[ http://jira.codehaus.org/browse/MEV-662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=223700#action_223700 ]
Anders Hammar commented on MEV-662: ----------------------------------- Found one more invalid signature: org.apache.geronimo.specs:specs:pom:1.2 > Invalid Geronimo signatures in central > -------------------------------------- > > Key: MEV-662 > URL: http://jira.codehaus.org/browse/MEV-662 > Project: Maven Evangelism > Issue Type: Bug > Reporter: Anders Hammar > > I've found a few more invalid signatures in central: > org.apache.geronimo.genesis:genesis:pom:1.2 - This one has been reported in > GERONIMO-5309 as well. > org.apache.geronimo.specs:geronimo-j2ee-management_1.0_spec:pom:1.1 > org.apache.geronimo.specs:geronimo-ejb_2.1_spec:pom:1.1 > org.apache.geronimo.specs:geronimo-j2ee-deployment_1.1_spec:pom:1.1 > org.apache.geronimo.specs:geronimo-ejb_3.0_spec:pom:1.0 > I found these when trying to download dependencies through Nexus Pro > signature procurement. I would suspect that there are more invalid signatures > within the org.apache.geronimo space. > Not sure what should be done - should these signatures be removed? As it's > the poms, it should be possible for the Geronimo project to check against svn > and re-sign, but the comments in GERONIMO-5309 makes me suspect they don't > want to do that. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira