Adam Lally wrote:
On 8/8/07, Thilo Goetz <[EMAIL PROTECTED]> wrote:
Sure, that would be good. I'm currently building a new level, I'll
create the maven artifacts manually for this one.
I'm actually having some trouble at the moment... For one thing mvn
repository:bundle-create fails when I run it on the root uimaj
project, basically because this project doesn't have any artifact
associated with it. Of course it would be nice if it would build the
artifacts for the sub-projects...
Next issue is that running it on uimaj-core complains about missing
fields in the POM, which I'm looking into. This may be a good thing
that it's catching.
One more question: I assume that the mvn artifacts do not need to
be signed, at least I didn't see anything about that. Is that your
understanding also?
I think that is correct.
Adam's done a great deal of work getting this Maven thing to go - Thanks!
I've found some places in Apache docs where it seems to be true that the
Maven artifacts themselves,
do need to be signed. One of these is the ref to releasing "Struts",
found here:
http://struts.apache.org/2.x/docs/creating-and-signing-a-distribution.html
see step 6 and 7.
Next, see http://www.apache.org/dev/release-publishing.html
which, while not specific to Maven, seems to indicate the need to sign
individual Jars, etc.
Also, http://mina.apache.org/developer-guide.html in step 2 uses
gpg-sign-all script to sign all the jars.
Some of the jar signing I saw seemed to be of a different ilk than gpg
signing.
Do you know how the Jar signing described in
http://java.sun.com/docs/books/tutorial/deployment/jar/signindex.html
relates to the gpg signing?
-Marshall
