[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16214710#comment-16214710 ] Davide Giannella commented on OAK-6650: --- [~reschke] bq. Had to remove truncation of extension to three characters thanks for spotting it right before a new release :) > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[
https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16214224#comment-16214224
]
Julian Reschke commented on OAK-6650:
-
Had to remove truncation of extension to three characters:
{noformat}
Index: check-release.sh
===
--- check-release.sh(Revision 22609)
+++ check-release.sh(Revision 22610)
@@ -101,7 +101,7 @@
fi
for HASH in md5 sha1; do
-EXT=`echo "$HASH" | cut -c 1-3`
+EXT=$HASH # removed truncation to three characters due to sha1 name change
if [ ! -f "$BASEDIR/$RCDIR/$NAME.$EXT" ]; then
error " NOT FOUND: $NAME.$EXT"
else
{noformat}
> new release checksum requirements
> -
>
> Key: OAK-6650
> URL: https://issues.apache.org/jira/browse/OAK-6650
> Project: Jackrabbit Oak
> Issue Type: Improvement
>Reporter: Davide Giannella
>Assignee: Davide Giannella
> Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10
>
> Attachments: OAK-6650-checkrelease.diff
>
>
> As of various SHA algorithm the Apache policies around signatures and
> checksums changed requiring to specify the sha algorithm as part of the file
> extension: sha1, sha256, sha512.
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> currently Oak signs with sha-1 and we should at least change the file
> extension
> h3. impacted areas
> - release process (pom.xml)
> - check release
> - html download page
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198474#comment-16198474 ] Julian Reschke commented on OAK-6650: - Will do. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198467#comment-16198467 ] Davide Giannella commented on OAK-6650: --- [~reschke] I've done the oak part and the check-release. Please take care of the jackrabbit side. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198451#comment-16198451 ] Davide Giannella commented on OAK-6650: --- - trunk: http://svn.apache.org/r1811655 > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198315#comment-16198315 ] Julian Reschke commented on OAK-6650: - Understood. So yes, go ahead. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16197626#comment-16197626 ] Davide Giannella commented on OAK-6650: --- [~reschke] bq. Is this what I was supposed to test? testing the full release cycle is rather difficult so we can really test only this bits. However a another pair of eyes on this few lines of patches could ease any future troubles. If the patches look good for you I will move this foreword so that you can apply the counterpart for jackrabbit. Otherwise the checkrelease script as modified now will fail for JR releases. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16196883#comment-16196883 ] Julian Reschke commented on OAK-6650: - Tried with the feature branch and the POM modification for testing, and it indeed generates an SHA1 file. (Is this what I was supposed to test?) > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[
https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16196683#comment-16196683
]
Davide Giannella commented on OAK-6650:
---
managed to manually check we have {{sha1}} extension by applying the following
patch on top of the feature branch and running {{mvn clean install
-Papache-release -DskipTests}}
{noformat}
diff --git a/pom.xml b/pom.xml
index 3b631c42b3..24d8bf2d95 100644
--- a/pom.xml
+++ b/pom.xml
@@ -182,7 +182,7 @@
run
-deploy
+package
{noformat}
> new release checksum requirements
> -
>
> Key: OAK-6650
> URL: https://issues.apache.org/jira/browse/OAK-6650
> Project: Jackrabbit Oak
> Issue Type: Improvement
>Reporter: Davide Giannella
>Assignee: Davide Giannella
> Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4,
> candidate_oak_1_6
> Fix For: 1.8
>
>
> As of various SHA algorithm the Apache policies around signatures and
> checksums changed requiring to specify the sha algorithm as part of the file
> extension: sha1, sha256, sha512.
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> currently Oak signs with sha-1 and we should at least change the file
> extension
> h3. impacted areas
> - release process (pom.xml)
> - check release
> - html download page
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162836#comment-16162836 ] Davide Giannella commented on OAK-6650: --- feature branch for patching: https://github.com/davidegiannella/jackrabbit-oak/compare/trunk...davidegiannella:OAK-6650?expand=1 > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension -- This message was sent by Atlassian JIRA (v6.4.14#64029)
