There are other issues with 2.0.4, so its highly recommended that you
use 2.0.5... and really probably 2.0.6 once that comes out next week.
--jason
On Mar 30, 2007, at 9:06 AM, Elliot Metsger wrote:
All,
Based on this warning from the GPG maven plugin page [0]:
Issue with invalid signatures on the pom files
Maven 2.0.5 fixes a problem where the pom files would end up changing
between signing them and deploying them. If the signatures on the pom
files are invalid, make sure you upgrade to Maven 2.0.5.
It appears those performing releases of Pluto should be using Maven
2.0.5.
It appears that if you use the GPG plugin with Maven 2.0.4, there
is a chance that artifacts deployed to the repository will have
invalid signatures.
Elliot
[0]: http://maven.apache.org/plugins/maven-gpg-plugin/examples/
deploy-signed-artifacts.html
