On Tue, 9 Feb 2010, Karl Guggisberg wrote:
Also all released JOSM jar files are signed, so you can use Java to verify signature.Handelt es sich dabei um einen Teil des bisher nicht veröffentlichen Build-Scripts für Releases? In ant.xml kann ich auf den ersten Blick keine entsprechende Funktion erkennen. Kannst du das bisher verwendete Build-Script publizieren? Wie siehts mit Zertifikaten aus?
All releases are signed. Each nightly build. As said latest and tested are only softlinks to these. So for release the only thing to do is say "This build is release".
I don't like to make the build scripts open as it runs automatically and with too much knowledge about the scripts hacking the server probably becomes much easier (everything has flaws and you must not make them too obvious :-) And there is no real necessarity beside "Nice to know".
Ciao -- http://www.dstoecker.eu/ (PGP key available)
_______________________________________________ josm-dev mailing list [email protected] http://lists.openstreetmap.org/listinfo/josm-dev
