commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phil Steitz <>
Subject Re: [doc] First attempt at update to release.html
Date Mon, 13 Dec 2004 12:24:15 GMT
One more general comment that I did not know what to do with.  Steps 6 
and 7 (checksums and sigs) and 11 (upload) involve quite a bit of manual 
typing that is time consuming and can lead to errors.  For 6 and 7, I 
used the script below (please do not make fun of my limited bash skills 
;-).  I have another one that does verification separately (presumably 
from a different user ID). It would be nice to also have a script to 
create the symlinks in 11 automatically.  Does anyone have this?  Should 
these scripts a) go in committers/tools  b) be housed somewhere in j-c 
c) be summarized / embedded / linked in the instructions or d) none of 
the above?

# Creates detached ascii signatures and md5 hashes for each
# of the files in the current directory.
# Also verifies the signatures.
# For each file in the current directory, two new files
# are created:
#   <name>.asc -- ascii-armored detached PGP digital signature
#   <name>.md5 -- md5 hash (checksum)
# where <name> is the name of the file, not including file
# path.
# For example, foo-1.0-src.tar.gz in the current
# directory will result in foo-1.0-src.tar.gz.asc and
# foo-1.0-src.tar.gz.md5 added to the current directory.
# Deletes any .asc or .md5 files in the current directory
# before processing and does NOT recurse subdirectories.
# usage:
#     signAndHash
# requires:
#    gpg
#    openssl
`rm *.asc`
`rm *.md5`
for file in *; do
     if [ -f "$file" ]; then
         openssl md5 < $file > ${file}.md5
             gpg --armor --output ${file}.asc --detach-sig $file
             gpg --verify ${file}.asc $file

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message