This was a mistake on my part. The last release had some problems in automation due to issues with our infrastructure (https://bugzilla.mozilla.org/show_bug.cgi?id=1263082). As a result I had to run some jobs manually and ran the checksums job in the wrong order so they were not copied over with the rest of the binaries. This has been resolved
https://bugzilla.mozilla.org/show_bug.cgi?id=1263831 No change in policy, we will continue to ship checksums with every release! thanks Kim On Tuesday, April 12, 2016 at 6:52:22 AM UTC-4, Neil Harris wrote: > I'm not sure if this is the right list for this, but I thought I'd > better bring this to your attention. > > Previous release directories have carried checksum files, with > signatures and a key file that allows the various binary files to be > validated. See, for example, > http://releases.mozilla.org/pub/firefox/releases/45.0.1/ > > In the most recent release, at > http://releases.mozilla.org/pub/firefox/releases/45.0.2/ , these files > appear to be missing, making it impossible to validate the release files > as authentic. > > This seems to me to be a backwards step for Firefox distribution > security. If this is an oversight, could it be remedied, please? If this > is a deliberate change, could someone please provide a rationale for the > changes? > > Kind regards, > > Neil Harris _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
