You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tinkerpop.apache.org by dk...@apache.org on 2018/04/11 16:26:56 UTC

[9/9] tinkerpop git commit: TINKERPOP-1912 Removed MD5 checksums from release

TINKERPOP-1912 Removed MD5 checksums from release


Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/bf1e242e
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/bf1e242e
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/bf1e242e

Branch: refs/heads/TINKERPOP-1912-tp33
Commit: bf1e242eebfb4d16f3d50ac181698b7b57ee0635
Parents: cf6f974
Author: Daniel Kuppitz <da...@hotmail.com>
Authored: Tue Apr 10 13:31:47 2018 -0700
Committer: Daniel Kuppitz <da...@hotmail.com>
Committed: Wed Apr 11 09:26:41 2018 -0700

----------------------------------------------------------------------
 bin/validate-distribution.sh            | 3 ++-
 docs/site/home/downloads.html           | 4 ++--
 docs/src/dev/developer/release.asciidoc | 1 +
 3 files changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bf1e242e/bin/validate-distribution.sh
----------------------------------------------------------------------
diff --git a/bin/validate-distribution.sh b/bin/validate-distribution.sh
index 0121a1a..b071ea0 100755
--- a/bin/validate-distribution.sh
+++ b/bin/validate-distribution.sh
@@ -83,10 +83,11 @@ fi
 
 echo -n "* downloading ${COMPONENT} (${ZIP_FILENAME})... "
 curl -Lsf ${URL} -o ${ZIP_FILENAME} || { echo "Failed to download ${COMPONENT}" ; exit 1; }
-for ext in "asc" "md5" "sha1"
+for ext in "asc" "sha1"
 do
   curl -Lsf ${URL}.${ext} -o ${ZIP_FILENAME}.${ext} || { echo "Failed to download ${COMPONENT} (${ext})" ; exit 1 ; }
 done
+curl -Lsf ${URL}.md5 -o ${ZIP_FILENAME}.md5 && { echo "MD5 checksums should not be released (${ZIP_FILENAME}.md5)" ; exit 1 ; }
 echo "OK"
 
 # validate zip file

http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bf1e242e/docs/site/home/downloads.html
----------------------------------------------------------------------
diff --git a/docs/site/home/downloads.html b/docs/site/home/downloads.html
index efe3ac8..f5f0ab3 100644
--- a/docs/site/home/downloads.html
+++ b/docs/site/home/downloads.html
@@ -491,7 +491,7 @@ limitations under the License.
     </table>
     <p><strong>Note</strong> that upgrade documentation was only introduced at 3.1.1-incubating which is why there are no links "upgrade" links in versions prior to that one.
     <h4>Verifying Downloads</h4>
-    <p>All downloads have associated PGP and MD5 signatures to help verify a distribution provided by a mirror. To verify a distribution via PGP or GPG first download the
+    <p>All downloads have associated PGP and SHA1 signatures to help verify a distribution provided by a mirror. To verify a distribution via PGP or GPG first download the
        <a href="https://www.apache.org/dist/tinkerpop/KEYS">KEYS</a> file (it is important to use the linked file which is from the main distribution directory and not a
        mirror. Next download the appropriate "asc" signature file for the relevant distribution (again, this file should come from the <a href="https://www.apache.org/dist/tinkerpop/">main
        distribution directory</a> - note that older releases will have such files in the <a href="https://archive.apache.org/dist/tinkerpop/">archives</a> or if released under Apache
@@ -517,7 +517,7 @@ limitations under the License.
       gpg --verify apache-gremlin-console-x.y.z-bin.zip.asc apache-gremlin-console-x.y.z-bin.zip
       </code></pre>
     </p>
-    <p>Alternatively, consider verifying the MD5 signature on the files. An MD5 signature consists of 32 hex characters, and a SHA1 signature consists of 40 hex characters.
+    <p>Alternatively, consider verifying the SHA1 signature on the files. An SHA1 signature consists of 40 hex characters.
        Ensure that the generated signature string matches the signature string published in the files above.</p>
  </div>
 </div>

http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bf1e242e/docs/src/dev/developer/release.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/dev/developer/release.asciidoc b/docs/src/dev/developer/release.asciidoc
index cc18bde..9439abb 100644
--- a/docs/src/dev/developer/release.asciidoc
+++ b/docs/src/dev/developer/release.asciidoc
@@ -224,6 +224,7 @@ for generating javadoc and without that the binary distributions won't contain t
 .. `cp ~/.m2/repository/org/apache/tinkerpop/gremlin-console/xx.yy.zz/gremlin-console-xx.yy.zz-distribution.zip* dev/xx.yy.zz`
 .. `cp ~/.m2/repository/org/apache/tinkerpop/gremlin-server/xx.yy.zz/gremlin-server-xx.yy.zz-distribution.zip* dev/xx.yy.zz`
 .. `cp ~/.m2/repository/org/apache/tinkerpop/tinkerpop/xx.yy.zz/tinkerpop-xx.yy.zz-source-release.zip* dev/xx.yy.zz`
+.. `rm -f dev/*.md5
 .. `cd dev/xx.yy.zz`
 .. pass:[<code>ls * | xargs -n1 -I {} echo "mv apache-tinkerpop-{} {}" | sed -e 's/distribution/bin/' -e 's/source-release/src/' -e 's/tinkerpop-tinkerpop/tinkerpop/' -e s'/^\(.*\) \(.*\) \(.*\)$/\1 \3 \2/' | /bin/bash</code>]
 .. `cd ..; svn add xx.yy.zz/; svn ci -m "TinkerPop xx.yy.zz release"`