Dear all, I hope this is the correct list to ask this, please direct me elsewhere if it is not.
We are trying to stage a release on Nexus. As suggested here <https://infra.apache.org/release-distribution> and here <https://infra.apache.org/publishing-maven-artifacts.html>, I removed the .md5 and .sha1 files for the .zip/.tar.gz files before closing the release. Note that these files are still signed with sha512. However, when I try to close the release the process fails with an error saying that Apache Rules failed because there is no md5 and no sha1: Event: Failed: Checksum Validation typeId checksum-staging failureMessage Required SHA-1: '/org/apache/jdo/3.2-RC3/jdo-3.2-RC3-source-release.zip.sha1' failureMessage Required MD5: '/org/apache/jdo/3.2-RC3/jdo-3.2-RC3-source-release.zip.md5' failureMessage Required SHA-1: '/org/apache/jdo/3.2-RC3/jdo-3.2-RC3-source-release.tar.gz.sha1' failureMessage Required MD5: '/org/apache/jdo/3.2-RC3/jdo-3.2-RC3-source-release.tar.gz.md5' It appears that the "Apache Rules" in Nexus contradict the recommendations in the documentation. Any suggestion what to do? - Is there a way to specify different (newer?) Apache Rules to be executed in Nexus? - Can I configure the process? - Should I leave sha1/md5 in the release? Any pointers are appreciated. In case it matters, here is our parent .pom: https://github.com/apache/db-jdo/blob/3.2/parent-pom/pom.xml Thanks, Til
