Hi,
On 08/12/18 08:56, Alex Harui wrote:
On 12/7/18, 10:49 PM, "Allen Wittenauer" <a...@effectivemachines.com.INVALID>
wrote:
> On Dec 7, 2018, at 10:22 PM, Alex Harui <aha...@adobe.com.INVALID> wrote:
>
> Maven's release plugins commit and push to Git and upload to
repository.a.o. I saw that some folks have a node that can commit to the a.o
website SVN. Is anyone already doing releases from builds? What issues are
there, if any?
It's just flat out not secure enough to do a release on.
Can you give me an example of how it isn't secure enough?
I would be interested as well...
Furthermore we (Maven Team) doing the website via SVN/GitPubSub on a
node but NOT for the releases of plugins/components only for the
https://maven.apache.org/ site[1]
The releases are done from the local machine for a reason...We sign the
artifacts which could only do from my local machine otherwise I had to
upload my GPG key to a machine ?
Kind regards
Karl Heinz Marbaise
Apache Maven PMC
[1]:
https://builds.apache.org/view/M-R/view/Maven/job/maven-box/job/maven-site/
