[jira] [Updated] (MPOM-205) create SHA-512 checksum for source-release archive(s) in target/ during release
[ https://issues.apache.org/jira/browse/MPOM-205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hervé Boutemy updated MPOM-205: --- Description: currently, during Apache release, checksums are not created in target/ directory: checksums are created on the fly during deploy to the Maven repository (for absolutely every artifact, be it "normal" artifacts or source release) while source release archive and its signature are available in target/ (or target/checkout/target during release with Maven Release Plugin), checksums are not there: this gives people the bad habit to download everything (not only checksums) from Apache Nexus repository after deploy to copy to Apache /dist/ it would be useful to have the checksums for source release available in target/ (then in target/checkout/target during release) this would also prepare having new Apache checksums requirements for Apache mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums sha256 and sha512 are not used for Maven repositories (and even not supported: they are considered as artifacts, not checksums, then require md5 and sha1 checksum files...), but they are required for Apache source release distribution was: currently, during Apache release, checksums are not created in target/ directory: checksums are created on the fly during deploy to the Maven repository (for absolutely every artifact, be it normal artifacts or source release) while source release archive and its signature are available in target/, checksums are not there: this gives people the bad habit to download everything (not only checksums) from Apache Nexus repository after deploy to copy to Apache /dist/ it would be useful to have the checksums for source release available in target/ this would also prepare having new Apache checksums requirements for Apache mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums sha256 and sha512 are not used for Maven repositories, but they are required for Apache source release distribution > create SHA-512 checksum for source-release archive(s) in target/ during > release > --- > > Key: MPOM-205 > URL: https://issues.apache.org/jira/browse/MPOM-205 > Project: Maven POMs > Issue Type: New Feature > Components: asf >Affects Versions: ASF-20 >Reporter: Hervé Boutemy >Assignee: Hervé Boutemy >Priority: Major > Fix For: ASF-21 > > > currently, during Apache release, checksums are not created in target/ > directory: checksums are created on the fly during deploy to the Maven > repository (for absolutely every artifact, be it "normal" artifacts or source > release) > while source release archive and its signature are available in target/ (or > target/checkout/target during release with Maven Release Plugin), checksums > are not there: this gives people the bad habit to download everything (not > only checksums) from Apache Nexus repository after deploy to copy to Apache > /dist/ > it would be useful to have the checksums for source release available in > target/ (then in target/checkout/target during release) > this would also prepare having new Apache checksums requirements for Apache > mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums > sha256 and sha512 are not used for Maven repositories (and even not > supported: they are considered as artifacts, not checksums, then require md5 > and sha1 checksum files...), but they are required for Apache source release > distribution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (MPOM-205) create SHA-512 checksum for source-release archive(s) in target/ during release
[ https://issues.apache.org/jira/browse/MPOM-205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hervé Boutemy updated MPOM-205: --- Description: currently, during Apache release, checksums are not created in target/ directory: checksums are created on the fly during deploy to the Maven repository (for absolutely every artifact, be it normal artifacts or source release) while source release archive and its signature are available in target/, checksums are not there: this gives people the bad habit to download everything (not only checksums) from Apache Nexus repository after deploy to copy to Apache /dist/ it would be useful to have the checksums for source release available in target/ this would also prepare having new Apache checksums requirements for Apache mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums sha256 and sha512 are not used for Maven repositories, but they are required for Apache source release distribution was: currently, during Apache release, checksums are not created in target/ directory: checksums are created on the fly during deploy to the Maven repository while source release archive and its signature are available in target/, checksums are not there: this gives people the bad habit to download everything (not only checksums) from Apache Nexus repository after deploy to copy to Apache /dist/ it would be useful to have the checksums available in target/ this would also prepare having new Apache checksums requirements for Apache mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums sha256 and sha512 are not used for Maven repositories, but they are required for Apache source release distribution > create SHA-512 checksum for source-release archive(s) in target/ during > release > --- > > Key: MPOM-205 > URL: https://issues.apache.org/jira/browse/MPOM-205 > Project: Maven POMs > Issue Type: New Feature > Components: asf >Affects Versions: ASF-20 >Reporter: Hervé Boutemy >Priority: Major > Fix For: ASF-21 > > > currently, during Apache release, checksums are not created in target/ > directory: checksums are created on the fly during deploy to the Maven > repository (for absolutely every artifact, be it normal artifacts or source > release) > while source release archive and its signature are available in target/, > checksums are not there: this gives people the bad habit to download > everything (not only checksums) from Apache Nexus repository after deploy to > copy to Apache /dist/ > it would be useful to have the checksums for source release available in > target/ > this would also prepare having new Apache checksums requirements for Apache > mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums > sha256 and sha512 are not used for Maven repositories, but they are required > for Apache source release distribution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (MPOM-205) create SHA-512 checksum for source-release archive(s) in target/ during release
[ https://issues.apache.org/jira/browse/MPOM-205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hervé Boutemy updated MPOM-205: --- Summary: create SHA-512 checksum for source-release archive(s) in target/ during release (was: create SHA-256 and SHA-512 checksums in target/ during release) > create SHA-512 checksum for source-release archive(s) in target/ during > release > --- > > Key: MPOM-205 > URL: https://issues.apache.org/jira/browse/MPOM-205 > Project: Maven POMs > Issue Type: New Feature > Components: asf >Affects Versions: ASF-20 >Reporter: Hervé Boutemy >Priority: Major > Fix For: ASF-21 > > > currently, during Apache release, checksums are not created in target/ > directory: checksums are created on the fly during deploy to the Maven > repository > while source release archive and its signature are available in target/, > checksums are not there: this gives people the bad habit to download > everything (not only checksums) from Apache Nexus repository after deploy to > copy to Apache /dist/ > it would be useful to have the checksums available in target/ > this would also prepare having new Apache checksums requirements for Apache > mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums > sha256 and sha512 are not used for Maven repositories, but they are required > for Apache source release distribution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
