[jira] [Commented] (MGPG-97) add pgpverify check to the build

ASF GitHub Bot (Jira) Fri, 28 Apr 2023 05:20:05 -0700


    [ 
https://issues.apache.org/jira/browse/MGPG-97?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17717648#comment-17717648
 ]


ASF GitHub Bot commented on MGPG-97:
------------------------------------

hboutemy commented on PR #48:
URL: https://github.com/apache/maven-gpg-plugin/pull/48#issuecomment-1527483398

   this is part for the experience: if we do not check signature, why sign at 
all?




> add pgpverify check to the build
> --------------------------------
>
>                 Key: MGPG-97
>                 URL: https://issues.apache.org/jira/browse/MGPG-97
>             Project: Maven GPG Plugin
>          Issue Type: Improvement
>    Affects Versions: 3.0.1
>            Reporter: Herve Boutemy
>            Assignee: Herve Boutemy
>            Priority: Major
>             Fix For: 3.1.0
>
>
> signing is useful only if signature checks are done
> let's apply this best practice to maven-gpg-plugin itself



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MGPG-97) add pgpverify check to the build

Reply via email to