[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: No longer supply SHA1 checksums for new releases

From: Julian Foad <julianfoad_at_apache.org>
Date: Mon, 13 Aug 2018 13:32:53 +0100

Daniel Shahaf wrote:
> Julian Foad wrote on Mon, 13 Aug 2018 12:59 +0100:
> > * stop producing *.sha1 files and stop listing SHA1 on the 'downloads' page
> >
> > -- http://svn.apache.org/r1837939
> I was under the impression that we should keep producing *.sha1 files
> for 1.9 and 1.10 releases, for compatibility reasons. The "SHOULD NOT"
> language in the policy was specifically intended to allow this sort of
> compatibility.
> To be clear, I'm suggesting that we only drop sha1 checksums for 1.11.0-alpha1
> and newer. WDYT?

Sounds good. I suggest for the time being we should achieve this by using a pre-r1837939 revision of trunk/tools/dist/ when running 'release.py' for 1.10 and older patch releases, and manually tweak the result as necessary, such as omitting the SHA1 column from the 'downloads' page.

If any future changes to release.py begin to make this approach impractical we can revisit it then.

- Julian
Received on 2018-08-13 14:33:00 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.