I've not looked into it... On May 10, 2016 2:30 AM, "Benedikt Ritter" <brit...@apache.org> wrote:
> Hi Gary, > > What changes are required for this? Is this just a setting in > commons-parent? > > Benedikt > > Gary Gregory <garydgreg...@gmail.com> schrieb am Di., 10. Mai 2016 um > 02:51 Uhr: > > > Should we follow suit? > > > > Gary > > > > ---------- Forwarded message ---------- > > From: David M Williams <david_willi...@us.ibm.com> > > Date: Mon, May 9, 2016 at 5:37 PM > > Subject: [eclipse-dev] Notice that Eclipse Platform plans to no longer > > provide MD5 and SHA1 checksums for Neon (but still SHA512) > > To: eclipse-...@eclipse.org, equinox-...@eclipse.org, > > cross-project-issues-...@eclipse.org > > > > > > The topic of this note is about the downloads and checksums obtained > > directly from the the Eclipse Project. It does not involve the checksums > > from the "select a mirror" page -- that is controlled by the Eclipse > > Foundation -- nor any of the packages downloaded from > > http://www.eclipse.org/downloads-- also controlled by the Eclipse > > Foundation. My intuition is that few "casual users" use our checksums > but > > some adopters or committers might use them in automated scripts or > builds. > > > > If any of you do get checksums directly from > > .../eclipse/downloads/drops4/<buildid>/checksum/... then this note is for > > you. > > > > We announced in Luna we would "stop producing MD5 and SHA1 checksums" > after > > Luna's release (*Bug 423714* > > <https://bugs.eclipse.org/bugs/show_bug.cgi?id=423714>)... and I am just > > now getting around to it. Since it has been a long time since that > > announcement, and since we are late in this cycle, I am cross-posting to > 3 > > lists to be sure those that might be impacted will be notified. > > > > We will continue to provide SHA512 checksums and I recently decided to > also > > provide SHA256 checksums since SHA256 seems to be popular "in the > > industry". > > > > This RC1 effort is documented in *Bug 454784* > > <https://bugs.eclipse.org/bugs/show_bug.cgi?id=454784>. If the removal > of > > the MD5 and SHA1 checksums would unduly burden anyone, please say so in > > that *Bug 454784* <https://bugs.eclipse.org/bugs/show_bug.cgi?id=454784> > > and > > we would be happy to accommodate. > > > > I will soon be updating our wiki on *How to verify a download* > > < > > > http://wiki.eclipse.org/Platform-releng/How_to_check_integrity_of_downloads > > > > > to contain accurate information for Neon, but wanted to get this notice > out > > now so if you are negatively impacted you would have time to say so. > > > > Thank you, > > > > > > > > > > > > > > _______________________________________________ > > eclipse-dev mailing list > > eclipse-...@eclipse.org > > To change your delivery options, retrieve your password, or unsubscribe > > from this list, visit > > https://dev.eclipse.org/mailman/listinfo/eclipse-dev > > > > > > > > -- > > E-Mail: garydgreg...@gmail.com | ggreg...@apache.org > > Java Persistence with Hibernate, Second Edition > > <http://www.manning.com/bauer3/> > > JUnit in Action, Second Edition <http://www.manning.com/tahchiev/> > > Spring Batch in Action <http://www.manning.com/templier/> > > Blog: http://garygregory.wordpress.com > > Home: http://garygregory.com/ > > Tweet! http://twitter.com/GaryGregory > > >
