On Mon, Nov 19, 2012 at 9:51 AM, Phil Hagelberg <p...@hagelb.org> wrote:
> Perhaps it would be helpful if you could explain in more detail what it > is about the provided explanation that you found confusing? > In the first step you use an actual example, then switch to $KEY_ID without explanation, instead of again showing an actual example. At the conj, you just put up slides without any indication of what $KEY_ID was or where it could be found. If you turn off :sign-releases inside your :repositories entry when > deploying libraries everything will work for you as before. But your > libraries won't qualify for the Releases repo in this case. So once your > users upgrade to Leiningen 2.0.0 they will have to include a separate > :repositories entry for the classic repo to indicate that they are OK > with pulling in dependencies that don't meet the higher standards of the > new repo. So the choices are: * follow the signing path (install and learn gpg etc), users don't need to do anything * ignore the signing path, Leiningen will refuse to upload your libraries? * explicitly turn off signing, users will be forced to change project.clj Which means this isn't really an optional change: Leiningen is forcing signing on the community. Again, I'm not arguing against it, I just want to be clear about whether we have a status quo option (we don't) so we must change. Indeed, the root problem is this notion that you can be a professional > software developer and remain ignorant of how public-key crypto works. > Are you saying that all those people who don't have gpg or similar installed are unprofessional? It seems that such a statement would insult a very large number of software developers. So collecting improved documentation and educational resources is going > to need to be a priority. I'll do what I can to put together good general > resources but will need help covering systems like Windows and OS X that > make things more difficult. > Perhaps you could run Windows and OS X in VMs on your Linux machine so you can experience what it is like and write about it from the perspective of a newbie on those OSes? The Windows experience for Clojure is already sub-par compared to OS X and Linux (although it has improved over time) and this is another Linux-centric change. OS X has been sufficiently Linux-y in the past to have escaped change but now is also on the other side of this particular fence. Have you considered adding keygen to Leiningen so that it can bridge that divide, as it does for every other aspect of the project automation process? (well, barring the initial curl/wget issue on Windows which can be mitigated by downloading the JAR directly) -- Sean A Corfield -- (904) 302-SEAN An Architect's View -- http://corfield.org/ World Singles, LLC. -- http://worldsingles.com/ "Perfection is the enemy of the good." -- Gustave Flaubert, French realist novelist (1821-1880) -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en
