[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16214710#comment-16214710 ] Davide Giannella commented on OAK-6650: --- [~reschke] bq. Had to remove truncation of extension to three characters thanks for spotting it right before a new release :) > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16214224#comment-16214224 ] Julian Reschke commented on OAK-6650: - Had to remove truncation of extension to three characters: {noformat} Index: check-release.sh === --- check-release.sh(Revision 22609) +++ check-release.sh(Revision 22610) @@ -101,7 +101,7 @@ fi for HASH in md5 sha1; do -EXT=`echo "$HASH" | cut -c 1-3` +EXT=$HASH # removed truncation to three characters due to sha1 name change if [ ! -f "$BASEDIR/$RCDIR/$NAME.$EXT" ]; then error " NOT FOUND: $NAME.$EXT" else {noformat} > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198474#comment-16198474 ] Julian Reschke commented on OAK-6650: - Will do. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198467#comment-16198467 ] Davide Giannella commented on OAK-6650: --- [~reschke] I've done the oak part and the check-release. Please take care of the jackrabbit side. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Fix For: 1.8, 1.2.28, 1.0.40, 1.4.19, 1.6.6, 1.7.10 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198451#comment-16198451 ] Davide Giannella commented on OAK-6650: --- - trunk: http://svn.apache.org/r1811655 > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198315#comment-16198315 ] Julian Reschke commented on OAK-6650: - Understood. So yes, go ahead. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16197626#comment-16197626 ] Davide Giannella commented on OAK-6650: --- [~reschke] bq. Is this what I was supposed to test? testing the full release cycle is rather difficult so we can really test only this bits. However a another pair of eyes on this few lines of patches could ease any future troubles. If the patches look good for you I will move this foreword so that you can apply the counterpart for jackrabbit. Otherwise the checkrelease script as modified now will fail for JR releases. > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16196883#comment-16196883 ] Julian Reschke commented on OAK-6650: - Tried with the feature branch and the POM modification for testing, and it indeed generates an SHA1 file. (Is this what I was supposed to test?) > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > Attachments: OAK-6650-checkrelease.diff > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16196683#comment-16196683 ] Davide Giannella commented on OAK-6650: --- managed to manually check we have {{sha1}} extension by applying the following patch on top of the feature branch and running {{mvn clean install -Papache-release -DskipTests}} {noformat} diff --git a/pom.xml b/pom.xml index 3b631c42b3..24d8bf2d95 100644 --- a/pom.xml +++ b/pom.xml @@ -182,7 +182,7 @@ run -deploy +package {noformat} > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension > h3. impacted areas > - release process (pom.xml) > - check release > - html download page -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (OAK-6650) new release checksum requirements
[ https://issues.apache.org/jira/browse/OAK-6650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162836#comment-16162836 ] Davide Giannella commented on OAK-6650: --- feature branch for patching: https://github.com/davidegiannella/jackrabbit-oak/compare/trunk...davidegiannella:OAK-6650?expand=1 > new release checksum requirements > - > > Key: OAK-6650 > URL: https://issues.apache.org/jira/browse/OAK-6650 > Project: Jackrabbit Oak > Issue Type: Improvement >Reporter: Davide Giannella >Assignee: Davide Giannella > Labels: candidate_oak_1_0, candidate_oak_1_2, candidate_oak_1_4, > candidate_oak_1_6 > Fix For: 1.8 > > > As of various SHA algorithm the Apache policies around signatures and > checksums changed requiring to specify the sha algorithm as part of the file > extension: sha1, sha256, sha512. > http://www.apache.org/dev/release-distribution#sigs-and-sums > currently Oak signs with sha-1 and we should at least change the file > extension -- This message was sent by Atlassian JIRA (v6.4.14#64029)