slawekjaranowski commented on code in PR #645:
URL: https://github.com/apache/maven-site/pull/645#discussion_r1933344697
##########
content/apt/repository/guide-central-repository-upload.apt:
##########
@@ -116,22 +101,23 @@ Requirements
* PGP Signature
- When people download artifacts from the Central Repository, they might want
to verify these artifacts' PGP
+ When people download artifacts from the Central Repository, they should
verify these artifacts' PGP
signatures against a public key server.
If there are no signatures, then users have no guarantee that they
are downloading the original artifact.
- To improve the quality of the Central Repository, we require you to provide
PGP signatures for all your artifacts (all
- files except checksums), and distribute your public key to a key server like
{{{http://pgp.mit.edu}http://pgp.mit.edu}}. Read
- {{{http://central.sonatype.org/pages/working-with-pgp-signatures.html}Working
with PGP Signatures}}
+ The Central Repository requires PGP signatures for all artifacts (all
+ files except checksums) with a public key available from a key server
+ like {{{https://pgp.mit.edu}https://pgp.mit.edu}}. Read
+
{{{https://central.sonatype.org/pages/working-with-pgp-signatures.html}Working
with PGP Signatures}}
Review Comment:
```suggestion
{{{https://central.sonatype.org/publish/requirements/gpg/}Working with PGP
Signatures}}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
