Commit 7120c4a7484d5a960c94f92ae67057c6a7881d15
1 parent
4e8d21d8
Use sha256 for signing release files
Showing
2 changed files
with
13 additions
and
6 deletions
ChangeLog
| 1 | 1 | 2020-10-25 Jay Berkenbilt <ejb@ql.org> |
| 2 | 2 | |
| 3 | + * When signing distribution files, generate sha256 checksums | |
| 4 | + instead of md5, sha1, and sha512. sha256 seems to be more widely | |
| 5 | + used, and there's no reason to use md5 or sha1 anymore. | |
| 6 | + | |
| 3 | 7 | * Official Windows releases are now built using the openssl crypto |
| 4 | 8 | provider. The native provider is still available for selection at |
| 5 | 9 | runtime using the QPDF_CRYPTO_PROVIDER environment variable. | ... | ... |
README-maintainer
| ... | ... | @@ -112,6 +112,11 @@ RELEASE PREPARATION |
| 112 | 112 | search for copyright. Don't forget copyright in manual. Also update |
| 113 | 113 | debian copyright in debian package. Last updated: 2020. |
| 114 | 114 | |
| 115 | +* Take a look at "External Libraries" in TODO to see if we need to | |
| 116 | + make any changes. There is still some automation work left to do, so | |
| 117 | + handling external-libs releases is still manual. See also | |
| 118 | + README-maintainer in external-libs. | |
| 119 | + | |
| 115 | 120 | * Check for open fuzz crashes at https://oss-fuzz.com |
| 116 | 121 | |
| 117 | 122 | * Check lgtm: https://lgtm.com/projects/g/qpdf/qpdf/?mode=list |
| ... | ... | @@ -244,13 +249,11 @@ gpg --detach-sign --armor qpdf-$version.tar.gz |
| 244 | 249 | Windows binaries, the AppImage, the source tarball, and the source |
| 245 | 250 | tarball signature. |
| 246 | 251 | |
| 247 | -\rm -f *.{md5,sha1,sha512} | |
| 252 | +\rm -f *.sha256 | |
| 248 | 253 | files=(*) |
| 249 | -for i in md5 sha1 sha512; do | |
| 250 | - ${i}sum ${files[*]} >| qpdf-$version.$i | |
| 251 | - gpg --clearsign --armor qpdf-$version.$i | |
| 252 | - mv qpdf-$version.$i.asc qpdf-$version.$i | |
| 253 | -done | |
| 254 | +sha256sum ${files[*]} >| qpdf-$version.sha256 | |
| 255 | +gpg --clearsign --armor qpdf-$version.sha256 | |
| 256 | +mv qpdf-$version.sha256.asc qpdf-$version.sha256 | |
| 254 | 257 | chmod 444 * |
| 255 | 258 | chmod 555 *.AppImage |
| 256 | 259 | ... | ... |