Mike,
We use stronger checksums (SHA512) in the SVN[1] area and downloads page[2]
after a vote passes. In fact, we're one of the only "perfect projects" in
regards to compliance with this policy[3].
The Maven staging area doesn't follow all the "SHOULD" statements, but
that's only because these
-0
please do not publish md5 sums
please add missing sha256 sums
apache release policy:
http://www.apache.org/dev/release-distribution#sigs-and-sums
On Sat, Apr 14, 2018 at 11:37 AM, Mike Walch wrote:
> +1
>
> * Verified sha1 & md5 hashes matched
> * Verified signatures
> *
+1
* Verified sha1 & md5 hashes matched
* Verified signatures
* Ran binary tarball locally using Uno
* Ran 'mvn verify' successfully for wikisearch using RC jars
On Thu, Apr 12, 2018 at 6:21 PM, Christopher wrote:
> Accumulo Developers,
>
> Please consider the following
+1 I verified the md5, sha1 and asc signatures of the artifacts and the git
commit sha1, the build passed mvn clean verify -Psunny, and I accept this as a
release of Accumulo 1.9.0, pending the successful outcome of cluster testing.
Ed Coleman
-Original Message-
From: Christopher