You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@beam.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2016/12/19 06:32:58 UTC
[jira] [Commented] (BEAM-841) Releases should produce proper
MD5/SHA1 checksums
[ https://issues.apache.org/jira/browse/BEAM-841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15760315#comment-15760315 ]
Jean-Baptiste Onofré commented on BEAM-841:
-------------------------------------------
We use the gpg sign from the Apache POM: http://repo.maven.apache.org/maven2/org/apache/apache/18/apache-18.pom
{code}
<!--
We want to sign the artifact, the POM, and all attached artifacts
-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-release-artifacts</id>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
{code}
So, I would optionally create this PR on the Apache POM, as it's not directly relevant to Beam.
> Releases should produce proper MD5/SHA1 checksums
> -------------------------------------------------
>
> Key: BEAM-841
> URL: https://issues.apache.org/jira/browse/BEAM-841
> Project: Beam
> Issue Type: Improvement
> Components: build-system
> Affects Versions: 0.3.0-incubating
> Reporter: Sergio Fernández
> Priority: Trivial
>
> Currently {{09 7B 6A 0A C9 3E 71 C1 05 0C 71 65 E9 0C 4F AE}} is used, while most of the tools use the simpler format {{097b6a0ac93e71c1050c7165e90c4fae}} to allow automatically checking.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)