You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by sl...@apache.org on 2022/04/18 15:20:26 UTC
[maven-apache-parent] 01/01: [MPOM-286] org.apache:apache should conform with needed Sonatype checksums on deployment
This is an automated email from the ASF dual-hosted git repository.
slachiewicz pushed a commit to branch MPOM-286
in repository https://gitbox.apache.org/repos/asf/maven-apache-parent.git
commit 67decf40547bcb1b19a8b72ffedff37d8a373ab0
Author: Tibor Digaňa <ti...@apache.org>
AuthorDate: Thu Jan 13 18:40:11 2022 +0100
[MPOM-286] org.apache:apache should conform with needed Sonatype checksums on deployment
---
pom.xml | 56 ++++++++++++++++++++++++++++----------------------------
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/pom.xml b/pom.xml
index ecc0fda..04d4e36 100644
--- a/pom.xml
+++ b/pom.xml
@@ -375,6 +375,34 @@ under the License.
</execution>
</executions>
</plugin>
+ <!-- calculate checksums of source release for Apache dist area -->
+ <plugin>
+ <groupId>net.nicoulaj.maven.plugins</groupId>
+ <artifactId>checksum-maven-plugin</artifactId>
+ <version>1.11</version>
+ <executions>
+ <execution>
+ <id>source-release-checksum</id>
+ <goals>
+ <goal>artifacts</goal>
+ </goals>
+ <!-- execute prior to maven-gpg-plugin:sign due to https://github.com/nicoulaj/checksum-maven-plugin/issues/112 -->
+ <phase>post-integration-test</phase>
+ <configuration>
+ <algorithms>
+ <algorithm>SHA-512</algorithm>
+ </algorithms>
+ <!-- https://maven.apache.org/apache-resource-bundles/#source-release-assembly-descriptor -->
+ <includeClassifiers>source-release</includeClassifiers>
+ <excludeMainArtifact>true</excludeMainArtifact>
+ <csvSummary>false</csvSummary>
+ <!-- attach SHA-512 checksum as well to upload to Maven Staging Repo,
+ as this eases uploading from stage to dist and doesn't do harm in Maven Central -->
+ <attachChecksums>true</attachChecksums>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
</plugins>
</build>
@@ -447,34 +475,6 @@ under the License.
</execution>
</executions>
</plugin>
- <!-- calculate checksums of source release for Apache dist area -->
- <plugin>
- <groupId>net.nicoulaj.maven.plugins</groupId>
- <artifactId>checksum-maven-plugin</artifactId>
- <version>1.11</version>
- <executions>
- <execution>
- <id>source-release-checksum</id>
- <goals>
- <goal>artifacts</goal>
- </goals>
- <!-- execute prior to maven-gpg-plugin:sign due to https://github.com/nicoulaj/checksum-maven-plugin/issues/112 -->
- <phase>post-integration-test</phase>
- <configuration>
- <algorithms>
- <algorithm>SHA-512</algorithm>
- </algorithms>
- <!-- https://maven.apache.org/apache-resource-bundles/#source-release-assembly-descriptor -->
- <includeClassifiers>source-release</includeClassifiers>
- <excludeMainArtifact>true</excludeMainArtifact>
- <csvSummary>false</csvSummary>
- <!-- attach SHA-512 checksum as well to upload to Maven Staging Repo,
- as this eases uploading from stage to dist and doesn't do harm in Maven Central -->
- <attachChecksums>true</attachChecksums>
- </configuration>
- </execution>
- </executions>
- </plugin>
<!-- We want to sign the artifact, the POM, and all attached artifacts (except for SHA-512 checksum) -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>