I raised this on https://lists.apache.org/thread/pj1csswgmdo924gp2myvbx73516dpk7c <https://lists.apache.org/thread/pj1csswgmdo924gp2myvbx73516dpk7c> as well.
> On 13. Sep 2022, at 13:38, Konrad Windszus <[email protected]> wrote: > > Hi, > As part of the release check in > https://dist.apache.org/repos/dist/dev/jackrabbit/check-release.sh the > provided source archive is compared with the downloaded git tag/svn export. > Due a change in the default excludes of plexus-utils > (https://github.com/codehaus-plexus/plexus-utils/commit/e8a8433894eae9e8f82cbba4b903508362e9322a) > the files.gitattributes and .gitignore are no longer excluded by default. > This affects e.g. the maven-assembly-plugin, which uses plexus archiver, > which itself uses plexus-utils (updated in > https://github.com/codehaus-plexus/plexus-utils/commit/e8a8433894eae9e8f82cbba4b903508362e9322a). > > In general all packaging plugins which leverage the AbstractScanner from > plexus-utils (like maven-jar-plugin, maven-source-plugin, > maven-assembly-plugin) will no longer exclude those files, which makes e.g. > the src.zip archive contain those metadata files. > > Currently that leads to issues like this when validating new releases: > > "Only in ./target/jackrabbit-filevault-3.6.2/zip/jackrabbit-filevault-3.6.2: > .gitattributes > Only in ./target/jackrabbit-filevault-3.6.2/zip/jackrabbit-filevault-3.6.2: > .gitignoreā€¯ > > > There are the following ways on how the check-release.sh could be adjusted: > 1. Ignore the file patterns given in CLEAN_SCM always in the given ZIP (for > all components) > 2. Adjust CLEAN_ZIP for affected components (non backwards-compatible) > 3. Adjust CLEAN_SCM for affected components (non backwards-compatible) > > WDYT? > Thanks, > Konrad
