On 05/15/2012 11:04 AM, Philip Martin wrote: > Philip Martin <[email protected]> writes: > >> Please add your signatures to the .asc files there. >> You can use the release.py script for this: >> release.py sign-candidates --target /path/to/dist/dev/subversion/wc 1.7.5 >> which is the equivalent of running the following command for each >> tarball: >> gpg -ba -f - subversion-1.6.18.tar.bz2 >> subversion-1.6.18.tar.bz2.asc > > I copied this from previous announcements but I'm not sure the release > process is right here. The "release.py sign-candidates" suggestion > implies that we expect people to sign all the files but for previous > releases, when I was not release manager, I only signed the Unix > tarballs since that is what I tested. If people sign all the files it > makes it harder to determine whether we have the required number of > Windows/Unix signatures. > > We currently have 5 signatures on the Unix tarballs and 6 signatures on > the Windows zip file but from the mails to dev I believe that 1.7.5 > still requires another "real" Windows signature.
I've never signed the Windows ZIP files, and don't see why I should when I haven't personally verified their content. I suspect Johan and Paul are the only folks who've really tested the release on Windows. -- C. Michael Pilato <[email protected]> CollabNet <> www.collab.net <> Enterprise Cloud Development
signature.asc
Description: OpenPGP digital signature
