How is the signing done for Apache NetBeans during releases and why can't
that be used for the patch too? Sorry, ignorant on this point and need to
understand this aspect to be able to participate in the discussion,
alternatively those who are familiar with this should take the lead and do
what is needed or what is best under the circumstances.


On Thu, Nov 7, 2019 at 6:22 PM Neil C Smith <> wrote:

> On Thu, 7 Nov 2019 at 17:05, Korney Czukowski <> wrote:
> >  Although even with almost
> > everything in place, there's still this issue with nbm signing, so
> > practically the Update Center cannot be used for now, right (else you
> > would have already used it)? If this is the case, then a (trusted)
> > offline installed could be used as a temporarily and somewhat ugly
> solution.
> The UC is useful now, and can be used for things like RCP harness
> building.  However, the iDE will show a warning for nbms there.
> All binary elements, including the zips and nbms, are already gpg
> signed locally.  We just need a temporary solution to (jar) sign the
> updated nbm files as well.  The solution you suggest would actually be
> more complicated not less.  We still have to sign them!  Getting them
> in the existing UC is easy after that.
> Thanks,
> Neil
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:
> For further information about the NetBeans mailing lists, visit:

Reply via email to