kwin edited a comment on pull request #40:
URL:
https://github.com/apache/maven-apache-parent/pull/40#issuecomment-845799597
Let me summarize the status quo (without PR):
1. `gpg-maven-plugin:sign` executed in phase `verify`, calculates ASC files
for almost all attached files (except for MD5, SHA1 and ASC)
1. `checksum-maven-plugin:files` executed in phase `verify`, calculates the
checksum based on `${project.artifactId}-${project.version}-source-release.xxx`
filename (considering the extension) but does not attach it
With this PR the order is inverted:
1. `checksum-maven-plugin:artifacts` executed in phase `verify`, calculates
the checksum based on `source-release` classifier (disregarding the extension)
and attaching it to project
1. `gpg-maven-plugin:sign` executed in phase `verify`, calculates ASC files
for almost all attached files (except for MD5, SHA1, SHA-512 and ASC)
Without the inverted order the `checksum-maven-plugin` would calculate a
checksum for the `*.asc` for `source-release` as well, which is certainly not
desired (https://github.com/nicoulaj/checksum-maven-plugin/issues/112).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
