to root pom > # make sure all sub modules ref the warbucks-maven-plugin > # remove old checker (TestInterfaceAudienceAnnotations) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-7931) random walk test fails with authentication problems
[
https://issues.apache.org/jira/browse/HBASE-7931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14357189#comment-14357189
]
Christopher Tubbs commented on HBASE-7931:
--
If somebody who has the appropriate JIRA permissions (I do not) wishes to move
this issue to the ACCUMULO project, it would be appreciated. It was an
(unintentional) duplicate of ACCUMULO-1105.
> random walk test fails with authentication problems
> ---
>
> Key: HBASE-7931
> URL: https://issues.apache.org/jira/browse/HBASE-7931
> Project: HBase
> Issue Type: Bug
> Components: test
>Reporter: Eric Newton
>Priority: Critical
>
> None of the tests run. They die with
> {noformat}
> by: ThriftSecurityException(user:root, code:BAD_CREDENTIALS)
> at
> org.apache.accumulo.core.client.impl.thrift.ClientService$authenticateUser_result$authenticateUser_resultStandardScheme.read(ClientService.java:8039)
> at
> org.apache.accumulo.core.client.impl.thrift.ClientService$authenticateUser_result$authenticateUser_resultStandardScheme.read(ClientService.java:8017)
> at
> org.apache.accumulo.core.client.impl.thrift.ClientService$authenticateUser_result.read(ClientService.java:7961)
> at
> org.apache.thrift.TServiceClient.receiveBase(TServiceClient.java:78)
> at
> org.apache.accumulo.core.client.impl.thrift.ClientService$Client.recv_authenticateUser(ClientService.java:333)
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
