https://bz.apache.org/bugzilla/show_bug.cgi?id=62695
Bug ID: 62695
Summary: Provide sha512 for Tomcat releases published to Maven
Product: Tomcat 9
Version: 9.0.x
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Packaging
Assignee: dev@tomcat.apache.org
Reporter: knst.koli...@gmail.com
Target Milestone: -----
Reviewing release candidates for Tomcat 8.5.34, 9.0.12, their artifacts at
Maven staging repository have only md5 and sha1 checksums.
This can bee seen here:
[1]
https://repository.apache.org/content/repositories/orgapachetomcat-1193/org/apache/tomcat/tomcat/9.0.12/
[2]
https://repository.apache.org/content/repositories/orgapachetomcat-1194/org/apache/tomcat/tomcat/8.5.34/
The new distribution requirements at ASF has been discussed elsewhere and I
know that for Apache Parent POM the feature to implement more secure checksums
is tracked as
[3] https://issues.apache.org/jira/browse/MPOM-205
The project fro Apache Parent POM is
[4] https://maven.apache.org/pom/asf/
At [4] scroll down for "History" and see the "diff" link for changes between
versions 21 and 20. A step was added to manually generate *.sha512 files at
build time.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
