Hi Murat. This issue (not matching SHA512) is happening because your downloaded .sha file is compressed for some reason. Try to decompress it using, for example, 7zip.
Regards, Alexander Sorokin -----Original Message----- From: Murat Sutunc [mailto:mura...@microsoft.com] Sent: Tuesday, May 12, 2015 3:20 To: dev@cordova.apache.org Subject: RE: [VOTE] cordova-plugin-vibration release Sorry to hijack this thread but this is my first time verifying a release and I've some questions before signing off.. 1) I was looking at the coho docs but wasn't able to figure out how to download a release from dist/dev. Any tips? 2) For now I've manually copied the tgz files from the dist.apache and ran my validation. I've ran into the following issue, is it expected? C:\Users\muratsu\Desktop\plugin>coho verify-archive cordova-plugin-vibration-1.1.0.tgz Running from c:\dev ./ ============================= Executing: gpg --verify C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz.asc C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz gpg: Signature made 05/07/15 17:24:14 Pacific Daylight Time using RSA key ID FFCA68BE gpg: Good signature from "Steve Gill (code signing key) <ste...@apache.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EBAC 6409 FA2F 2FCF A42C 1080 3843 B8F9 FFCA 68BE ./ ============================= Computing MD5 for: C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz ./ ============================= Computing SHA512 for: C:\Users\muratsu\Desktop\plugin\cordova-plugin-vibration-1.1.0.tgz SHA512 does not match. Other than this issue, changes look good to me. +1 --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org For additional commands, e-mail: dev-h...@cordova.apache.org
