Hi, Following more requests to update our builds to generate .sha512 checksums, we changed our "parent-pom" to do this, but now find we can't upload artifacts to repository.apache.org unless we also change our builds to do gpg-signatures for the .sha512 checksums (which seems overreaching).
I found INFRA-14923 looking to fix this; it has been open for over a year, but there seems to be some recent activity. In order to do releases, should we change our build (for now) to add gpg signatures to the .sha512 checksums, or will INFRA-14923 be fixed shortly? -Marshall Schor
