Daniel Shahaf wrote: > Julian Foad wrote on Mon, 13 Aug 2018 12:59 +0100: > > * stop producing *.sha1 files and stop listing SHA1 on the 'downloads' page > > > > -- http://svn.apache.org/r1837939 > > I was under the impression that we should keep producing *.sha1 files > for 1.9 and 1.10 releases, for compatibility reasons. The "SHOULD NOT" > language in the policy was specifically intended to allow this sort of > compatibility. > > To be clear, I'm suggesting that we only drop sha1 checksums for 1.11.0-alpha1 > and newer. WDYT?
Sounds good. I suggest for the time being we should achieve this by using a pre-r1837939 revision of trunk/tools/dist/ when running 'release.py' for 1.10 and older patch releases, and manually tweak the result as necessary, such as omitting the SHA1 column from the 'downloads' page. If any future changes to release.py begin to make this approach impractical we can revisit it then. - Julian
