I have been looking at the release plugin a fair bit lately and noticed something that concerned me.
The first modification of the pom changes the version to remove the "-SNAPSHOT" and also changes the SCM values to point to the tag location instead of the trunk location. Once done, it then commits this change to trunk. So what happens if another user checks out the project during this window? I just tried testing it myself by interrupting a release:prepare right after the first commit. I then checkout the project to a another directory and lo and behold, the version looked like a released version and the SCM information referenced the tag not the trunk. Can anyone else confirm this? This seems pretty dangerous. --- Todd Thiessen
