Dennis Lundberg wrote:
<snip/>
I had a look at the Apache Maven 1 repo at
http://people.apache.org/repo/m1-ibiblio-rsync-repository/
There doesn't seem to be any consistency when looking at different
components. I had a look at a few:
configuration:
- older jars have md5
- newer jars have md5 and asc
- older poms have no md5 or asc
- newer poms have md5
lang:
- jars have md5
- poms have md5
logging:
- older jars have md5
- newer jars have md5 and asc
- older poms have md5
- newer poms have md5 and asc
<snip/>
Section 8 of the Commons releasing components guide [1] demands that all
files placed in the ASF Java Respository need to be signed. I think that
this part is relative new, which explains why newer poms are signed
while older ones are not.
Oliver
[1] http://jakarta.apache.org/commons/releases/release.html
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
