On Wed, Mar 24, 2021 at 9:17 PM David Blevins <david.blev...@gmail.com> wrote:
> Thanks or pushing this back up to the top. Some thoughts below. > I had just come here to say the same thing - thank you Richard! > > > On Mar 24, 2021, at 12:46 AM, Richard Zowalla <r...@apache.org> wrote: > > > > It seems, we are already providing SHA256/SHA512 checksums for newer > > releases. To rephrase my comment: If we would switch to Maven > > repository links instead, we would need to upgrade the parent project > > in order to deploy SHA256/SHA512 to Maven repositories. > > I'm curious what others think, but to me it would seem the best source to > point at for the signatures is something on apache.org. I completely > understand how having the mirror be the source of signatures to verify > files on the mirror completely defeats the point :) > We should be linking to signatures on apache.org, and not the mirrors. > The most natural source for me would be linking signatures back to the > mirror source which is https://dist.apache.org/repos/dist/release/tomee/ > > > - How to deploy changes conducted in > > https://github.com/apache/tomee-site-generator ? > > > > The documentation is outdated and I have no idea of the steps required > > to get the changes "live". If someone can explain the process, I am > > happy to update the documentation as well. > Thank you in advance for the help! When David and I did work here we > didn't really document outside the list conversations. > > The short version is if you push modified html to this repo, it shows up > live eventually: > > - https://github.com/apache/tomee-site-pub > > You can regenerate the site with a `mvn compile` as mentioned here: > > - https://github.com/apache/tomee-site-generator#build > > The documentation says "you just need to sync it with CMS repo", but > doesn't give details. > > > I tend to do that manually with Beyond Compare, and I'm happy to do that for you if that helps. It would be great to have a less manual way to do it though. Jon
