[
https://issues.apache.org/jira/browse/LUCENE-7935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16426238#comment-16426238
]
Steve Rowe commented on LUCENE-7935:
------------------------------------
{quote}I suppose we want to discontinue md5 also for all maven artifacts, or is
it required?
{quote}
This page, which lists requirements for Maven Central hosting, doesn't mention
md5 or any other hash; only PGP signatures are mentioned:
[http://central.sonatype.org/pages/requirements.html]
The Maven distribution section on the ASF page on publishing releases
([http://www.apache.org/dev/release-publishing.html#distribution_maven]) says:
{quote}don't try to publish .sha256, .sha512 files yet; Nexus doesn't handle
them (as of March 2018)
{quote}
The ASF page on publishing Maven artifacts
([http://www.apache.org/dev/publishing-maven-artifacts.html]) says we don't
need to provide MD5 or SHA1 files:
{quote}Nexus will create MD5 and SHA1 checksums on the fly
{quote}
> Release .sha512 hash files with our artifacts
> ---------------------------------------------
>
> Key: LUCENE-7935
> URL: https://issues.apache.org/jira/browse/LUCENE-7935
> Project: Lucene - Core
> Issue Type: Improvement
> Components: general/build
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
> Fix For: 7.4, master (8.0)
>
> Attachments: LUCENE-7935.patch, LUCENE-7935.patch
>
>
> Currently we are only required to release {{.md5}} hashes with our artifacts,
> and we also include {{.sha1}} files. It is expected that {{.sha512}} will be
> required in the future (see
> https://www.apache.org/dev/release-signing.html#sha1), so why not start
> generating them right away?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
