I am trying: http://maven.apache.org/plugins/maven-gpg-plugin/sign-and-deploy-file-mojo.html
right now. Assuming that goes through, we can call a vote.
I agree, in general, we need to be able to get releases out faster and
more reliable. People also should, especially when it is near release
time, be encouraged to try trunk, as we aren't going to be making
drastic changes at that point and it is much better to get the testing
out of the way up front.
-Grant
On Nov 3, 2009, at 6:02 AM, Sean Owen wrote:
Yeah OK, then sign by hand? Sigs are important indeed.
I'm just weighing this against, again, 2 more emails today about
problems that I fixed ages ago, that people aren't getting since
they're downloading 0.1. You guys are also in a great position to
promote 0.2 in person. I think it'd be great to get them out ASAP.
Is there anything at all I can do?
On Tue, Nov 3, 2009 at 1:58 PM, Grant Ingersoll
<gsing...@apache.org> wrote:
On Nov 3, 2009, at 5:47 AM, Sean Owen wrote:
What were you referring to in your last email then about legal
bits? I
am genuinely curious to understand things like that since they are
important.
Oh, sorry. Was confused by your confusion!
The relevant line in the prior email was:
"Any and all artifacts that we put up under our stuff are our
artifacts and
people need to be able to verify that what we put up is what we
intended to
put up."
So, those are the legal bits. People need to be able to trust what
we put
up their. Sigs and MD5 hashes, etc. help establish that trust.
You can read more about ASF reqs on releases at:
http://www.apache.org/dev/#releases
--------------------------
Grant Ingersoll
http://www.lucidimagination.com/
Search the Lucene ecosystem (Lucene/Solr/Nutch/Mahout/Tika/Droids)
using Solr/Lucene:
http://www.lucidimagination.com/search
