[Biopython-dev] Community help needed to verify checksums for past releases
Markus Piotrowski
Markus.Piotrowski at ruhr-uni-bochum.de
Wed May 18 12:45:07 UTC 2016
A Windows built-in tool is certUtil:
certUtil -hashfile pathToFileToCheck [HashAlgorithm]
HashAlgorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512
I have biopython-1.58.win32-py2.7.exe:
MD5: c4 45 46 34 3c 3d 2b 1d c9 77 24 81 74 85 84 e4
SHA256: 2f 55 ee 34 df 39 e8 0d d7 cb 46 69 4a 1f 55 52 f1 4a 53 37 42
a0 a8 18 52 3b ee 6e 72 cc be 2c
Am 18.05.2016 um 12:26 schrieb Peter Cock:
> Hello all,
>
> Thanks to community contributions, we've verified all the past
> *.tar.gz releases, which in turn let me check all the *.zip files too.
>
> I've also verified the most recent Windows installers for
> Biopython 1.65 and 1.66, but for historical completeness I would
> like to verify the checksums for all the older Windows releases.
>
> If anyone still has copies of the older Biopython installers
> (e.g. on older backup disks), please get in touch.
>
> You can use the mailing list, GitHub issue, or email me directly:
> https://github.com/biopython/biopython.github.io/issues/7
>
> Thank you!
>
> Peter
>
> On Tue, Apr 26, 2016 at 9:29 AM, Peter Cock <p.j.a.cock at googlemail.com> wrote:
>> Hello all,
>>
>> Good news: All the *.tar.gz files have been checked now.
>>
>> However, help is still needed: Most of the *.exe files have not
>> been checked yet. Also most of the *.zip files, but those are
>> not as important.
>>
>> --
>>
>> Many thanks to Martin Mokrejs who had a lot of the recent
>> tar-balls, which has filled out most of the recent releases.
>>
>> Martin and Andrey also suggested looking at the checksums
>> recorded by Ubuntu within their packaging .dsc files, although
>> unfortunately that does not seem to help - I think they must
>> recompress as .tar.xy before taking the checksums:
>> http://archive.ubuntu.com/ubuntu/pool/universe/p/python-biopython/
>>
>> They also mentioned Gentoo, whose git repository covers our
>> Biopython 1.65 and 1.66 releases so far:
>>
>> https://github.com/gentoo/gentoo/blob/master/sci-biology/biopython/Manifest
>>
>> And their CVS which older checksums...
>>
>> https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/sci-biology/biopython/Manifest?view=log
>>
>> Thanks to this I think I have now independently verified all the
>> Biopython *.tar.gz release files, and am currently trying to upload
>> them to GitHub at https://github.com/biopython/DIST
>>
>> Peter
>>
>> On Mon, Apr 25, 2016 at 11:01 PM, Peter Cock <p.j.a.cock at googlemail.com> wrote:
>>> Dear Biopython developers,
>>>
>>> Thank you to everyone who has helped with the website
>>> migration to GitHub - I think this has gone pretty well overall:
>>>
>>> https://biopython.org
>>>
>>> The good news is the new GitHub Pages website seems to
>>> be working nicely, and during this we've updated a lot of older
>>> content. While there is still lots to fine tune, for me this is the
>>> biggest remaining issue:
>>>
>>> *Providing all the past releases via GitHub Pages*
>>> https://github.com/biopython/biopython.github.io/issues/7
>>>
>>> The sudden Biopython website migration was forced by the old
>>> server failing after it was hacked to host spam advertising.
>>> I would like your help here with verifying the checksums of our
>>> past releases before putting them back online - just in case any
>>> of the files rescued from the old server were corrupted when it
>>> was hacked to host spam adverts. All the files checked so far
>>> are fine, so this is likely just me being paranoid.
>>>
>>> If anyone has old cached Biopython files under their Downloads
>>> folder etc, could you reply with their checksums please?
>>>
>>> Linux,
>>>
>>> shasum - a 256 ~/Downloads/biopython-*
>>> md5sum ~/Downloads/biopython-*
>>>
>>> Mac OS X,
>>>
>>> shasum - a 256 ~/Downloads/biopython-*
>>> md5 ~/Downloads/biopython-*
>>>
>>> (Checksum tools suggestions for Windows welcome)
>>>
>>> You can use the mailing list, GitHub issue, or email me directly:
>>> https://github.com/biopython/biopython.github.io/issues/7
>>>
>>> Don't worry about repeating checksums for files other people
>>> have reported, a little duplication here is a good thing ;)
>>>
>>> With hindsight it would have been good security practice to have
>>> included the checksums of our releases with the Biopython release
>>> announcements (and SHA256 would be better than MD5). We'll
>>> do that in future:
>>>
>>> https://github.com/biopython/biopython.github.io/issues/56
>>>
>>> Thank you,
>>>
>>> Peter
>>>
>>> (Speaking here as a Biopython developer. I am also the on
>>> the Open Bioinformatics Foundation board as the current
>>> secretary, and volunteer to do some of the lighter SysAdmin
>>> work on the OBF servers)
> _______________________________________________
> Biopython-dev mailing list
> Biopython-dev at mailman.open-bio.org
> http://mailman.open-bio.org/mailman/listinfo/biopython-dev
--
_________________________________
Dr. Markus Piotrowski
Privatdozent/Akademischer Rat
Lehrstuhl für Pflanzenphysiologie
ND 3/49
Universitätsstr. 150
44801 Bochum
Tel. xx49-(0)234-3224290
Fax. xx49-(0)234-3214187
http://www.ruhr-uni-bochum.de/pflaphy/Seiten_dt/PG_Piotrowski_d.html
http://homepage.ruhr-uni-bochum.de/Markus.Piotrowski/Index.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.open-bio.org/pipermail/biopython-dev/attachments/20160518/f783adfa/attachment.html>
More information about the Biopython-dev
mailing list