+1 to that.
Otherwise it certainly can be done by pom.xml properties
On 21 Feb 2014, at 17:16, Gary Gregory wrote:
On Fri, Feb 21, 2014 at 10:51 AM, Nick Williams
nicho...@nicholaswilliams.net wrote:
I don't think it should even say WHO signed it. It already instructs
users
to download the
On Fri, Feb 21, 2014 at 12:13 AM, Ralph Goers ralph.go...@dslextreme.comwrote:
The download page - http://logging.apache.org/log4j/2.x/download.html -
lists the artifacts for the latest release. However, it says it was signed
by me with my key. The page needs to be updated to reflect that it
I don't think it should even say WHO signed it. It already instructs users to
download the KEYS file and import that file. Isn't that sufficient? As long as
the artifacts are signed by someone in that KEYS file, doesn't that take care
of it? Why does this page need to list someone's name?
Nick
On Fri, Feb 21, 2014 at 10:51 AM, Nick Williams
nicho...@nicholaswilliams.net wrote:
I don't think it should even say WHO signed it. It already instructs users
to download the KEYS file and import that file. Isn't that sufficient? As
long as the artifacts are signed by someone in that KEYS
The download page - http://logging.apache.org/log4j/2.x/download.html - lists
the artifacts for the latest release. However, it says it was signed by me with
my key. The page needs to be updated to reflect that it was signed by Nick.
Ralph
