Thanks Alin & Brennan. +1 for me: - LICENSE, NOTICE and DISCLAIMER files exit in both repos. - Signatures and checksums valid. - Can build from source.
On Sun, Apr 18, 2021 at 6:41 PM Alin Jerpelea <jerpe...@gmail.com> wrote: > > Hi all, > > The sum is reuploaded now seems to be ok > Thansk for reporing it > > Regards > Alin > > > On Sun, Apr 18, 2021 at 7:25 PM Brennan Ashton <bash...@brennanashton.com> > wrote: > > > On Sun, Apr 18, 2021 at 9:38 AM Abdelatif Guettouche > > <abdelatif.guettou...@gmail.com> wrote: > > > > > > Is it just me or there is an issue with the checksum of the apps tar? > > > > > > > Alin, > > Can you check this an re-upload. You can verify locally as I showed here > > > > https://gist.github.com/btashton/ee474723013a7040186c91d41a4c7fad#check-the-release-artifacts > > > > After it is uploaded you can also run this script against the uploaded > > files, which is where we see the bad checksum. > > > > ❯ ./tools/checkrelease.sh --url > > https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0 > > Downloading release files from > > https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0/ > > gpg: directory '/tmp/nuttx-checkrelease/.gnupg' created > > gpg: keybox '/tmp/nuttx-checkrelease/.gnupg/pubring.kbx' created > > gpg: /tmp/nuttx-checkrelease/.gnupg/trustdb.gpg: trustdb created > > gpg: key E1B6E30DB05D6280: public key "Brennan Ashton > > <btash...@apache.org>" imported > > gpg: key 9E711BAD3264C061: public key "Alin Jerpelea > > <alin.jerpe...@sony.com>" imported > > gpg: Total number processed: 2 > > gpg: imported: 2 > > OK: > > https://dist.apache.org/repos/dist/dev/incubator/nuttx/10.1.0-RC0/../KEYS > > is imported. > > Checking apache-nuttx-10.1.0-incubating.tar.gz sha512... > > OK: apache-nuttx-10.1.0-incubating.tar.gz sha512 hash matches. > > > > Checking apache-nuttx-10.1.0-incubating.tar.gz GPG signature: > > gpg: Signature made Sun 18 Apr 2021 07:03:03 AM PDT > > gpg: using RSA key C26CE5B1F2F08DBC0C4DE2409E711BAD3264C061 > > gpg: Good signature from "Alin Jerpelea <alin.jerpe...@sony.com>" > > [unknown] > > gpg: WARNING: This key is not certified with a trusted signature! > > gpg: There is no indication that the signature belongs to the > > owner. > > Primary key fingerprint: C26C E5B1 F2F0 8DBC 0C4D E240 9E71 1BAD 3264 C061 > > OK: apache-nuttx-10.1.0-incubating.tar.gz gpg signature matches. > > > > Checking apache-nuttx-10.1.0-incubating.tar.gz for required files: > > OK: all required files exist in nuttx. > > > > Checking apache-nuttx-apps-10.1.0-incubating.tar.gz sha512... > > sha512sum: WARNING: 1 computed checksum did NOT match > > apache-nuttx-apps-10.1.0-incubating.tar.gz: FAILED > > - apache-nuttx-apps-10.1.0-incubating.tar.gz sha512 hash does not match. > > > > Checking apache-nuttx-apps-10.1.0-incubating.tar.gz GPG signature: > > gpg: Signature made Sun 18 Apr 2021 07:03:03 AM PDT > > gpg: using RSA key C26CE5B1F2F08DBC0C4DE2409E711BAD3264C061 > > gpg: Good signature from "Alin Jerpelea <alin.jerpe...@sony.com>" > > [unknown] > > gpg: WARNING: This key is not certified with a trusted signature! > > gpg: There is no indication that the signature belongs to the > > owner. > > Primary key fingerprint: C26C E5B1 F2F0 8DBC 0C4D E240 9E71 1BAD 3264 C061 > > OK: apache-nuttx-apps-10.1.0-incubating.tar.gz gpg signature matches. > > > > Checking apache-nuttx-apps-10.1.0-incubating.tar.gz for required files: > > OK: all required files exist in apps. > > > > Trying to build nuttx sim:nsh... > >
