Hi all, The sum is reuploaded now seems to be ok Thansk for reporing it
Regards Alin On Sun, Apr 18, 2021 at 7:25 PM Brennan Ashton <bash...@brennanashton.com> wrote: > On Sun, Apr 18, 2021 at 9:38 AM Abdelatif Guettouche > <abdelatif.guettou...@gmail.com> wrote: > > > > Is it just me or there is an issue with the checksum of the apps tar? > > > > Alin, > Can you check this an re-upload. You can verify locally as I showed here > > https://gist.github.com/btashton/ee474723013a7040186c91d41a4c7fad#check-the-release-artifacts > > After it is uploaded you can also run this script against the uploaded > files, which is where we see the bad checksum. > > ❯ ./tools/checkrelease.sh --url > https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0 > Downloading release files from > https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0/ > gpg: directory '/tmp/nuttx-checkrelease/.gnupg' created > gpg: keybox '/tmp/nuttx-checkrelease/.gnupg/pubring.kbx' created > gpg: /tmp/nuttx-checkrelease/.gnupg/trustdb.gpg: trustdb created > gpg: key E1B6E30DB05D6280: public key "Brennan Ashton > <btash...@apache.org>" imported > gpg: key 9E711BAD3264C061: public key "Alin Jerpelea > <alin.jerpe...@sony.com>" imported > gpg: Total number processed: 2 > gpg: imported: 2 > OK: > https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0/../KEYS > is imported. > Checking apache-nuttx-10.1.0-incubating.tar.gz sha512... > OK: apache-nuttx-10.1.0-incubating.tar.gz sha512 hash matches. > > Checking apache-nuttx-10.1.0-incubating.tar.gz GPG signature: > gpg: Signature made Sun 18 Apr 2021 07:03:03 AM PDT > gpg: using RSA key C26CE5B1F2F08DBC0C4DE2409E711BAD3264C061 > gpg: Good signature from "Alin Jerpelea <alin.jerpe...@sony.com>" > [unknown] > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner. > Primary key fingerprint: C26C E5B1 F2F0 8DBC 0C4D E240 9E71 1BAD 3264 C061 > OK: apache-nuttx-10.1.0-incubating.tar.gz gpg signature matches. > > Checking apache-nuttx-10.1.0-incubating.tar.gz for required files: > OK: all required files exist in nuttx. > > Checking apache-nuttx-apps-10.1.0-incubating.tar.gz sha512... > sha512sum: WARNING: 1 computed checksum did NOT match > apache-nuttx-apps-10.1.0-incubating.tar.gz: FAILED > - apache-nuttx-apps-10.1.0-incubating.tar.gz sha512 hash does not match. > > Checking apache-nuttx-apps-10.1.0-incubating.tar.gz GPG signature: > gpg: Signature made Sun 18 Apr 2021 07:03:03 AM PDT > gpg: using RSA key C26CE5B1F2F08DBC0C4DE2409E711BAD3264C061 > gpg: Good signature from "Alin Jerpelea <alin.jerpe...@sony.com>" > [unknown] > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner. > Primary key fingerprint: C26C E5B1 F2F0 8DBC 0C4D E240 9E71 1BAD 3264 C061 > OK: apache-nuttx-apps-10.1.0-incubating.tar.gz gpg signature matches. > > Checking apache-nuttx-apps-10.1.0-incubating.tar.gz for required files: > OK: all required files exist in apps. > > Trying to build nuttx sim:nsh... >