Use SHA 256 instead of MD5 in the release script

asmeurer · asmeurer · commit 088ba68312c0 · 2019-03-29T15:47:10.000-06:00
diff --git a/release/README.md b/release/README.md
@@ -60,9 +60,9 @@ script can take about an hour or so to run (depending on how long the tests
 take). Every time you re-run the script, it pulls from the branch and runs
 everything from scratch.
 
-At the end it will print two things, the list of authors, and the md5 sums.
+At the end it will print two things, the list of authors, and the sha256 sums.
 Copy the list of authors into the release notes. You should verify that the
-md5 sums of the release files are the same as what are printed.
+sha256 sums of the release files are the same as what are printed.
 
 # Tagging the release
 
diff --git a/release/rever.xsh b/release/rever.xsh
@@ -42,7 +42,7 @@ $ACTIVITIES = [
     'test_tarball36',
     'test_tarball37',
     'print_authors',
-    'md5',
+    'sha256',
     # 'tag',
 ]
 
@@ -201,17 +201,17 @@ Thanks to everyone who contributed to this release!
     print()
 
 @activity(deps={'source_tarball', 'build_docs'})
-def md5():
+def sha256():
     """
-    Print the md5 sums of the release files
+    Print the sha256 sums of the release files
     """
-    _md5(print_=True)
+    _sha256(print_=True)
 
-def _md5(print_=True, local=False):
+def _sha256(print_=True, local=False):
     if local:
-        out = $(md5sum @(release_files()))
+        out = $(shasum -a 256 @(release_files()))
     else:
-        out = $(md5sum /root/release/*)
+        out = $(shasum -a 256 /root/release/*)
     # Remove the release/ part for printing. Useful for copy-pasting into the
     # release notes.
     out = [i.split() for i in out.strip().split('\n')]
@@ -220,7 +220,7 @@ def _md5(print_=True, local=False):
         print(out)
     return out
 
-@activity(deps={'mailmap_update', 'md5', 'print_authors', 'source_tarball', 'build_docs', 'compare_tar_against_git', 'test_tarball27', 'test_tarball34', 'test_tarball35', 'test_tarball36', 'test_sympy'})
+@activity(deps={'mailmap_update', 'sha256', 'print_authors', 'source_tarball', 'build_docs', 'compare_tar_against_git', 'test_tarball27', 'test_tarball34', 'test_tarball35', 'test_tarball36', 'test_sympy'})
 def release():
     pass
 
@@ -541,7 +541,7 @@ def _GitHub_release(username=None, user='sympy', token=None,
 
         print(green("Done"))
 
-    # TODO: download the files and check that they have the right md5 sum
+    # TODO: download the files and check that they have the right sha256 sum
 
 def _size(print_=True):
     """
@@ -565,8 +565,8 @@ def table():
 
     tarball_formatter_dict['version'] = shortversion
 
-    md5s = [i.split('\t') for i in _md5(print_=False, local=True).split('\n')]
-    md5s_dict = {name: md5 for md5, name in md5s}
+    sha256s = [i.split('\t') for i in _sha256(print_=False, local=True).split('\n')]
+    sha256s_dict = {name: sha256 for sha256, name in sha256s}
 
     sizes = [i.split('\t') for i in _size(print_=False).split('\n')]
     sizes_dict = {name: size for size, name in sizes}
@@ -589,7 +589,7 @@ def table():
 
     with tag('table'):
         with tag('tr'):
-            for headname in ["Filename", "Description", "size", "md5"]:
+            for headname in ["Filename", "Description", "size", "sha256"]:
                 with tag("th"):
                     table.append(headname)
 
@@ -605,7 +605,7 @@ def table():
                 with tag('td'):
                     table.append(sizes_dict[name])
                 with tag('td'):
-                    table.append(md5s_dict[name])
+                    table.append(sha256s_dict[name])
 
     out = ' '.join(table)
     return out
