[ 
https://issues.apache.org/jira/browse/JCRVLT-754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17846885#comment-17846885
 ] 

Julian Reschke commented on JCRVLT-754:
---------------------------------------

Yes. So for the SHA1, the options appear to be:

- do not use it (put the SHA256 into the vote template)m or
- compute it on demand in check-release.

The latter would be something like:

{noformat}
@@ -175,6 +175,14 @@
     SHA_OK=true
   fi
 done
+if [ $SHA_OK != 0 ]; then
+  # compute SHA1 of artefact and compare that
+  EXPECTED_SHA1="`openssl "sha1" "$BASEDIR/$RCDIR/$NAME" 2>> "$LOGFILE" | sed 
's/.*= *//'`"
+  if [ $EXPECTED_SHA1 = $SHA ]; then
+    info "   (using computed SHA1 of $BASEDIR/$RCDIR/$NAME for SHA argument 
comparison)"
+    SHA_OK=true
+  fi
+fi
 if $SHA_OK; then
     info "   OK: $SHA"
{noformat}


> check-release does not work for filevault anymore
> -------------------------------------------------
>
>                 Key: JCRVLT-754
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-754
>             Project: Jackrabbit FileVault
>          Issue Type: Task
>            Reporter: Julian Reschke
>            Assignee: Konrad Windszus
>            Priority: Major
>             Fix For: 3.7.4
>
>
> Since https://issues.apache.org/jira/browse/JCRVLT-742, no sha1 is generated 
> anymore; however, this is what is put into the generated vote template.
> The proper fix likely would be to put the SHA512 checksum into the vote 
> template.
> Furthermore, the basename of the source artefact changed from"src" to 
> "source-release". This needs to be adjusted in the check script.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to