Re: No longer supply SHA1 checksums for new releases

From: Julian Foad <julianfoad_at_apache.org>
Date: Mon, 13 Aug 2018 13:32:53 +0100

Daniel Shahaf wrote:
> Julian Foad wrote on Mon, 13 Aug 2018 12:59 +0100:
> > * stop producing *.sha1 files and stop listing SHA1 on the 'downloads' page
> >
> > -- http://svn.apache.org/r1837939
>
> I was under the impression that we should keep producing *.sha1 files
> for 1.9 and 1.10 releases, for compatibility reasons. The "SHOULD NOT"
> language in the policy was specifically intended to allow this sort of
> compatibility.
>
> To be clear, I'm suggesting that we only drop sha1 checksums for 1.11.0-alpha1
> and newer. WDYT?

Sounds good. I suggest for the time being we should achieve this by using a pre-r1837939 revision of trunk/tools/dist/ when running 'release.py' for 1.10 and older patch releases, and manually tweak the result as necessary, such as omitting the SHA1 column from the 'downloads' page.

If any future changes to release.py begin to make this approach impractical we can revisit it then.

- Julian
Received on 2018-08-13 14:33:00 CEST

This message: [ Message body ]
Next message: Julian Foad: "Feature freeze for 1.11"
Previous message: Daniel Shahaf: "Re: No longer supply SHA1 checksums for new releases"
In reply to: Daniel Shahaf: "Re: No longer supply SHA1 checksums for new releases"
Next in thread: Daniel Shahaf: "Re: No longer supply SHA1 checksums for new releases"
Reply: Daniel Shahaf: "Re: No longer supply SHA1 checksums for new releases"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]