[
https://issues.apache.org/jira/browse/MPOM-205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hervé Boutemy updated MPOM-205:
-------------------------------
Summary: create SHA-512 checksum for source-release archive(s) in
target/checkout/target/ during release (was: create SHA-512 checksum for
source-release archive(s) in target/ during release)
> create SHA-512 checksum for source-release archive(s) in
> target/checkout/target/ during release
> -----------------------------------------------------------------------------------------------
>
> Key: MPOM-205
> URL: https://issues.apache.org/jira/browse/MPOM-205
> Project: Maven POMs
> Issue Type: New Feature
> Components: asf
> Affects Versions: ASF-20
> Reporter: Hervé Boutemy
> Assignee: Hervé Boutemy
> Priority: Major
> Fix For: ASF-21
>
>
> currently, during Apache release, checksums are not created in target/
> directory: checksums are created on the fly during deploy to the Maven
> repository (for absolutely every artifact, be it "normal" artifacts or source
> release)
> while source release archive and its signature are available in target/ (or
> target/checkout/target during release with Maven Release Plugin), checksums
> are not there: this gives people the bad habit to download everything (not
> only checksums) from Apache Nexus repository after deploy to copy to Apache
> /dist/
> it would be useful to have the checksums for source release available in
> target/ (then in target/checkout/target during release)
> this would also prepare having new Apache checksums requirements for Apache
> mirroring: http://www.apache.org/dev/release-distribution#sigs-and-sums
> sha256 and sha512 are not used for Maven repositories (and even not
> supported: they are considered as artifacts, not checksums, then require md5
> and sha1 checksum files...), but they are required for Apache source release
> distribution
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
