+1 binding. The process I used for verifying this were covered in the slider -dev release post, but essentially
Stage 1: verify POM dependencies -checked out dependency checker at https://github.com/steveloughran/slider-dependency-check -updated slider dependency to 0.81.1-incubating -mvn package -Pstaging downloaded artifacts and built into a JAR; verified all artifacts were retrieved Stage 2: download and verify source tar & zip packages -confirm over skype Jon's PGP fingerprint was 4AC1 5827 ... ; signed this and pushed signature to MIT PGP repo -D/L src zip and tars -verify signature $ gpg --verify slider-0.81.1-incubating-source-release.tar.gz.asc slider-0.81.1-incubating-source-release.tar.gz gpg: Signature made Thu 22 Oct 22:03:03 2015 BST using RSA key ID 7BA8B406 gpg: Good signature from "Jonathan Maron <jma...@apache.org<mailto:jma...@apache.org>>" [full] $ gpg --verify slider-0.81.1-incubating-source-release.zip.asc slider-0.81.1-incubating-source-release.zip gpg: Signature made Thu 22 Oct 22:03:03 2015 BST using RSA key ID 7BA8B406 gpg: Good signature from "Jonathan Maron <jma...@apache.org<mailto:jma...@apache.org>>" [full] build & test from zip. --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
