On Tue, Apr 23, 2013 at 8:51 AM, Gary Gregory <garydgreg...@gmail.com>wrote:
> On Tue, Apr 23, 2013 at 8:39 AM, sebb <seb...@gmail.com> wrote: > >> On 23 April 2013 02:19, Gary Gregory <garydgreg...@gmail.com> wrote: >> >> > To release Codec 1.8, I just tried following >> > https://commons.apache.org/releases/prepare.html >> > >> > In particular: >> > >> > "Before you close< >> > http://www.apache.org/dev/publishing-maven-artifacts.html#close-stage >> >the >> > staging repository you must remove the tarballs/zips together with >> > their PGP signatures and checksums using the Nexus web interface. While >> you >> > are at it you can also remove the checksums Nexus created for the PGP >> > signatures of the remaining artifacts, they are not needed at all." >> > >> > >> [BTW, this does not have to be done before closing; it can be done before >> publishing. Not sure why Nexus allows deletion from a closed repo, but it >> does] >> >> If a mistake is made, just delete and recreate the staging repo.It's not >> that difficult. >> > > OK, will do. > Here: https://repository.apache.org/content/repositories/orgapachecommons-129/ Gary > > Gary > > >> >> Nexus / Maven is not ideal in that it creates hashes for .ASC files, but >> having a staging repo is a huge benefit compared with the pre-Nexus >> situation. >> If you look around Maven Central, you will see a lot of mistaken releases >> (e.g. snapshots in the release area). Once released to Maven, it cannot be >> unreleased. >> >> I don't want to go back to that time. >> >> So I dutifully deleted .md5 and sha1 files and guess what? I messed it up >> > by deleting all MD5 and SHA1 files instead of just this one and that one >> > out of the 61 files that are presented in the UI. Frak! So beware, our >> > release process sucks rocks and does not do it well, as it has for >> years. >> > >> >> It still takes a bit of care, but I think it's a lot better / safer than >> it >> used to be. >> >> Note: it's possible to prevent the non-Maven artifacts from being uploaded >> to Nexus. >> It would then be possible to just leave the useless hashes in place >> However, this means additional work has to be done to create the >> tarballs/zips and their sigs/hashes. >> >> We just need a Maven expert to help fix up the process now that svnpubsub >> is in use. >> >> >> >> > :( >> > >> > Gary >> > >> > -- >> > E-Mail: garydgreg...@gmail.com | ggreg...@apache.org >> > Java Persistence with Hibernate, Second Edition< >> > http://www.manning.com/bauer3/> >> > JUnit in Action, Second Edition <http://www.manning.com/tahchiev/> >> > Spring Batch in Action <http://www.manning.com/templier/> >> > Blog: http://garygregory.wordpress.com >> > Home: http://garygregory.com/ >> > Tweet! http://twitter.com/GaryGregory >> > >> > > > > -- > E-Mail: garydgreg...@gmail.com | ggreg...@apache.org > Java Persistence with Hibernate, Second > Edition<http://www.manning.com/bauer3/> > JUnit in Action, Second Edition <http://www.manning.com/tahchiev/> > Spring Batch in Action <http://www.manning.com/templier/> > > Blog: http://garygregory.wordpress.com > Home: http://garygregory.com/ > Tweet! http://twitter.com/GaryGregory > -- E-Mail: garydgreg...@gmail.com | ggreg...@apache.org Java Persistence with Hibernate, Second Edition<http://www.manning.com/bauer3/> JUnit in Action, Second Edition <http://www.manning.com/tahchiev/> Spring Batch in Action <http://www.manning.com/templier/> Blog: http://garygregory.wordpress.com Home: http://garygregory.com/ Tweet! http://twitter.com/GaryGregory
