Because it doesn't provide any value. If Maven supported the
verification of a signature of the artifact I wouldn't want hashes at all.
Brian E. Fox wrote:
Hashes are generated for everything shoved into the repository. Why wouldn't
you want a hash on your sig?
-----Original Message-----
From: Chad La Joie [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 23, 2008 6:30 AM
To: Maven Users List
Subject: MD5/SHA1 Hashes on artifacts
Maven produces MD5 and SHA1 hashes for artifacts published through the
deploy plugin (at least I think that's where it's occurring). Is there
a means to limit for which files a has is generated?
Specifically I don't want hashes generated for my PGP signatures.
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
[EMAIL PROTECTED], http://www.switch.ch
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
