I have had to fix several download pages recently because they referred to sha512 instead of sha256.
Please would RMs double-check that the pom has the correct setting and that the generated download_xyz.xml file corresponds with the file names? In future, I think the hash setting should *always* be specified in the pom, rather than relying on a default (*) How does one know whether the setting is missing by accident or design? (It does not help that the default has been changed twice fairly recently) Sebb. (*) IMO built-in defaults should only be used for values that are almost always correct, i.e. where it is unusual to see a different value. Defaults should never be changed. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
