Hi. Le jeu. 11 juil. 2024 à 19:57, Alex Herbert <alex.d.herb...@gmail.com> a écrit : > > [...] > > > > > > Signatures may be validated on a system supporting a bash Unix shell by > > > executing: > > > svn co https://dist.apache.org/repos/dist/dev/commons/rng/1.6-RC2/ > > > cd 1.6-RC2 > > > chmod +x ./signature-validator.sh > > > for m in client-api core simple sampling bom; do > > > ./signature-validator.sh > > > > > https://repository.apache.org/content/repositories/orgapachecommons-1755/org/apache/commons/commons-rng-${m}/1.6/ > > ; > > > done > > > > It would be worth reminding that a copy/paste of the above on the > > command-line will not work (although the script outputs both "ERROR" > > and "SUCCESSFUL VALIDATION" which is confusing/misleading). > > > > Couldn't the script be auto-generated (rather than just copied I presume) > > to also contain the "for-loop" specific to each component? > > > > Maybe. There is a lot that could be improved in the release plugin for > multi-module releases. I added that line manually to the vote email. I > added a lot of other things too. The loop worked when copy and pasted from > my source email. Maybe line wrapping has broken it. > > If we are not going to suggest using the signature validator, then why do > we even bother generating it? It seems strange, which is why I made an > attempt to suggest using it.
The script is a great improvement over downloading all the artefacts manually; it's just too easy to use it wrongly and still have the impression that it did something useful. When I pasted ---CUT--- for m in client-api core simple sampling bom; do ./signature-validator.sh https://repository.apache.org/content/repositories/orgapachecommons-1755/org/apache/commons/commons-rng-${m}/1.6/ done ---CUT--- in a file, all the artefacts were downloaded and the signature checks were (really) successful. So it works fine for a multi-module component. The improvement would be the added robustness of having the above three lines generated, and become part of the (release-specific) script. Gilles > > [...] --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
