Alex,
I just pushed changes to the script and was able to generate on windows
signed artifacts! Now I can somehow build dmg on Mac. I hope that signing I
will be able to do on Windows, cause don't want to go through some
configuration for signing there.
I'm definitely not a Mac user.
Many Thanks
Hi Piotr,
In flex-utilities/flex-installer/build.xml, the "release" Ant target
should take you through signing. GPG is not used to generate the sha512
checksums, the Ant checksum task is instead and you will have to modify
those tasks in build.xml not only with the new algorithm but also the
corr
Hi Alex,
I decided revoke my old key and created new one. I signed releases once,
but now I cannot find myself with that. In the Apache resources there
suggestion how to configure gpg in order to have SHA-512 [1]. I did it but
I'm not sure if I do this archives will be signed appropriately.
gpg -
Hi Piotr,
I don't see any way to recover your passphrase. The advice I see is to
keep trying to remember what it was.
Otherwise, the advice says to create a new key and revoke the old one. I
could sign this release, but you might as well take the time to either
remember the passphrase or create
Unfortunately I did not remeber may passphrase for signing files. I have
private key, revoking keys, but don't know how to actually use it to
recover it. I did search some way, but cannot find straight instruction.
Can someone sign for me that release or pass some help on that ?
Thanks,
Piotr
20
Hi Alex,
I think it is a good idea to have 3.3.1 instead 3.4.
Thanks,
Piotr
2018-04-12 17:16 GMT+02:00 Alex Harui :
> Hi Piotr,
>
> I think I didn't use the right certificate for 3.2 so folks moving to 3.3
> had a problem. As long as you use the right certificates for 3.4 there
> shouldn't be
Hi Piotr,
I think I didn't use the right certificate for 3.2 so folks moving to 3.3
had a problem. As long as you use the right certificates for 3.4 there
shouldn't be a problem.
It occurs to me that we might want to call this release 3.3.1 instead of
3.4 since it is a single bug fix release, bu
Hi Alex,
IMO something rings into my head that we have had some problems with sign
certificates last time. Do you recall something ?
Thanks,
Piotr
2018-04-12 10:25 GMT+02:00 Alex Harui :
> I would skip last call and cut the RC. But yes, use SHA512 with a .sha512
> suffix.
>
> My 2 cents,
> -Al
I would skip last call and cut the RC. But yes, use SHA512 with a .sha512
suffix.
My 2 cents,
-Alex
On 4/12/18, 12:48 AM, "Piotr Zarzycki" wrote:
>Hi Guys,
>
>Since I was able to fix issue with OSMF I would like to prepare release
>candidate. Should I go through the LAST CALL ? Can I omit it a
