build: use sha256sum instead of sha1sum to sign releases
authorDavid Bremner <david@tethera.net>
Thu, 2 Mar 2017 00:44:47 +0000 (20:44 -0400)
committerDavid Bremner <david@tethera.net>
Thu, 2 Mar 2017 21:31:15 +0000 (17:31 -0400)
Makefile.global
Makefile.local

index d8f335af6c15b96f14853c55583b957320bba7cb..7a78e9b567af6ff96d00dddd1f15a5efdccdbaef 100644 (file)
@@ -43,8 +43,8 @@ RELEASE_URL=https://notmuchmail.org/releases
 TAR_FILE=$(PACKAGE)-$(VERSION).tar.gz
 ELPA_FILE:=$(PACKAGE)-emacs-$(ELPA_VERSION).tar
 DEB_TAR_FILE=$(PACKAGE)_$(VERSION).orig.tar.gz
 TAR_FILE=$(PACKAGE)-$(VERSION).tar.gz
 ELPA_FILE:=$(PACKAGE)-emacs-$(ELPA_VERSION).tar
 DEB_TAR_FILE=$(PACKAGE)_$(VERSION).orig.tar.gz
-SHA1_FILE=$(TAR_FILE).sha1
-GPG_FILE=$(SHA1_FILE).asc
+SHA256_FILE=$(TAR_FILE).sha256
+GPG_FILE=$(SHA256_FILE).asc
 
 PV_FILE=bindings/python/notmuch/version.py
 
 
 PV_FILE=bindings/python/notmuch/version.py
 
index 3548ed9665c974f236b7a01469da46bb15026641..d2ef3e080b7b266f46d894a59c6fb61c04124e5c 100644 (file)
@@ -36,12 +36,11 @@ $(TAR_FILE):
        gzip < $(TAR_FILE).tmp > $(TAR_FILE)
        @echo "Source is ready for release in $(TAR_FILE)"
 
        gzip < $(TAR_FILE).tmp > $(TAR_FILE)
        @echo "Source is ready for release in $(TAR_FILE)"
 
-$(SHA1_FILE): $(TAR_FILE)
-       sha1sum $^ > $@
+$(SHA256_FILE): $(TAR_FILE)
+       sha256sum $^ > $@
 
 
-$(GPG_FILE): $(SHA1_FILE)
-       @echo "Please enter your GPG password to sign the checksum."
-       gpg --armor --sign $^ 
+$(GPG_FILE): $(SHA256_FILE)
+       gpg --armor --sign $^
 
 .PHONY: dist
 dist: $(TAR_FILE)
 
 .PHONY: dist
 dist: $(TAR_FILE)