On Mon, Jun 5, 2017 at 2:56 PM, Kalle Sommer Nielsen <ka...@php.net> wrote: >> That's not a terrible idea. I'll script something up to download, >> verify gpg if it's available (verify existing m5 if it's not), and >> generate a sha256 from it resulting in a diff to >> web-php/include/releases.inc . Can do that irrespective of whether or >> not we stop adding md5s. > > We also got MD5 checksums over at the QA site, but I recently (like a > year ago) added SHA-256 checksums there, so it should be really easy > to get rid of the MD5s > BTW, a point came up on the RMs list to back-supply SHA256 checksums for old releases. I'm tossing together a script to download, verify (GPG where possible, MD5 where not), then generating a new SHA256 and committing the additions to web-php/include/releases.inc
I'll try to get that done asap (gated by download speed, essentially). -Sara -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
