It includes generating sha512 checksums for the source-release (not the
artifacts going to maven central where sha1 and md5 are pretty built-in).
I updated the Jena parent POM.
The next Jena release will have to tweak the process slightly, hopefully
just not having to fix up sha-checksums. But this step only happens in
the release:preform so is untested for now.
What I haven't figure out is how this interacts with the source-release
going off to Maven central which is the way the release plugin generates
the source-release in the first place.
Now SHA1 is being to look less safe, the foundation is moving to prefer
sha256/sha512 only as being an example of good practice.
Andy
-------- Forwarded Message --------
Subject: [ANN] Apache Software Foundation Parent POM Version 21 Released
Date: Thu, 23 Aug 2018 00:08:14 +0200
From: Hervé Boutemy <[email protected]>
Reply-To: [email protected]
To: [email protected], [email protected]
CC: [email protected], [email protected]
The Apache Maven team is pleased to announce the release of the Apache
Software Foundation Parent POM Version 21.
https://maven.apache.org/pom/asf/
You should specify the version in your project as parent like the following:
<parent>
<groupId>org.apache</groupId>
<artifactId>apache</artifactId>
<version>21</version>
</parent>
You can download the appropriate sources etc. from the download page:
http://maven.apache.org/pom/asf/download.html
Release Notes - Maven POMs - Version ASF-21
** New Feature
* [MPOM-205] - create SHA-512 checksum for source-release
archive(s) in target/checkout/target/ during release
Changes since version 20:
https://gitbox.apache.org/repos/asf?p=maven-apache-parent.git;a=blobdiff;f=pom.xml;hb=apache-21;hpb=apache-20
https://github.com/apache/maven-apache-parent/compare/apache-20...apache-21
Enjoy,
-The Apache Maven team