38.2 currently says "The passphrase used to protect your public key." but it should be "The passphrase used to protect your private key."
I think a pretty common use case is to only sign release artifacts, keeping SNAPSHOT releases unsigned. Is there already an easy way to accomplish this? In any case, a how-to focusing on that use case would be a nice addition to the documentation. I completely agree with your dislike for build scripts that require manual interaction in general but I also think that signing artifacts is a prime example for the exception to this rule. The whole point of such a signature is that a person manually promotes a build to release, hopefully after verifying that everything is really ok (e.g. there is no h4x0r backdoor code that slips through unit tests). This is not something that should be done during an automatic build. Just my personal opinion, of course. CI systems would only build unsigned snapshots in that scenario. The rest of the documentation looks good. I haven't tried it out, though, so I don't know if I'll run into problems while switching away from my own signing plugin. Cheers, Joern. On 15.07.2011, at 02:53, Luke Daley wrote: > If anyone has a minute, it would be good to get some eyes on the signing > plugin docs before it goes out. > > http://gradle.org/releases/latest/docs/dsl > > http://gradle.org/releases/latest/docs/userguide/signing_plugin.html > > The last chapter of that userguide chapter will be changing today. > > -- > Luke Daley > Principal Engineer, Gradleware > http://gradleware.com > > > --------------------------------------------------------------------- > To unsubscribe from this list, please visit: > > http://xircles.codehaus.org/manage_email > > --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email
