commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: [all] How to prevent mvn deploy to skip certain artifacts
Date Thu, 04 Apr 2013 11:06:28 GMT
On 4 April 2013 05:25, Mladen Turk <mturk@apache.org> wrote:

> On 04/03/2013 08:29 PM, sebb wrote:
>
>> On 3 April 2013 11:19, Mladen Turk <mturk@apache.org> wrote:
>>
>>>
>>>>>  Unfortunately that also detaches the archives from the hash generation
>>>> process.
>>>> So you need to add code (e.g. antrun) to create the hashes.
>>>>
>>>>
>>>>  That's fine. I know how to use md5sum and gpg. No need for ant :)
>>>
>>>
>>>  The build process is supposed to be reproducibleby others, so the Maven
>> issues need to be fixed.
>>
>>
> Why? It's a RM's job to sign the files at the time he proposes a vote.
> That's the only time this stuff is needed.
>

The sigs and hashes are only generated when the release profile is used.


> The best would be to have some sort of 'dist' target that would prepare
> the stuff for non-maven publishing. Other then that there is no reason
> to sign or hash the files (as part of standard build process)
>
>
See above - that already happens.


>
>
>>
>>> Anyhow, gpg sign fails for commons-parent #28. #27 and earlier work.
>>>
>>>
>>>  First I've heard of that.
>> CP 28 has been used successfully elsewhere AFAIK.
>>
>>
> I'm using Fedora18. I'll try on other OS's.
>
>
>
> Regards
> --
> ^TM
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: dev-unsubscribe@commons.**apache.org<dev-unsubscribe@commons.apache.org>
> For additional commands, e-mail: dev-help@commons.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message