+1 On Mon, Aug 15, 2011 at 5:50 PM, Vincent Massol <[email protected]> wrote: > > On Aug 15, 2011, at 5:42 PM, Sergiu Dumitriu wrote: > >> On 08/15/2011 11:19 AM, Vincent Massol wrote: >>> Hi, >>> >>> I think we should start signing our artifacts using PGP as explained here: >>> https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven >>> >>> Here's my +1 >> >> +1. >> >> Do we use only one key, installed on the release machine? It should be >> protected by a strong passphrase. > > IMO every release manager should use his own key for better tracability. > >>> >>> Thanks >>> -Vincent >>> >>> PS: I we agree I can commit the changes required to our top level POM to >>> implement this (I have them locally already) >> >> PS2: When's the release user ready on one of the new agents? > > When someone creates it I guess. You could request that on the infra@ list. > > Thanks > -Vincent > > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs >
-- Thomas Mortagne _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
