maint.mk: announce-gen with --no-print-checksums?

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

maint.mk: announce-gen with --no-print-checksums?

From:	Simon Josefsson
Subject:	maint.mk: announce-gen with --no-print-checksums?
Date:	Wed, 12 May 2021 22:15:37 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)

Hi!  I just made a new release of libidn2, and after posting the
announcement I noticed that hash checksums was missing from my
announcement.  It appears maint.mk's announce-gen rules always were like
this, I just didn't use them before.  May I suggest the patch below as a
starting point, to at least make this configurable in cfg.mk?  Untested,
primarily intended for discussion.

Further, one reason against dropping --no-print-checksums is that
announce-gen prints MD5 and SHA1 hashes.  While it may not matter in
some use-cases, both algorithms have been broken and it is possible to
generate a different file with the same hash.  For MD5 is relatively
cheap, for SHA1 it is expensive but within range for a lot of entities.

I think we should print checksums by default, drop MD5 but keep SHA1 for
a couple of more years, and introduce SHA224 or SHA256.  One issue is
that the SHA2 hashes in hex are longer and look ugly in email.  OpenSSH
is using base64 encoded SHA256 hashes in their announcements, but I'm
not sure what tools there are that can parse them.  I'm somewhat
inclined to follow their path and add support for base64 encoded hashes
in 'sha256sum', and then use that in announcen-gen.  Thoughts?

/Simon

diff --git a/top/maint.mk b/top/maint.mk
index ae3a8170a..0d8e99b4c 100644
--- a/top/maint.mk
+++ b/top/maint.mk
@@ -1409,6 +1409,7 @@ announcement_mail_headers_alpha =         \
 announcement_mail_Cc_beta = $(announcement_mail_Cc_alpha)
 announcement_mail_headers_beta = $(announcement_mail_headers_alpha)
 
+announce_gen_opts ?= --no-print-checksums
 announcement_mail_Cc_ ?= $(announcement_mail_Cc_$(release-type))
 announcement_mail_headers_ ?= $(announcement_mail_headers_$(release-type))
 announcement: NEWS ChangeLog $(rel-files)
@@ -1426,7 +1427,7 @@ announcement: NEWS ChangeLog $(rel-files)
            --bootstrap-tools=$(bootstrap-tools)                        \
            $$(case ,$(bootstrap-tools), in (*,gnulib,*)                \
               echo --gnulib-version=$(gnulib-version);; esac)          \
-           --no-print-checksums                                        \
+           $(announce_gen_opts)                                        \
            $(addprefix --url-dir=, $(url_dir_list))
 
 .PHONY: release-commit

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

maint.mk: announce-gen with --no-print-checksums?, Simon Josefsson <=
- Re: maint.mk: announce-gen with --no-print-checksums?, Paul Eggert, 2021/05/12

Prev by Date: Re: replacement for 'join'?
Next by Date: Re: maint.mk: announce-gen with --no-print-checksums?
Previous by thread: Re: replacement for 'join'?
Next by thread: Re: maint.mk: announce-gen with --no-print-checksums?
Index(es):
- Date
- Thread