You are viewing a plain text version of this content. The canonical link for it is here.
Posted to repository@apache.org by "Henk P. Penning" <he...@cs.uu.nl> on 2008/08/24 23:39:10 UTC
missing pgp sigs in maven repo
Filip,
you have 15 missing signatures in the maven repo ; for a list, see
http://people.apache.org/~henkp/repo/
Please provide the missing sigs.
Thanks a lot,
Henk Penning -- apache.org infrastructure
---------------------------------------------------------------- _
Henk P. Penning, Computer Systems Group R Uithof CGN-A232 _/ \_
Dept of Computer Science, Utrecht University T +31 30 253 4106 / \_/ \
Padualaan 14, 3584CH Utrecht, the Netherlands F +31 30 253 2804 \_/ \_/
http://people.cs.uu.nl/henkp/ M penning@cs.uu.nl \_/
Re: missing pgp sigs in maven repo
Posted by Filip at Apache <fh...@apache.org>.
we use this ANT script
http://svn.apache.org/viewvc/tomcat/trunk/res/maven/mvn-pub.xml?view=markup
and that executes the deploy:deploy-file target, but I'm no Maven whiz
Filip
Wendy Smoak wrote:
> On Sun, Aug 24, 2008 at 7:18 PM, Filip at Apache <fh...@apache.org> wrote:
>
>> hi Henk, our upload process hasn't changed for a very long time. Signatures
>> have never been uploaded for the missing files in previous releases, and I
>> got an email saying they werent required for those files.
>>
>
> Signatures are required for everything we release, we just haven't
> always been thorough about checking for them. It looks like you've
> got signatures for the jars, and just need to sign the poms as well.
>
> I remember working with you on getting Tomcat artifacts into the repo,
> and in fact we added a feature to the GPG plugin so it would work with
> mvn deploy:deploy-file. I lost track of how you eventually ended up
> deploying things though.
>
> Can you point us at the process you're using? It shouldn't be too hard to fix.
>
> Thanks,
>
Re: missing pgp sigs in maven repo
Posted by Wendy Smoak <ws...@gmail.com>.
On Sun, Aug 24, 2008 at 7:18 PM, Filip at Apache <fh...@apache.org> wrote:
> hi Henk, our upload process hasn't changed for a very long time. Signatures
> have never been uploaded for the missing files in previous releases, and I
> got an email saying they werent required for those files.
Signatures are required for everything we release, we just haven't
always been thorough about checking for them. It looks like you've
got signatures for the jars, and just need to sign the poms as well.
I remember working with you on getting Tomcat artifacts into the repo,
and in fact we added a feature to the GPG plugin so it would work with
mvn deploy:deploy-file. I lost track of how you eventually ended up
deploying things though.
Can you point us at the process you're using? It shouldn't be too hard to fix.
Thanks,
--
Wendy
Re: missing pgp sigs in maven repo
Posted by Filip at Apache <fh...@apache.org>.
hi Henk, our upload process hasn't changed for a very long time.
Signatures have never been uploaded for the missing files in previous
releases, and I got an email saying they werent required for those files.
please compare
http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/tomcat/jasper/6.0.18/
with
http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/tomcat/jasper/6.0.16/
http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/tomcat/jasper/6.0.14/
\
Filip
Henk P. Penning wrote:
> Filip,
>
> you have 15 missing signatures in the maven repo ; for a list, see
>
> http://people.apache.org/~henkp/repo/
>
> Please provide the missing sigs.
>
> Thanks a lot,
>
> Henk Penning -- apache.org infrastructure
>
> ---------------------------------------------------------------- _
> Henk P. Penning, Computer Systems Group R Uithof CGN-A232 _/ \_
> Dept of Computer Science, Utrecht University T +31 30 253 4106 / \_/ \
> Padualaan 14, 3584CH Utrecht, the Netherlands F +31 30 253 2804 \_/ \_/
> http://people.cs.uu.nl/henkp/ M penning@cs.uu.nl \_/
>