I have a patch to the plugin that I need to get some time to test. I'm the bottle neck unfortunately. Is the rule blocking only because of the missing signature or is it balking at the hashes too?
On Thu, Oct 18, 2018 at 9:05 AM Marshall Schor <m...@schor.com> wrote: > Hi, > > Following more requests to update our builds to generate .sha512 > checksums, we > changed our "parent-pom" to do this, but now find we can't upload > artifacts to > repository.apache.org unless we also change our builds to do > gpg-signatures for > the .sha512 checksums (which seems overreaching). > > I found INFRA-14923 looking to fix this; it has been open for over a year, > but > there seems to be some recent activity. > > In order to do releases, should we change our build (for now) to add gpg > signatures to the .sha512 checksums, or will INFRA-14923 be fixed shortly? > > -Marshall Schor > >
