You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Jan Høydahl (JIRA)" <ji...@apache.org> on 2018/09/07 21:20:00 UTC
[jira] [Created] (LUCENE-8493) Stop publishing .sha1 files with
releases
Jan Høydahl created LUCENE-8493:
-----------------------------------
Summary: Stop publishing .sha1 files with releases
Key: LUCENE-8493
URL: https://issues.apache.org/jira/browse/LUCENE-8493
Project: Lucene - Core
Issue Type: Task
Components: -tools
Reporter: Jan Høydahl
In LUCENE-7935 we added {{.sha512}} checksums to releases and removed {{.md5}} files.
According to the Release Distribution Policy ([http://www.apache.org/dev/release-distribution#sigs-and-sums)]:
{quote}For every artifact distributed to the public through Apache channels, the PMC
MUST supply a valid OpenPGP-compatible ASCII-armored detached signature file
MUST supply at least one checksum file
SHOULD supply a SHA-256 and/or SHA-512 checksum file
*SHOULD NOT supply a MD5 or SHA-1 checksum file* (because these are deprecated)
{quote}
So this Jira will stop publishing .sha1 files, leaving only the .sha512
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org