Uploaded image for project: 'Maven POMs (Moved to GitHub issues) '
  1. Maven POMs (Moved to GitHub issues)
  2. MPOM-205

create SHA-512 checksum for source-release archive(s) in target/checkout/target/ during release

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • ASF-20
    • ASF-21
    • asf
    • None

    Description

      currently, during Apache release, checksums are not created in target/ directory: checksums are created on the fly during deploy to the Maven repository (for absolutely every artifact, be it "normal" artifacts or source release)

      while source release archive and its signature are available in target/ (or target/checkout/target during release with Maven Release Plugin), checksums are not there: this gives people the bad habit to download everything (not only checksums) from Apache Nexus repository after deploy to copy to Apache /dist/

      it would be useful to have the checksums for source release available in target/ (then in target/checkout/target during release)

      this would also prepare having new Apache checksums requirements for Apache mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums
      sha256 and sha512 are not used for Maven repositories, but they are required for Apache source release distribution

      Notice: .sha256 and .sha512 files are not only not supported for Maven repositories, but even not supported: they are considered as artifacts, not checksums, then require md5 and sha1 checksum files and .asc detached signature...
      Then the .sha512 file is not to be deployed to the Maven repository, only Apache /dist/

      Attachments

        Issue Links

          Activity

            People

              hboutemy Herve Boutemy
              hboutemy Herve Boutemy
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: