[
http://jira.codehaus.org/browse/MAVENUPLOAD-2711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=217524#action_217524
]
Stefano Bagnara commented on MAVENUPLOAD-2711:
----------------------------------------------
Well, everything landed on central without any check for years, I'm happy to
see now there is some control, but I don't like too much the new rules.
BTW, The only URL I found about uploading third party JARs to central does not
give any hint about what are the new rules, so before I waste cycles can you
point me to some decent checklist?
E.g:
1) As you ask sources and javadocs jar I decided that it was easier for me to
siply write a full pom and build from sources the projects. Should I upload my
own compiled binary jar or the original distribution one? (I'd prefer the
original...).
2) It seems you now require PGP signatures: should I only sign the bundle or
every jar/pom like it was a release from me?
Is there anything else I should know before starting this pain? Yes, it's a
pain because most dnsjava depending maven projects around still make use of an
insicure and outdated dnsjava simply because a newer one is not on central.
And please, update the mini guide as it obviously contains misleading
informations.
> dnsjava 2.0.8
> -------------
>
> Key: MAVENUPLOAD-2711
> URL: http://jira.codehaus.org/browse/MAVENUPLOAD-2711
> Project: Maven Upload Requests
> Issue Type: Wish
> Reporter: Stefano Bagnara
> Assignee: Juven Xu
>
> dnsjava 2.0.8
> I'm not the author of dnsjava, but I already uploaded the 2.0.1 to 2.0.6
> bundles, so here we are with newer bundles.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
