And done
https://dist.apache.org/repos/dist/release/bigtop/bigtop-1.0.0/repos/Cos On Sat, Oct 10, 2015 at 01:08PM, Konstantin Boudnik wrote: > My bad - we've talked about this at the apachecon and I forgot. Thanks for the > reminder - will do it today. > > Cos > > On Sat, Oct 10, 2015 at 09:31PM, Olaf Flebbe wrote: > > Cos, > > > > Regarding the release artifacts: > > > > Is it possible to publish a KEYS file, containing the public part of the > > sign key? BTW, This is already documented here: > > > > http://www.apache.org/dyn/closer.lua/bigtop/bigtop-1.0.0/ > > > > Olaf > > > > > > > Am 10.10.2015 um 20:44 schrieb Konstantin Boudnik <[email protected]>: > > > > > > No, I was more after our own release signing practices. And me as the RM > > > for > > > the last is to blame to not raising this earlier. We're still using md5 > > > and > > > sha1 to sign our releases. And I am proposing to switch to sha512, > > > starting > > > from 1.1 and on. > > > > > > Cos > > > > > > On Sat, Oct 10, 2015 at 08:23PM, Olaf Flebbe wrote: > > >> Hi Cos, > > >> > > >> What signatures are targeting specifically ? > > >> > > >> org.apache.hadoop.io.MD5Hash and its usage? > > >> > > >> or > > >> > > >> something like > > >> > > >> bigtop-packages/src/deb/hama/rules: dh_md5sums > > >> bigtop-packages/src/common/pig/do-component-build: echo > > >> "ea58a078e3861d4dfc8bf3296a53a5f8 apache-forrest-0.9.tar.gz" > > >> >apache-forrest-0.9.tar.md5 > > >> bigtop-packages/src/common/pig/do-component-build: if ! md5sum -c > > >> --quiet apache-forrest-0.9.tar.md5 ; then > > >> > > >> or ??? > > >> > > >> Olaf > > >> > > >>> Am 09.10.2015 um 23:02 schrieb Konstantin Boudnik <[email protected]>: > > >>> > > >>> Guys, > > >>> > > >>> We had to get rid of md5 sum long time ago, but it seems that sha1 is > > >>> hitting > > >>> the wall as well. Here's the good description of the problem: > > >>> https://sites.google.com/site/itstheshappening/ > > >>> > > >>> I'd suggest to scrape both of them in the next release. Any objections? > > >>> > > >>> Cos > > >>> > > >> > > > > > > > > > >
signature.asc
Description: Digital signature
