This is an automated email from the ASF dual-hosted git repository.
aharui pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/royale-asjs.git
The following commit(s) were added to refs/heads/develop by this push:
new 56bf90c switch from MD5 to SHA-512
56bf90c is described below
commit 56bf90ca100dbdf91b8965b60382ea9e7a2816fb
Author: Alex Harui <[email protected]>
AuthorDate: Mon Feb 12 22:59:14 2018 -0800
switch from MD5 to SHA-512
---
ApproveRoyale.xml | 92 ++++++++++++++++++++++++++--------------------------
build.xml | 26 +++++++--------
releasecandidate.xml | 6 ++--
3 files changed, 62 insertions(+), 62 deletions(-)
diff --git a/ApproveRoyale.xml b/ApproveRoyale.xml
index 008e427..e3f6218 100644
--- a/ApproveRoyale.xml
+++ b/ApproveRoyale.xml
@@ -239,17 +239,17 @@
<target name="download" description="download the release package">
<get src="${package.url.path}/${package.url.name}.${package.suffix}"
dest="${basedir}/${package.url.name}.${package.suffix}" />
- <get
src="${package.url.path}/${package.url.name}.${package.suffix}.md5"
- dest="${basedir}/${package.url.name}.${package.suffix}.md5" />
+ <get
src="${package.url.path}/${package.url.name}.${package.suffix}.SHA-512"
+ dest="${basedir}/${package.url.name}.${package.suffix}.SHA-512" />
<get
src="${bin.package.url.path}/${bin.package.url.name}.${package.suffix}"
dest="${basedir}/${bin.package.url.name}.${package.suffix}" />
- <get
src="${bin.package.url.path}/${bin.package.url.name}.${package.suffix}.md5"
- dest="${basedir}/${bin.package.url.name}.${package.suffix}.md5" />
+ <get
src="${bin.package.url.path}/${bin.package.url.name}.${package.suffix}.SHA-512"
+
dest="${basedir}/${bin.package.url.name}.${package.suffix}.SHA-512" />
<!-- no doc packages in 0.8.0
<get src="${doc.package.url.path}/${doc.package.url.name}.zip"
dest="${basedir}/${doc.package.url.name}.zip" />
- <get src="${doc.package.url.path}/${doc.package.url.name}.zip.md5"
- dest="${basedir}/${doc.package.url.name}.zip.md5" />-->
+ <get src="${doc.package.url.path}/${doc.package.url.name}.zip.SHA-512"
+ dest="${basedir}/${doc.package.url.name}.zip.SHA-512" />-->
<antcall target="get_asc" />
</target>
@@ -263,35 +263,35 @@
dest="${basedir}/${doc.package.url.name}.zip.asc" />-->
</target>
- <target name="check-sigs" description="check md5 and gpg sigs">
- <replace
file="${basedir}/${package.url.name}.${package.suffix}.md5"
+ <target name="check-sigs" description="check SHA-512 and gpg sigs">
+ <replace
file="${basedir}/${package.url.name}.${package.suffix}.SHA-512"
token=" " />
- <checksum
file="${basedir}/${package.url.name}.${package.suffix}" algorithm="md5"
verifyproperty="md5.ok" />
- <condition property="MD5Invalid">
+ <checksum
file="${basedir}/${package.url.name}.${package.suffix}" algorithm="SHA-512"
verifyproperty="SHA-512.ok" />
+ <condition property="SHA-512Invalid">
<not>
- <equals arg1="${md5.ok}" arg2="true" />
+ <equals arg1="${SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="MD5 checksum did not match" if="MD5Invalid" />
- <replace
file="${basedir}/${bin.package.url.name}.${package.suffix}.md5"
+ <fail message="SHA-512 checksum did not match" if="SHA-512Invalid" />
+ <replace
file="${basedir}/${bin.package.url.name}.${package.suffix}.SHA-512"
token=" " />
- <checksum file="${basedir}/${bin.package.url.name}.${package.suffix}"
algorithm="md5" verifyproperty="bin.md5.ok" />
- <condition property="BinaryMD5Invalid">
+ <checksum file="${basedir}/${bin.package.url.name}.${package.suffix}"
algorithm="SHA-512" verifyproperty="bin.SHA-512.ok" />
+ <condition property="BinarySHA-512Invalid">
<not>
- <equals arg1="${bin.md5.ok}" arg2="true" />
+ <equals arg1="${bin.SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="Binary Package MD5 checksum did not match"
if="BinaryMD5Invalid" />
+ <fail message="Binary Package SHA-512 checksum did not match"
if="BinarySHA-512Invalid" />
<!-- no doc packages in 0.8.0
- <replace file="${basedir}/${doc.package.url.name}.zip.md5"
+ <replace file="${basedir}/${doc.package.url.name}.zip.SHA-512"
token=" " />
- <checksum file="${basedir}/${doc.package.url.name}.zip"
algorithm="md5" verifyproperty="doc.md5.ok" />
- <condition property="DocMD5Invalid">
+ <checksum file="${basedir}/${doc.package.url.name}.zip"
algorithm="SHA-512" verifyproperty="doc.SHA-512.ok" />
+ <condition property="DocSHA-512Invalid">
<not>
- <equals arg1="${doc.md5.ok}" arg2="true" />
+ <equals arg1="${doc.SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="Doc Package MD5 checksum did not match"
if="DocMD5Invalid" />-->
+ <fail message="Doc Package SHA-512 checksum did not match"
if="DocSHA-512Invalid" />-->
<antcall target="gpg_check" />
</target>
@@ -836,15 +836,15 @@
<property name="binary.jx.kit" value="${kit.jx.prefix}-bin"/>
<get
src="http://apacheflexbuild.cloudapp.net:8080/job/royale-compiler%20release%20branch/lastSuccessfulBuild/artifact/out/${binary.jx.kit}.zip";
dest="${basedir}/${binary.jx.kit}.zip" verbose="true"
skipexisting="true"/>
- <get
src="http://apacheflexbuild.cloudapp.net:8080/job/royale-compiler%20release%20branch/lastSuccessfulBuild/artifact/out/${binary.jx.kit}.zip.md5";
- dest="${basedir}/${binary.jx.kit}.zip.md5" verbose="true"
skipexisting="true"/>
- <checksum file="${basedir}/${binary.jx.kit}.zip" algorithm="md5"
verifyproperty="compiler.md5.ok" />
- <condition property="CompilerMD5Invalid">
+ <get
src="http://apacheflexbuild.cloudapp.net:8080/job/royale-compiler%20release%20branch/lastSuccessfulBuild/artifact/out/${binary.jx.kit}.zip.SHA-512";
+ dest="${basedir}/${binary.jx.kit}.zip.SHA-512" verbose="true"
skipexisting="true"/>
+ <checksum file="${basedir}/${binary.jx.kit}.zip" algorithm="SHA-512"
verifyproperty="compiler.SHA-512.ok" />
+ <condition property="CompilerSHA-512Invalid">
<not>
- <equals arg1="${compiler.md5.ok}" arg2="true" />
+ <equals arg1="${compiler.SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="MD5 checksum did not match" if="CompilerMD5Invalid" />
+ <fail message="SHA-512 checksum did not match"
if="CompilerSHA-512Invalid" />
<unzip src="${basedir}/${binary.jx.kit}.zip"
dest="${basedir}/compiler" />
<ant dir="${basedir}/compiler/compiler/src/main/resources"
antfile="downloads.xml" />
<property name="ROYALE_COMPILER_REPO" value="${basedir}/compiler" />
@@ -855,15 +855,15 @@
<property name="binary.jx.kit" value="${kit.jx.prefix}-bin"/>
<get
src="https://dist.apache.org/repos/dist/dev/royale/compiler/${release.version}/rc1/binaries/${binary.jx.kit}.zip";
dest="${basedir}/${binary.jx.kit}.zip" verbose="true"
skipexisting="true"/>
- <get
src="https://dist.apache.org/repos/dist/dev/royale/compiler/${release.version}/rc1/binaries/${binary.jx.kit}.zip.md5";
- dest="${basedir}/${binary.jx.kit}.zip.md5" verbose="true"
skipexisting="true"/>
- <checksum file="${basedir}/${binary.jx.kit}.zip" algorithm="md5"
verifyproperty="compiler.md5.ok" />
- <condition property="CompilerMD5Invalid">
+ <get
src="https://dist.apache.org/repos/dist/dev/royale/compiler/${release.version}/rc1/binaries/${binary.jx.kit}.zip.SHA-512";
+ dest="${basedir}/${binary.jx.kit}.zip.SHA-512" verbose="true"
skipexisting="true"/>
+ <checksum file="${basedir}/${binary.jx.kit}.zip" algorithm="SHA-512"
verifyproperty="compiler.SHA-512.ok" />
+ <condition property="CompilerSHA-512Invalid">
<not>
- <equals arg1="${compiler.md5.ok}" arg2="true" />
+ <equals arg1="${compiler.SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="MD5 checksum did not match" if="CompilerMD5Invalid" />
+ <fail message="SHA-512 checksum did not match"
if="CompilerSHA-512Invalid" />
<unzip src="${basedir}/${binary.jx.kit}.zip"
dest="${basedir}/compiler" />
<ant dir="${basedir}/compiler/compiler/src/main/resources"
antfile="downloads.xml" />
<property name="ROYALE_COMPILER_REPO" value="${basedir}/compiler" />
@@ -873,15 +873,15 @@
<property name="binary.flexunit.kit"
value="apache.royale-flexunit-4.2.0-4.12.0-bin"/>
<get
src="https://archive.apache.org/dist/royale/flexunit/4.2.0/binaries/${binary.flexunit.kit}.zip";
dest="${basedir}/${binary.flexunit.kit}.zip" verbose="true"
skipexisting="true"/>
- <get
src="https://archive.apache.org/dist/royale/flexunit/4.2.0/binaries/${binary.flexunit.kit}.zip.md5";
- dest="${basedir}/${binary.flexunit.kit}.zip.md5" verbose="true"
skipexisting="true"/>
- <checksum file="${basedir}/${binary.flexunit.kit}.zip" algorithm="md5"
verifyproperty="flexunit.md5.ok" />
- <condition property="FlexUnitMD5Invalid">
+ <get
src="https://archive.apache.org/dist/royale/flexunit/4.2.0/binaries/${binary.flexunit.kit}.zip.SHA-512";
+ dest="${basedir}/${binary.flexunit.kit}.zip.SHA-512" verbose="true"
skipexisting="true"/>
+ <checksum file="${basedir}/${binary.flexunit.kit}.zip"
algorithm="SHA-512" verifyproperty="flexunit.SHA-512.ok" />
+ <condition property="FlexUnitSHA-512Invalid">
<not>
- <equals arg1="${flexunit.md5.ok}" arg2="true" />
+ <equals arg1="${flexunit.SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="MD5 checksum did not match" if="FlexUnitMD5Invalid" />
+ <fail message="SHA-512 checksum did not match"
if="FlexUnitSHA-512Invalid" />
<unzip src="${basedir}/${binary.flexunit.kit}.zip"
dest="${basedir}/flexunit" />
<property name="FLEXUNIT_HOME" value="${basedir}/flexunit" />
</target>
@@ -891,15 +891,15 @@
<property name="binary.sdk.kit" value="${kit.sdk.prefix}-bin"/>
<get
src="https://archive.apache.org/dist/royale/4.15.0/binaries/${binary.sdk.kit}.zip";
dest="${basedir}/${binary.sdk.kit}.zip" verbose="true"
skipexisting="true"/>
- <get
src="https://archive.apache.org/dist/royale/4.15.0/binaries/${binary.sdk.kit}.zip.md5";
- dest="${basedir}/${binary.sdk.kit}.zip.md5" verbose="true"
skipexisting="true"/>
- <checksum file="${basedir}/${binary.sdk.kit}.zip" algorithm="md5"
verifyproperty="sdk.md5.ok" />
- <condition property="SDKMD5Invalid">
+ <get
src="https://archive.apache.org/dist/royale/4.15.0/binaries/${binary.sdk.kit}.zip.SHA-512";
+ dest="${basedir}/${binary.sdk.kit}.zip.SHA-512" verbose="true"
skipexisting="true"/>
+ <checksum file="${basedir}/${binary.sdk.kit}.zip" algorithm="SHA-512"
verifyproperty="sdk.SHA-512.ok" />
+ <condition property="SDKSHA-512Invalid">
<not>
- <equals arg1="${sdk.md5.ok}" arg2="true" />
+ <equals arg1="${sdk.SHA-512.ok}" arg2="true" />
</not>
</condition>
- <fail message="MD5 checksum did not match" if="SDKMD5Invalid" />
+ <fail message="SHA-512 checksum did not match" if="SDKSHA-512Invalid"
/>
<unzip src="${basedir}/${binary.sdk.kit}.zip" dest="${basedir}/sdk" />
<ant dir="${basedir}/sdk/frameworks" antfile="downloads.xml" />
<property name="FLEX_SDK_HOME" value="${basedir}/sdk" />
diff --git a/build.xml b/build.xml
index 3434bc8..4a38899 100644
--- a/build.xml
+++ b/build.xml
@@ -1617,18 +1617,18 @@ limitations under the License.
</rat:report>
</target>
- <target name="create-md5" >
- <echo message="Generating MD5 hashes for release artifacts"/>
- <checksum algorithm="md5"
file="${basedir}/out/${binary.kit}.tar.gz" forceOverwrite="yes"/>
- <checksum algorithm="md5"
file="${basedir}/out/${binary.kit}.zip" forceOverwrite="yes"/>
- <checksum algorithm="md5"
file="${basedir}/out/${source.kit}.tar.gz" forceOverwrite="yes"/>
- <checksum algorithm="md5"
file="${basedir}/out/${source.kit}.zip" forceOverwrite="yes"/>
+ <target name="create-SHA-512" >
+ <echo message="Generating SHA-512 hashes for release
artifacts"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${binary.kit}.tar.gz" forceOverwrite="yes"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${binary.kit}.zip" forceOverwrite="yes"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${source.kit}.tar.gz" forceOverwrite="yes"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${source.kit}.zip" forceOverwrite="yes"/>
</target>
- <target name="create-md5-jsonly" if="env.AIR_HOME" >
- <echo message="Generating MD5 hashes for release artifacts"/>
- <checksum algorithm="md5"
file="${basedir}/out/${binary-js.kit}.tar.gz" forceOverwrite="yes"/>
- <checksum algorithm="md5" file="${basedir}/out/${binary-js.kit}.zip"
forceOverwrite="yes"/>
+ <target name="create-SHA-512-jsonly" if="env.AIR_HOME" >
+ <echo message="Generating SHA-512 hashes for release artifacts"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${binary-js.kit}.tar.gz" forceOverwrite="yes"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${binary-js.kit}.zip" forceOverwrite="yes"/>
</target>
<target name="sign-jsonly" if="env.AIR_HOME" >
@@ -1683,9 +1683,9 @@ limitations under the License.
</exec>
</target>
- <target name="doc-create-md5" >
- <echo message="Generating MD5 hashes for doc artifacts"/>
- <checksum algorithm="md5"
file="${basedir}/out/${kit.prefix}-asdocs.zip" forceOverwrite="yes"/>
+ <target name="doc-create-SHA-512" >
+ <echo message="Generating SHA-512 hashes for doc artifacts"/>
+ <checksum algorithm="SHA-512"
file="${basedir}/out/${kit.prefix}-asdocs.zip" forceOverwrite="yes"/>
</target>
<target name="doc-sign" >
diff --git a/releasecandidate.xml b/releasecandidate.xml
index 5b4e1ff..133bb4b 100644
--- a/releasecandidate.xml
+++ b/releasecandidate.xml
@@ -834,8 +834,8 @@
<target name="ant-artifacts">
<ant dir="${basedir}/royale-asjs" target="release" />
- <ant dir="${basedir}/royale-asjs" target="create-md5" />
- <ant dir="${basedir}/royale-asjs" target="create-md5-jsonly" />
+ <ant dir="${basedir}/royale-asjs" target="create-SHA-512" />
+ <ant dir="${basedir}/royale-asjs" target="create-SHA-512-jsonly" />
<ant dir="${basedir}/royale-asjs" target="sign" />
<ant dir="${basedir}/royale-asjs" target="sign-jsonly" />
<!--<ant antfile="build.xml" target="doc-create-md5" />-->
@@ -964,7 +964,7 @@ approving a release?', at:\n\
http://www.apache.org/dev/release.html#approving-a-release\n\
\n\
At a minimum you would be expected to check that:\n\
-- MD5 and signed packages are correct\n\
+- SHA and signed packages are correct\n\
- README, RELEASE_NOTES, NOTICE and LICENSE files are all fine\n\
- That the build script completes successfully\n\
- That you can compile and cross-compile a simple example using the SDK.\n\
--
To stop receiving notification emails like this one, please contact
[email protected].
