commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Sicker <>
Subject Re: [ALL] Problems with default download page hash types
Date Thu, 15 Aug 2019 13:50:37 GMT
I know it’s policy, but why exactly do we have to provide checksum files
when the asc file is a already a checksum (and most likely based on SHA256
or 512 anyways)?

On Thu, Aug 15, 2019 at 04:03, sebb <> wrote:

> I have had to fix several download pages recently because they
> referred to sha512 instead of sha256.
> Please would RMs double-check that the pom has the correct setting and
> that the generated download_xyz.xml file corresponds with the file
> names?
> In future, I think the hash setting should *always* be specified in
> the pom, rather than relying on a default (*)
> How does one know whether the setting is missing by accident or design?
> (It does not help that the default has been changed twice fairly recently)
> Sebb.
> (*) IMO built-in defaults should only be used for values that are
> almost always correct, i.e. where it is unusual to see a different
> value. Defaults should never be changed.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:
> --
Matt Sicker <>

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message