diff options
author | Julian Taylor <jtaylor.debian@googlemail.com> | 2014-06-08 15:56:58 +0200 |
---|---|---|
committer | Julian Taylor <jtaylor.debian@googlemail.com> | 2014-08-09 12:38:31 +0200 |
commit | a64223f11a374d3eadbf86f849aef26bc6a7e369 (patch) | |
tree | 83f467eb6168beec1c531bc03a429dd2b939461e | |
parent | e808f2d7353965b9687ebd285a80f8c389e191fe (diff) | |
download | numpy-a64223f11a374d3eadbf86f849aef26bc6a7e369.tar.gz |
BLD: compute sha256 sums of build artifacts
Using a secure hash allows verifying ther binaries from a gpg signed
README.txt.
MD5 just kept for legacy users who may not be able to obtain a sha256
utility.
-rw-r--r-- | pavement.py | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/pavement.py b/pavement.py index 54890bcef..b51ac137a 100644 --- a/pavement.py +++ b/pavement.py @@ -67,6 +67,7 @@ import subprocess import re try: from hashlib import md5 + from hashlib import sha256 except ImportError: from md5 import md5 @@ -565,9 +566,20 @@ def sdist(options): def compute_md5(idirs): released = paver.path.path(idirs).listdir() checksums = [] - for f in released: + for f in sorted(released): m = md5(open(f, 'r').read()) - checksums.append('%s %s' % (m.hexdigest(), f)) + checksums.append('%s %s' % (m.hexdigest(), os.path.basename(f))) + + return checksums + +def compute_sha256(idirs): + # better checksum so gpg signed README.txt containing the sums can be used + # to verify the binaries instead of signing all binaries + released = paver.path.path(idirs).listdir() + checksums = [] + for f in sorted(released): + m = sha256(open(f, 'r').read()) + checksums.append('%s %s' % (m.hexdigest(), os.path.basename(f))) return checksums @@ -583,8 +595,17 @@ def write_release_task(options, filename='NOTES.txt'): Checksums ========= +MD5 +~~~ + """) ftarget.writelines(['%s\n' % c for c in compute_md5(idirs)]) + ftarget.writelines(""" +SHA256 +~~~~~~ + +""") + ftarget.writelines(['%s\n' % c for c in compute_sha256(idirs)]) def write_log_task(options, filename='Changelog'): st = subprocess.Popen( |