We sign the release as part of that process, but we haven't signed the jars before.
----- Original message ----- > Does we already sign the jars that River builds with a valid PGP signature? > Does > the project have a public key in a public key server? If not we most likely > will > need to for deployment to the Central Maven repository. > > On Feb 9, 2013, at 635PM, Dennis Reedy wrote: > > > Since we are about to deploy River jars to the ASF Jar Repository, I'd like > > to > > make sure that as a project, we understand what needs to happen. Please > > review > > this document: http://www.apache.org/dev/publishing-maven-artifacts.html > > > > Since we are not a Maven project, and we do not use Ivy, I wrote a Groovy > > script that uses the Maven deploy plugin > > (http://maven.apache.org/plugins/maven-deploy-plugin/deploy-file-mojo.html) > > to > > deploy River artifacts. If you want to be able to deploy to the ASF > > repository > > you must configure Maven according to the guidelines in the referenced > > document. > > > > Aside from the various configuration guidelines, of interest is the "Common > > Procedures" section as well. I've tested the deployment script, a staging > > repository does get created with the artifacts. I have also "dropped" the > > repository, since we are not yet ready to release 2.2.1. > > > > Regards > > > > Dennis > > >
