Hi all,

The sum is reuploaded now seems to be ok
Thansk for reporing it

Regards
Alin


On Sun, Apr 18, 2021 at 7:25 PM Brennan Ashton <bash...@brennanashton.com>
wrote:

> On Sun, Apr 18, 2021 at 9:38 AM Abdelatif Guettouche
> <abdelatif.guettou...@gmail.com> wrote:
> >
> > Is it just me or there is an issue with the checksum of the apps tar?
> >
>
> Alin,
> Can you check this an re-upload. You can verify locally as I showed here
>
> https://gist.github.com/btashton/ee474723013a7040186c91d41a4c7fad#check-the-release-artifacts
>
> After it is uploaded you can also run this script against the uploaded
> files, which is where we see the bad checksum.
>
> ❯ ./tools/checkrelease.sh --url
> https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0
> Downloading release files from
> https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0/
> gpg: directory '/tmp/nuttx-checkrelease/.gnupg' created
> gpg: keybox '/tmp/nuttx-checkrelease/.gnupg/pubring.kbx' created
> gpg: /tmp/nuttx-checkrelease/.gnupg/trustdb.gpg: trustdb created
> gpg: key E1B6E30DB05D6280: public key "Brennan Ashton
> <btash...@apache.org>" imported
> gpg: key 9E711BAD3264C061: public key "Alin Jerpelea
> <alin.jerpe...@sony.com>" imported
> gpg: Total number processed: 2
> gpg:               imported: 2
>  OK:
> https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0/../KEYS
> is imported.
> Checking apache-nuttx-10.1.0-incubating.tar.gz sha512...
>  OK: apache-nuttx-10.1.0-incubating.tar.gz sha512 hash matches.
>
> Checking apache-nuttx-10.1.0-incubating.tar.gz GPG signature:
> gpg: Signature made Sun 18 Apr 2021 07:03:03 AM PDT
> gpg:                using RSA key C26CE5B1F2F08DBC0C4DE2409E711BAD3264C061
> gpg: Good signature from "Alin Jerpelea <alin.jerpe...@sony.com>"
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: C26C E5B1 F2F0 8DBC 0C4D  E240 9E71 1BAD 3264 C061
>  OK: apache-nuttx-10.1.0-incubating.tar.gz gpg signature matches.
>
> Checking apache-nuttx-10.1.0-incubating.tar.gz for required files:
>  OK: all required files exist in nuttx.
>
> Checking apache-nuttx-apps-10.1.0-incubating.tar.gz sha512...
> sha512sum: WARNING: 1 computed checksum did NOT match
> apache-nuttx-apps-10.1.0-incubating.tar.gz: FAILED
>  - apache-nuttx-apps-10.1.0-incubating.tar.gz sha512 hash does not match.
>
> Checking apache-nuttx-apps-10.1.0-incubating.tar.gz GPG signature:
> gpg: Signature made Sun 18 Apr 2021 07:03:03 AM PDT
> gpg:                using RSA key C26CE5B1F2F08DBC0C4DE2409E711BAD3264C061
> gpg: Good signature from "Alin Jerpelea <alin.jerpe...@sony.com>"
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: C26C E5B1 F2F0 8DBC 0C4D  E240 9E71 1BAD 3264 C061
>  OK: apache-nuttx-apps-10.1.0-incubating.tar.gz gpg signature matches.
>
> Checking apache-nuttx-apps-10.1.0-incubating.tar.gz for required files:
>  OK: all required files exist in apps.
>
> Trying to build nuttx sim:nsh...
>

Reply via email to