Preferably all the tar.gz and .zip files and their signatures, you can
verify the signature from the command line.
gpg --verify apache-river-2.1.2-incubating-bin.tar.gz.asc
gpg is GnuPG if you need to download it.
From the command line in Solaris I do:
sha1sum apache-river-2.1.2-incubating-bin.tar.gz
which gives me a SHA1 checksum to compare with that shown. gpg can also
calculate the SHA1 checksum:
gpg --print-md SHA1 apache-river-2.1.2-incubating-bin.tar.gz
Thanks Freeman, your help is much appreciated,
Peter.
Freeman Jackson wrote:
Should I download all of them? And what is the best way to checksum the files?
On Wed, Feb 3, 2010 at 11:04 PM, Peter Firmstone <[email protected]> wrote:
Hi Freeman,
Excellent, your involvement is most welcome :-)
Before you vote, go to the link at:
http://people.apache.org/~peter_firmstone/
Download the Release packs, verify the checksums on the files, unpack them,
have a look at the documentation contained within, look at it from someone's
point of view trying to install and use or build. Are there some notes I
should make for installers, have I forgotten anything?
Have a look at the RAT reports, these audit the license headers, all source
should have a header. It appears to me that all *.java files and *.html
files have the license, but check for yourself in case I missed something.
If your happy send an email to this list Vote +1
If you find a problem Vote -1 with the issue details.
If there are issues, I'll wait until the voting period is over, rectify the
issue or state why it hasn't been rectified, then put it to the vote again.
Welcome to Apache River,
Cheers,
Peter.
Freeman Jackson wrote:
How can I vote? I would not call myself new to the Jini Community..
and I would like to get involved.
:)
On Wed, Feb 3, 2010 at 8:33 PM, Peter Firmstone <[email protected]> wrote:
Don't forget to download the Apache River 2.1.2 Release artefacts, read
the
RAT reports and cast your vote!
BR,
Peter Firmstone.
