maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles Honton (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (MGPG-43) Allow signing of arbitrary artifacts
Date Sun, 04 Dec 2016 15:56:58 GMT

    [ https://issues.apache.org/jira/browse/MGPG-43?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15720163#comment-15720163
] 

Charles Honton commented on MGPG-43:
------------------------------------

Clarification: 
first work by Sebb (MGPG43, MGPG43-2, MGPG43-3) creates a goal 'signfiles'.
second work by Chas (MGPG-43) creates two goals 'sign-files' and 'checksum-files'.  Included
are integration tests and updated documentation.

> Allow signing of arbitrary artifacts
> ------------------------------------
>
>                 Key: MGPG-43
>                 URL: https://issues.apache.org/jira/browse/MGPG-43
>             Project: Maven GPG Plugin
>          Issue Type: New Feature
>            Reporter: Sebb
>         Attachments: MGPG-43.patch, MGPG43-2.patch, MGPG43-3.patch, MGPG43.patch
>
>
> At present, the plugin relies on being run after the "package" phase, presumably so it
knows which files to sign.
> This is fine if all the artifacts are intended for distribution via Maven repos, but
there are other distribution mechanisms where signed artifacts are needed. For example, ASF
releases to their mirror system.
> It would be useful if there was a separate goal for signing files using standard includes/excludes.
> Ideally this would also be integrated with the assembly plugin somehow so it could obtain
the list of files from the plugin.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message