Hi Brent, That Maven command would be if you were generating for a particular release, from the main Continuum tree.
If you are adjusting site-publish using the fix tool, you just need to check in the results. It sounds like there's some work going on in Maven land to do some prevention of bad Javadoc being published in the future. Cheers, Brett On 23/06/2013, at 1:58 AM, Brent Atkinson <batkin...@apache.org> wrote: > Greetings, > > I have some time to patch frame injection vulnerability in the project > javadocs. Since this is the first time publishing the docs, I'd like > someone to verify the process for me. From > http://continuum.apache.org/development/publishing-site.html it appears > that I: > > * check out the source under > http://svn.apache.org/repos/asf/continuum/site-publish > * patch the docs > * run "mvn site site:stage scm-publish:publish-scm" > > That should update the existing docs. > > How should we ensure new docs don't get published with the vulnerability? > Would that be something we'd do with enforcer and require versions? > > Brent -- Brett Porter br...@apache.org http://brettporter.wordpress.com/ http://au.linkedin.com/in/brettporter http://twitter.com/brettporter
