You are viewing a plain text version of this content. The canonical link for it is here.
Posted to nmaven-dev@incubator.apache.org by Evan Worley <ev...@gmail.com> on 2008/01/11 03:42:36 UTC
Deploying nunit framework assembly to a public repository
Hello All,
As we are preparing for a NMaven release, there are a few questions that
need to be answered. Most importantly, we will need to deploy NUnit's
framework assembly to a public repository such that NMaven consumers can
compile and run nunit tests. There are a few questions about this, I will
list them below.
1. Who is to control the key used to sign the assembly? NUnit
provides their key along with their source, but perhaps we want to own the
key and re-sign the assembly?
2.
http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
a few criteria that we cannot meet for this artifact. We will not
have all the requires entries in the pom, such as scm url and licenses. The
other bit is that this page says that we must "*provide proof that you
control the domain",* which we cannot because we don't, though I've
heard other artifacts have been submitted by non-owners.
3. How should, if any, the process differ for uploading .net artifacts
to a public repository?
Thanks for any guidance,
Evan
Re: Deploying nunit framework assembly to a public repository
Posted by Shane Isbell <sh...@gmail.com>.
On Jan 13, 2008 2:12 PM, Wendy Smoak <ws...@gmail.com> wrote:
> [moved from maven-dev]
>
> On Jan 11, 2008 4:08 PM, Shane Isbell <sh...@gmail.com> wrote:
> > So to support this we need to recompile the NUnit assembly with the
> version
> > in the filename. There is no modification of code, just a changing on
> > manifest attributes and the artifact filename. NUnit includes their key
> for
> > signing within the build source, but I tend to think we should use our
> own
> > key so that people can verify the source of the assembly.
>
> Does this really require re-compiling, or just re-packaging with
> changes to the manifest? IOW, must you have access to the source code
> to do this, or can you just explode the dll, edit a text file, and
> package it up again?
Technically, this is possible but would require more work than a recompile
since the assembly is not an archive. We would have to disassemble the
assembly, change metadata, reassemble and then sign it.
>
>
> I thought the last discussions about requiring the version number in
> the filename or not went the other way, and it was _not_ going to be
> required.
This is the long term direction but but not something that NMaven should be
handling. I would expect that such changes will need to be made within Maven
core. However, there is support for system scope, which will allow the user
to include any assembly (with or without versions in the filename) located
on the file system.
Shane
>
>
> --
> Wendy
>
Re: Deploying nunit framework assembly to a public repository
Posted by Wendy Smoak <ws...@gmail.com>.
[moved from maven-dev]
On Jan 11, 2008 4:08 PM, Shane Isbell <sh...@gmail.com> wrote:
> So to support this we need to recompile the NUnit assembly with the version
> in the filename. There is no modification of code, just a changing on
> manifest attributes and the artifact filename. NUnit includes their key for
> signing within the build source, but I tend to think we should use our own
> key so that people can verify the source of the assembly.
Does this really require re-compiling, or just re-packaging with
changes to the manifest? IOW, must you have access to the source code
to do this, or can you just explode the dll, edit a text file, and
package it up again?
I thought the last discussions about requiring the version number in
the filename or not went the other way, and it was _not_ going to be
required.
--
Wendy
RE: Deploying nunit framework assembly to a public repository
Posted by "Brian E. Fox" <br...@reply.infinity.nu>.
>NUnit includes their key for
>signing within the build source, but I tend to think we should use our
own
>key so that people can verify the source of the assembly.
I agree that if you rebuild, it should use the actual builder's key for
signing. Including the key with the source seems to defeat the purpose
doesn't it?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
Re: Deploying nunit framework assembly to a public repository
Posted by Shane Isbell <sh...@gmail.com>.
To provide some context on this, we are now using standard artifact
resolvers for .NET assemblies and require that the filename of an assembly
contain the version. This filename is also an attribute within the manifest
of the library assembly and needs to match the actual filename of the
artifact. We are unable to directly modify the attribute to include the
version in the filename since the assembly is signed by the NUnit guys.
So to support this we need to recompile the NUnit assembly with the version
in the filename. There is no modification of code, just a changing on
manifest attributes and the artifact filename. NUnit includes their key for
signing within the build source, but I tend to think we should use our own
key so that people can verify the source of the assembly.
Thanks,
Shane
On Jan 11, 2008 2:44 PM, Evan Worley <ev...@gmail.com> wrote:
> That depends on the answer to #1, below. If we don't need to re-sign the
> assembly ourself, then we can simply deploy the framework assembly that
> comes with their install. If we do want to re-sign, then we can
> re-assembly
> it ourself.
>
> Thanks,
> Evan
>
> On Jan 11, 2008 2:28 PM, Jason van Zyl <ja...@maven.org> wrote:
>
> > Who created the NUnit assembly?
> >
> > As is from them, or something you augmented?
> >
> > On 11-Jan-08, at 11:34 AM, Evan Worley wrote:
> >
> > > Hello All,
> > >
> > > If anyone can help on the questions below, it would be greatly
> > > appreciated.
> > >
> > > Thank you,
> > > Evan
> > >
> > > ---------- Forwarded message ----------
> > > From: Evan Worley <ev...@gmail.com>
> > > Date: Jan 10, 2008 7:42 PM
> > > Subject: Deploying nunit framework assembly to a public repository
> > > To: nmaven-dev@incubator.apache.org
> > >
> > >
> > > Hello All,
> > >
> > > As we are preparing for a NMaven release, there are a few questions
> > > that
> > > need to be answered. Most importantly, we will need to deploy NUnit's
> > > framework assembly to a public repository such that NMaven consumers
> > > can
> > > compile and run nunit tests. There are a few questions about this,
> > > I will
> > > list them below.
> > >
> > >
> > > 1. Who is to control the key used to sign the assembly? NUnit
> > > provides their key along with their source, but perhaps we want to
> > > own the
> > > key and re-sign the assembly?
> > > 2.
> > >
> >
> http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> > > a few criteria that we cannot meet for this artifact. We will not
> > > have all the requires entries in the pom, such as scm url and
> > > licenses. The
> > > other bit is that this page says that we must " *provide proof that
> > > you control the domain",* which we cannot because we don't, though
> > > I've heard other artifacts have been submitted by non-owners.
> > > 3. How should, if any, the process differ for uploading .net
> > > artifacts
> > > to a public repository?
> > >
> > > Thanks for any guidance,
> > > Evan
> >
> > Thanks,
> >
> > Jason
> >
> > ----------------------------------------------------------
> > Jason van Zyl
> > Founder, Apache Maven
> > jason at sonatype dot com
> > ----------------------------------------------------------
> >
> > We know what we are, but know not what we may be.
> >
> > -- Shakespeare
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> > For additional commands, e-mail: dev-help@maven.apache.org
> >
> >
>
Re: Deploying nunit framework assembly to a public repository
Posted by Evan Worley <ev...@gmail.com>.
That depends on the answer to #1, below. If we don't need to re-sign the
assembly ourself, then we can simply deploy the framework assembly that
comes with their install. If we do want to re-sign, then we can re-assembly
it ourself.
Thanks,
Evan
On Jan 11, 2008 2:28 PM, Jason van Zyl <ja...@maven.org> wrote:
> Who created the NUnit assembly?
>
> As is from them, or something you augmented?
>
> On 11-Jan-08, at 11:34 AM, Evan Worley wrote:
>
> > Hello All,
> >
> > If anyone can help on the questions below, it would be greatly
> > appreciated.
> >
> > Thank you,
> > Evan
> >
> > ---------- Forwarded message ----------
> > From: Evan Worley <ev...@gmail.com>
> > Date: Jan 10, 2008 7:42 PM
> > Subject: Deploying nunit framework assembly to a public repository
> > To: nmaven-dev@incubator.apache.org
> >
> >
> > Hello All,
> >
> > As we are preparing for a NMaven release, there are a few questions
> > that
> > need to be answered. Most importantly, we will need to deploy NUnit's
> > framework assembly to a public repository such that NMaven consumers
> > can
> > compile and run nunit tests. There are a few questions about this,
> > I will
> > list them below.
> >
> >
> > 1. Who is to control the key used to sign the assembly? NUnit
> > provides their key along with their source, but perhaps we want to
> > own the
> > key and re-sign the assembly?
> > 2.
> >
> http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> > a few criteria that we cannot meet for this artifact. We will not
> > have all the requires entries in the pom, such as scm url and
> > licenses. The
> > other bit is that this page says that we must " *provide proof that
> > you control the domain",* which we cannot because we don't, though
> > I've heard other artifacts have been submitted by non-owners.
> > 3. How should, if any, the process differ for uploading .net
> > artifacts
> > to a public repository?
> >
> > Thanks for any guidance,
> > Evan
>
> Thanks,
>
> Jason
>
> ----------------------------------------------------------
> Jason van Zyl
> Founder, Apache Maven
> jason at sonatype dot com
> ----------------------------------------------------------
>
> We know what we are, but know not what we may be.
>
> -- Shakespeare
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> For additional commands, e-mail: dev-help@maven.apache.org
>
>
Re: Deploying nunit framework assembly to a public repository
Posted by Jason van Zyl <ja...@maven.org>.
Who created the NUnit assembly?
As is from them, or something you augmented?
On 11-Jan-08, at 11:34 AM, Evan Worley wrote:
> Hello All,
>
> If anyone can help on the questions below, it would be greatly
> appreciated.
>
> Thank you,
> Evan
>
> ---------- Forwarded message ----------
> From: Evan Worley <ev...@gmail.com>
> Date: Jan 10, 2008 7:42 PM
> Subject: Deploying nunit framework assembly to a public repository
> To: nmaven-dev@incubator.apache.org
>
>
> Hello All,
>
> As we are preparing for a NMaven release, there are a few questions
> that
> need to be answered. Most importantly, we will need to deploy NUnit's
> framework assembly to a public repository such that NMaven consumers
> can
> compile and run nunit tests. There are a few questions about this,
> I will
> list them below.
>
>
> 1. Who is to control the key used to sign the assembly? NUnit
> provides their key along with their source, but perhaps we want to
> own the
> key and re-sign the assembly?
> 2.
> http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> a few criteria that we cannot meet for this artifact. We will not
> have all the requires entries in the pom, such as scm url and
> licenses. The
> other bit is that this page says that we must " *provide proof that
> you control the domain",* which we cannot because we don't, though
> I've heard other artifacts have been submitted by non-owners.
> 3. How should, if any, the process differ for uploading .net
> artifacts
> to a public repository?
>
> Thanks for any guidance,
> Evan
Thanks,
Jason
----------------------------------------------------------
Jason van Zyl
Founder, Apache Maven
jason at sonatype dot com
----------------------------------------------------------
We know what we are, but know not what we may be.
-- Shakespeare
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
Fwd: Deploying nunit framework assembly to a public repository
Posted by Evan Worley <ev...@gmail.com>.
Hello All,
If anyone can help on the questions below, it would be greatly appreciated.
Thank you,
Evan
---------- Forwarded message ----------
From: Evan Worley <ev...@gmail.com>
Date: Jan 10, 2008 7:42 PM
Subject: Deploying nunit framework assembly to a public repository
To: nmaven-dev@incubator.apache.org
Hello All,
As we are preparing for a NMaven release, there are a few questions that
need to be answered. Most importantly, we will need to deploy NUnit's
framework assembly to a public repository such that NMaven consumers can
compile and run nunit tests. There are a few questions about this, I will
list them below.
1. Who is to control the key used to sign the assembly? NUnit
provides their key along with their source, but perhaps we want to own the
key and re-sign the assembly?
2.
http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
a few criteria that we cannot meet for this artifact. We will not
have all the requires entries in the pom, such as scm url and licenses. The
other bit is that this page says that we must " *provide proof that
you control the domain",* which we cannot because we don't, though
I've heard other artifacts have been submitted by non-owners.
3. How should, if any, the process differ for uploading .net artifacts
to a public repository?
Thanks for any guidance,
Evan
Re: Deploying nunit framework assembly to a public repository
Posted by Shane Isbell <sh...@gmail.com>.
I've deployed a snapshot version to
http://people.apache.org/repo/m2-snapshot-repository/
<dependency>
<groupId>org.apache.maven.dotnet</groupId>
<artifactId>NUnit.Framework</artifactId>
<version>2.4.6-incubating-SNAPSHOT</version>
<type>dotnet:library</type>
<scope>test</scope>
</dependency>
Shane
On Jan 15, 2008 11:09 AM, Shane Isbell <sh...@gmail.com> wrote:
> I'm also going to be deploying a snapshot version into the snapshot repo.
> Does anyone know how we request to deploy a third-party library into the
> incubating repo?
>
> Shane
>
> On Jan 14, 2008 8:08 PM, Shane Isbell <sh...@gmail.com> wrote:
>
> > Okay, I've checked in the NUnit artifact with incubating in the version.
> > I've changed the group id to org.apache.maven.dotnet, which indicates
> > that we compiled it.
> >
> > Shane
> >
> > On Jan 14, 2008 8:01 PM, Evan Worley <ev...@gmail.com> wrote:
> >
> > > That works for me.
> > >
> > > -Evan
> > >
> > > On Jan 14, 2008 7:10 PM, Shane Isbell <sh...@gmail.com> wrote:
> > >
> > > > Maybe we should just put the NUnit library in the incubating repo.
> > > >
> > > > http://people.apache.org/repo/m2-incubating-repository/
> > > >
> > > > Shane
> > > > On Jan 10, 2008 7:42 PM, Evan Worley < evanworley@gmail.com> wrote:
> > > >
> > > > > Hello All,
> > > > >
> > > > > As we are preparing for a NMaven release, there are a few
> > > questions that
> > > > > need to be answered. Most importantly, we will need to deploy
> > > NUnit's
> > > > > framework assembly to a public repository such that NMaven
> > > consumers can
> > > > > compile and run nunit tests. There are a few questions about
> > > this, I
> > > > will
> > > > > list them below.
> > > > >
> > > > >
> > > > > 1. Who is to control the key used to sign the assembly? NUnit
> > > > > provides their key along with their source, but perhaps we want
> > > to own
> > > > > the
> > > > > key and re-sign the assembly?
> > > > > 2.
> > > > >
> > > > >
> > > > http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> > >
> > > > > a few criteria that we cannot meet for this artifact. We will not
> > > > > have all the requires entries in the pom, such as scm url and
> > > > licenses.
> > > > > The
> > > > > other bit is that this page says that we must "*provide proof
> > > that you
> > > > > control the domain",* which we cannot because we don't, though
> > > I've
> > > > > heard other artifacts have been submitted by non-owners.
> > > > > 3. How should, if any, the process differ for uploading .net
> > > artifacts
> > > > > to a public repository?
> > > > >
> > > > > Thanks for any guidance,
> > > > > Evan
> > > > >
> > > >
> > >
> >
> >
>
Re: Deploying nunit framework assembly to a public repository
Posted by Shane Isbell <sh...@gmail.com>.
I'm also going to be deploying a snapshot version into the snapshot repo.
Does anyone know how we request to deploy a third-party library into the
incubating repo?
Shane
On Jan 14, 2008 8:08 PM, Shane Isbell <sh...@gmail.com> wrote:
> Okay, I've checked in the NUnit artifact with incubating in the version.
> I've changed the group id to org.apache.maven.dotnet, which indicates that
> we compiled it.
>
> Shane
>
> On Jan 14, 2008 8:01 PM, Evan Worley <ev...@gmail.com> wrote:
>
> > That works for me.
> >
> > -Evan
> >
> > On Jan 14, 2008 7:10 PM, Shane Isbell <sh...@gmail.com> wrote:
> >
> > > Maybe we should just put the NUnit library in the incubating repo.
> > >
> > > http://people.apache.org/repo/m2-incubating-repository/
> > >
> > > Shane
> > > On Jan 10, 2008 7:42 PM, Evan Worley < evanworley@gmail.com> wrote:
> > >
> > > > Hello All,
> > > >
> > > > As we are preparing for a NMaven release, there are a few questions
> > that
> > > > need to be answered. Most importantly, we will need to deploy
> > NUnit's
> > > > framework assembly to a public repository such that NMaven consumers
> > can
> > > > compile and run nunit tests. There are a few questions about this,
> > I
> > > will
> > > > list them below.
> > > >
> > > >
> > > > 1. Who is to control the key used to sign the assembly? NUnit
> > > > provides their key along with their source, but perhaps we want to
> > own
> > > > the
> > > > key and re-sign the assembly?
> > > > 2.
> > > >
> > > >
> > > http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> >
> > > > a few criteria that we cannot meet for this artifact. We will not
> > > > have all the requires entries in the pom, such as scm url and
> > > licenses.
> > > > The
> > > > other bit is that this page says that we must "*provide proof that
> > you
> > > > control the domain",* which we cannot because we don't, though
> > I've
> > > > heard other artifacts have been submitted by non-owners.
> > > > 3. How should, if any, the process differ for uploading .net
> > artifacts
> > > > to a public repository?
> > > >
> > > > Thanks for any guidance,
> > > > Evan
> > > >
> > >
> >
>
>
Re: Deploying nunit framework assembly to a public repository
Posted by Shane Isbell <sh...@gmail.com>.
Okay, I've checked in the NUnit artifact with incubating in the version.
I've changed the group id to org.apache.maven.dotnet, which indicates that
we compiled it.
Shane
On Jan 14, 2008 8:01 PM, Evan Worley <ev...@gmail.com> wrote:
> That works for me.
>
> -Evan
>
> On Jan 14, 2008 7:10 PM, Shane Isbell <sh...@gmail.com> wrote:
>
> > Maybe we should just put the NUnit library in the incubating repo.
> >
> > http://people.apache.org/repo/m2-incubating-repository/
> >
> > Shane
> > On Jan 10, 2008 7:42 PM, Evan Worley <ev...@gmail.com> wrote:
> >
> > > Hello All,
> > >
> > > As we are preparing for a NMaven release, there are a few questions
> that
> > > need to be answered. Most importantly, we will need to deploy NUnit's
> > > framework assembly to a public repository such that NMaven consumers
> can
> > > compile and run nunit tests. There are a few questions about this, I
> > will
> > > list them below.
> > >
> > >
> > > 1. Who is to control the key used to sign the assembly? NUnit
> > > provides their key along with their source, but perhaps we want to
> own
> > > the
> > > key and re-sign the assembly?
> > > 2.
> > >
> > >
> >
> http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> > > a few criteria that we cannot meet for this artifact. We will not
> > > have all the requires entries in the pom, such as scm url and
> > licenses.
> > > The
> > > other bit is that this page says that we must "*provide proof that
> you
> > > control the domain",* which we cannot because we don't, though I've
> > > heard other artifacts have been submitted by non-owners.
> > > 3. How should, if any, the process differ for uploading .net
> artifacts
> > > to a public repository?
> > >
> > > Thanks for any guidance,
> > > Evan
> > >
> >
>
Re: Deploying nunit framework assembly to a public repository
Posted by Evan Worley <ev...@gmail.com>.
That works for me.
-Evan
On Jan 14, 2008 7:10 PM, Shane Isbell <sh...@gmail.com> wrote:
> Maybe we should just put the NUnit library in the incubating repo.
>
> http://people.apache.org/repo/m2-incubating-repository/
>
> Shane
> On Jan 10, 2008 7:42 PM, Evan Worley <ev...@gmail.com> wrote:
>
> > Hello All,
> >
> > As we are preparing for a NMaven release, there are a few questions that
> > need to be answered. Most importantly, we will need to deploy NUnit's
> > framework assembly to a public repository such that NMaven consumers can
> > compile and run nunit tests. There are a few questions about this, I
> will
> > list them below.
> >
> >
> > 1. Who is to control the key used to sign the assembly? NUnit
> > provides their key along with their source, but perhaps we want to own
> > the
> > key and re-sign the assembly?
> > 2.
> >
> >
> http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> > a few criteria that we cannot meet for this artifact. We will not
> > have all the requires entries in the pom, such as scm url and
> licenses.
> > The
> > other bit is that this page says that we must "*provide proof that you
> > control the domain",* which we cannot because we don't, though I've
> > heard other artifacts have been submitted by non-owners.
> > 3. How should, if any, the process differ for uploading .net artifacts
> > to a public repository?
> >
> > Thanks for any guidance,
> > Evan
> >
>
Re: Deploying nunit framework assembly to a public repository
Posted by Shane Isbell <sh...@gmail.com>.
Maybe we should just put the NUnit library in the incubating repo.
http://people.apache.org/repo/m2-incubating-repository/
Shane
On Jan 10, 2008 7:42 PM, Evan Worley <ev...@gmail.com> wrote:
> Hello All,
>
> As we are preparing for a NMaven release, there are a few questions that
> need to be answered. Most importantly, we will need to deploy NUnit's
> framework assembly to a public repository such that NMaven consumers can
> compile and run nunit tests. There are a few questions about this, I will
> list them below.
>
>
> 1. Who is to control the key used to sign the assembly? NUnit
> provides their key along with their source, but perhaps we want to own
> the
> key and re-sign the assembly?
> 2.
>
> http://maven.apache.org/guides/mini/guide-central-repository-upload.htmlmentions
> a few criteria that we cannot meet for this artifact. We will not
> have all the requires entries in the pom, such as scm url and licenses.
> The
> other bit is that this page says that we must "*provide proof that you
> control the domain",* which we cannot because we don't, though I've
> heard other artifacts have been submitted by non-owners.
> 3. How should, if any, the process differ for uploading .net artifacts
> to a public repository?
>
> Thanks for any guidance,
> Evan
>