Invalid Geronimo signatures in central
--------------------------------------
Key: MEV-662
URL: http://jira.codehaus.org/browse/MEV-662
Project: Maven Evangelism
Issue Type: Bug
Reporter: Anders Hammar
I've found a few more invalid signatures in central:
org.apache.geronimo.genesis:genesis:pom:1.2 - This one has been reported in
GERONIMO-5309 as well.
org.apache.geronimo.specs:geronimo-j2ee-management_1.0_spec:pom:1.1
org.apache.geronimo.specs:geronimo-ejb_2.1_spec:pom:1.1
org.apache.geronimo.specs:geronimo-j2ee-deployment_1.1_spec:pom:1.1
org.apache.geronimo.specs:geronimo-ejb_3.0_spec:pom:1.0
I found these when trying to download dependencies through Nexus Pro signature
procurement. I would suspect that there are more invalid signatures within the
org.apache.geronimo space.
Not sure what should be done - should these signatures be removed? As it's the
poms, it should be possible for the Geronimo project to check against svn and
re-sign, but the comments in GERONIMO-5309 makes me suspect they don't want to
do that.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
