[
https://issues.apache.org/jira/browse/RANGER-2241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16638716#comment-16638716
]
Velmurugan Periasamy edited comment on RANGER-2241 at 10/4/18 7:25 PM:
-----------------------------------------------------------------------
SHA1 also needs to be removed (in addition to MD5).
MDS is also not necessary.
was (Author: vperiasamy):
SHA1 also needs to be removed (in addition to MD5).
> Fix release build scripts to conform to latest Apache release guidelines -
> Part 2 - Remove sha1
> -----------------------------------------------------------------------------------------------
>
> Key: RANGER-2241
> URL: https://issues.apache.org/jira/browse/RANGER-2241
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Colm O hEigeartaigh
> Assignee: Velmurugan Periasamy
> Priority: Major
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
>
> Fix the release build scripts to conform to the Apache release guidelines
> surrounding hashes:
> [http://www.apache.org/dev/release-distribution#sigs-and-sums]
> <<<
> For every artifact distributed to the public through Apache channels, the PMC
> * MUST supply a
> [valid|http://www.apache.org/dev/release-signing#verifying-signature]
> [OpenPGP-compatible ASCII-armored detached
> signature|http://www.apache.org/dev/release-signing#openpgp-ascii-detach-sig]
> file
> * MUST supply at least one checksum file
> * SHOULD supply a [SHA-256 and/or
> SHA-512|http://www.apache.org/dev/release-signing#sha-checksum] checksum file
> * SHOULD NOT supply a MD5 or SHA-1 checksum file (because these are
> deprecated)
> >>>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
