[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New release distribution checksum policy

On Fri, 24 Aug 2018 19:51:04 +0200, Thomas Vandahl wrote:
On 24.08.18 15:42, sebb wrote:
If it really is the case that the Apache Parent POM only creates the
checksums for artifacts with a specific name, then IMO it is badly
broken and needs a bug report.

Feel free. Lines 425 to 454.

Note that it says:
"For every artifact distributed to the public through Apache channels,
the PMC..."

Since we distribute the binaries, they must have SHA256+

I see. Does Maven Central qualify as "Apache channel"? Because I have no
idea how to achieve this. Tried multiple configurations - PITA.

From http://www.apache.org/dev/release-publishing.html#valid
don't try to publish .sha256, .sha512 files yet; Nexus doesn't handle them (as of March 2018)


Bye, Thomas

To unsubscribe, e-mail: dev-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: dev-help@xxxxxxxxxxxxxxxxxx