geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Bohn <joe.b...@earthlink.net>
Subject Re: [DISCUSS] do additional artifacts need to be removed as part of the release process.
Date Mon, 12 May 2008 13:31:09 GMT
Rick McGuire wrote:
> This is an issue that came up with the vote on 1.0 Yoko release.  The 
> new release process detailed at
> 
> http://cwiki.apache.org/confluence/display/GMOxPMGT/Geronimo+release+process 
> 
> 
> generates a bunch of extra artifacts that are .md5 and sha1 signatures 
> for the .asc files. So, for every jar file, you will get a .asc file, 
> plus additional asc.md5 and asc.sha1 files.
> In our old release process, one of the steps was to erase all of the 
> *.asc.* files before staging the release for a vote.  Now that this is 
> done automatically by using the plugins, these extra artifacts get 
> included, and even get staged to the repos.  For example, see the 
> artifacts that got published for the last javamail release, which was 
> the most recent release to use this process:
> 
> http://repo1.maven.org/maven2/org/apache/geronimo/javamail/geronimo-javamail_1.4_provider/1.4/

> 
> 
> Should our release process include the step to delete these additional 
> files?  Or should this be something that should/could be fixed in the 
> plugin so that these extraneous files don't get included accidentally?


I had the same question when I released javamail.  After some thought I 
decided that the extra files didn't hurt anything and provide some 
measure of additional security in that you could (and perhaps should) 
verify that the asc files themselves haven't been corrupted.

Joe

Mime
View raw message