SHA512SUMS: no hash for source code

RESOLVED FIXED

Status

RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: jjk, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:41.0) Gecko/20100101 Firefox/41.0
Build ID: 20151020195130

Steps to reproduce:

Seems https://ftp.mozilla.org/pub/firefox/releases/latest/SHA512SUMS contains hashes for just about all the files, save for the source code (source/firefox-42.0.source.tar.xz)

Since that's how one can get PGP signature checking done (via SHA512SUMS.asc), it means the source code cannot be verified anymore.

Updated

3 years ago
Component: Untriaged → Releases
Product: Firefox → Release Engineering
QA Contact: rail
Version: 42 Branch → unspecified
It'll be fixed by bug 1222872.
Component: Releases → Release Automation
Depends on: 1222872
QA Contact: rail → bhearsum
Bug 1222872 has landed so new releases will have the source.tar.xz in SHA512SUMS. I've manually fixed up that file for 42.0, but it may be cached for a while by the CDN. Thanks for letting us know.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.