On Mon, Mar 11, 2013 at 1:17 PM, Owen O'Malley <omal...@apache.org> wrote: > On Sun, Mar 10, 2013 at 8:13 PM, sebb <seb...@gmail.com> wrote: > > The ambari-1.2.1-incubating.tar.gz.mds file is wrong; there should be >> separate files for each hash type. >> Normally only MD5 and SHA are provided. >> > > In what way are they "wrong?" It is a perfectly well defined output format > that is the preferred one for Ambari. Depending on MD5 or even SHA1 for > tamper detection is in fact wrong.
Is there any particular reason to introduce this type of inconsistency? At least in Hadoop ecosystem I know of no other project that provides a combined bundle for the checksums. This makes the job of the tools that automatically download apache tarballs and ingest them into a build pipeline more complicated without much obvious benefit. Thanks, Roman. --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
