You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Elliotte Rusty Harold (Jira)" <ji...@apache.org> on 2019/12/18 13:23:00 UTC

[jira] [Closed] (MGPG-43) Allow signing of arbitrary artifacts

     [ https://issues.apache.org/jira/browse/MGPG-43?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Elliotte Rusty Harold closed MGPG-43.
-------------------------------------

> Allow signing of arbitrary artifacts
> ------------------------------------
>
>                 Key: MGPG-43
>                 URL: https://issues.apache.org/jira/browse/MGPG-43
>             Project: Maven GPG Plugin
>          Issue Type: New Feature
>            Reporter: Sebb
>            Priority: Major
>         Attachments: MGPG-43.patch, MGPG43-2.patch, MGPG43-3.patch, MGPG43.patch
>
>
> At present, the plugin relies on being run after the "package" phase, presumably so it knows which files to sign.
> This is fine if all the artifacts are intended for distribution via Maven repos, but there are other distribution mechanisms where signed artifacts are needed. For example, ASF releases to their mirror system.
> It would be useful if there was a separate goal for signing files using standard includes/excludes.
> Ideally this would also be integrated with the assembly plugin somehow so it could obtain the list of files from the plugin.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)