Hi, As Henk noted in the Incubator PMC vote thread [1], since August 18 Apache releases MUST be accompanied by a SHA-256 and/or SHA-512 checksum file and SHOULD NOT be accompanied by MD5 or SHA-1 checksum file [2].
Can the release process be changed to accomodate that? I think for the current release candidate it's fine to add the stronger digests manually as I mentioned in that vote thread, but for future releases this should be automated. -Bertrand [1] https://lists.apache.org/thread.html/02272396dddfe2565be2a45a279fde213b64abe0318cd0d82821317a@%3Cgeneral.incubator.apache.org%3E [2] https://www.apache.org/dev/release-distribution#sigs-and-sums --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
