That is correct. The SHA1/MD5 files are automatically generated by the Maven Release Plugin, and there doesn't seem to be anyway to configure this to use SHA512 or override it. Furthermore:
https://infra.apache.org/maven-releases.html states: " Don't try to publish .sha256 or .sha512 files; Nexus doesn't handle them " So the best I could do was to include the SHA512 with the developer artefacts. On 2020/03/18 04:22:43, Paul King <pa...@asert.com.au> wrote: > Looks like under "The developer's version artifacts" you have the sha512 > hashes, but under the staging repo you just have sha1/md5. > > > On Wed, Mar 18, 2020 at 7:58 AM Justin Mclean <jus...@classsoftware.com> > wrote: > > > HI, > > > > -1 (binding) because of hash issue - but this is easily fixed without > > stopping the vote and there’s no need for a revote. Once change I check and > > change my vote to +1 > > > > I checked: > > - incubating in name > > - signature is fine (although it would be good to sigh with an apache > > email address) > > - hash needs to be sha256 or sha512 [1] > > - DISCLAIMER exits > > - LICENSE is OKish > > - NOTICE year is out of date (2016!) Please fix. > > - No unexpected binary files > > - Can compile from source > > > > License mentions "This product includes software developed at Yahoo! Inc.” > > but doesn’t say how that is licensed I think this needs to be in NOTICE not > > LICENSE as teh copyright headers have been relocated right? It also unclear > > where the code for MOA is bundled. > > > > Thanks, > > Justin > > > > 1. https://infra.apache.org/release-distribution-policy.html > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > > For additional commands, e-mail: general-h...@incubator.apache.org > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
