The step by step that is being followed is here, * http://struts.apache.org/2.x/docs/creating-and-signing-a-distribution.html
which includes using the release profile. I don't know why it isn't working for me. My PuTTY SSL setup is fine now, but there is still something wrong with Cygwin, since it can't find or use my private key. But that should not have affected the gpg signatures. I signed the struts2-core-2.0.6.jar by hand and uploaded it. * http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/struts/struts2-core/2.0.6/ If someone could verify that this is correct, that would be helpful. I think I might have to step away from the release manager role. Or, at least the deployment of the Maven artifacts. I have a lot of trouble getting the Maven signing plugins or scripts to work. Signing all these Maven artifacts by hand is not something I can do on a regular basis. I'll fix 2.0.6, but, otherwise, this might have to be my last Maven distribution. -Ted. On 2/25/07, Wendy Smoak <[EMAIL PROTECTED]> wrote:
There seems to be a step missing in the Struts 2 release process. The jars in the rsynced Maven repo are missing pgp/gpg signatures, for example: http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/struts/struts2-core/2.0.5/ All the jars for both the 2.0.5 and 2.0.6 releases need to be signed. For future builds, there is a 'release' profile in the struts2-parent pom that will use maven-gpg-plugin to sign all the artifacts when they are deployed to the staging repo. Or it can be done by signing the jars in your local repo, and uploading the signatures. Thanks, -- Wendy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]