You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@arrow.apache.org by uw...@apache.org on 2018/09/20 08:53:51 UTC
[arrow] branch master updated: ARROW-3069: [Release] Stop using
SHA1 checksums per ASF policy
This is an automated email from the ASF dual-hosted git repository.
uwe pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/arrow.git
The following commit(s) were added to refs/heads/master by this push:
new 78886e4 ARROW-3069: [Release] Stop using SHA1 checksums per ASF policy
78886e4 is described below
commit 78886e4176889d55cbc9fc1b5c1bb84d3d46dd82
Author: Krisztián Szűcs <sz...@gmail.com>
AuthorDate: Thu Sep 20 10:53:36 2018 +0200
ARROW-3069: [Release] Stop using SHA1 checksums per ASF policy
Not tested yet.
Author: Krisztián Szűcs <sz...@gmail.com>
Closes #2584 from kszucs/ARROW-3069 and squashes the following commits:
3f16e458 <Krisztián Szűcs> update crossbow and verification scripts
---
dev/release/js-source-release.sh | 1 -
dev/release/js-verify-release-candidate.sh | 6 +++---
dev/release/verify-release-candidate.sh | 6 +++---
dev/tasks/crossbow.py | 2 +-
4 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/dev/release/js-source-release.sh b/dev/release/js-source-release.sh
index 49d2858..368bcd1 100755
--- a/dev/release/js-source-release.sh
+++ b/dev/release/js-source-release.sh
@@ -118,7 +118,6 @@ ${SOURCE_DIR}/run-rat.sh ${tarball}
# sign the archive
gpg --armor --output ${tarball}.asc --detach-sig ${tarball}
-sha1sum $tarball > ${tarball}.sha1
sha256sum $tarball > ${tarball}.sha256
sha512sum $tarball > ${tarball}.sha512
diff --git a/dev/release/js-verify-release-candidate.sh b/dev/release/js-verify-release-candidate.sh
index 039c94d..edabb4c 100755
--- a/dev/release/js-verify-release-candidate.sh
+++ b/dev/release/js-verify-release-candidate.sh
@@ -54,14 +54,14 @@ fetch_archive() {
local dist_name=$1
download_rc_file ${dist_name}.tar.gz
download_rc_file ${dist_name}.tar.gz.asc
- download_rc_file ${dist_name}.tar.gz.sha1
+ download_rc_file ${dist_name}.tar.gz.sha256
download_rc_file ${dist_name}.tar.gz.sha512
gpg --verify ${dist_name}.tar.gz.asc ${dist_name}.tar.gz
if [ "$(uname)" == "Darwin" ]; then
- shasum -a 1 ${dist_name}.tar.gz | diff - ${dist_name}.tar.gz.sha1
+ shasum -a 256 ${dist_name}.tar.gz | diff - ${dist_name}.tar.gz.sha256
shasum -a 512 ${dist_name}.tar.gz | diff - ${dist_name}.tar.gz.sha512
else
- sha1sum ${dist_name}.tar.gz | diff - ${dist_name}.tar.gz.sha1
+ sha256sum ${dist_name}.tar.gz | diff - ${dist_name}.tar.gz.sha256
sha512sum ${dist_name}.tar.gz | diff - ${dist_name}.tar.gz.sha512
fi
}
diff --git a/dev/release/verify-release-candidate.sh b/dev/release/verify-release-candidate.sh
index 4eba3c2..dc0f08f 100755
--- a/dev/release/verify-release-candidate.sh
+++ b/dev/release/verify-release-candidate.sh
@@ -74,11 +74,11 @@ fetch_archive() {
local dist_name=$1
download_rc_file ${dist_name}.tar.gz
download_rc_file ${dist_name}.tar.gz.asc
- download_rc_file ${dist_name}.tar.gz.sha1
download_rc_file ${dist_name}.tar.gz.sha256
+ download_rc_file ${dist_name}.tar.gz.sha512
gpg --verify ${dist_name}.tar.gz.asc ${dist_name}.tar.gz
- shasum -a 1 -c ${dist_name}.tar.gz.sha1
shasum -a 256 -c ${dist_name}.tar.gz.sha256
+ shasum -a 512 -c ${dist_name}.tar.gz.sha512
}
verify_binary_artifacts() {
@@ -106,8 +106,8 @@ verify_binary_artifacts() {
# basename of the artifact
pushd $(dirname $artifact)
base_artifact=$(basename $artifact)
- shasum -a 1 -c $base_artifact.sha1 || exit 1
shasum -a 256 -c $base_artifact.sha256 || exit 1
+ shasum -a 512 -c $base_artifact.sha512 || exit 1
popd
done
}
diff --git a/dev/tasks/crossbow.py b/dev/tasks/crossbow.py
index 324b997..cb7a13d 100755
--- a/dev/tasks/crossbow.py
+++ b/dev/tasks/crossbow.py
@@ -700,7 +700,7 @@ def hashbytes(bytes, algoname):
type=click.Path(file_okay=False, dir_okay=True),
help='Directory to download the build artifacts')
@click.option('-a', '--algorithm',
- default=['sha1', 'sha256'],
+ default=['sha256', 'sha512'],
show_default=True,
type=click.Choice(sorted(hashlib.algorithms_guaranteed)),
multiple=True,