[ https://issues.apache.org/jira/browse/UIMA-6453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17536504#comment-17536504 ]
Richard Eckart de Castilho commented on UIMA-6453: -------------------------------------------------- The problem seems to have been introduced when switching from {{parent-pom-13}} to {{parent-pom-14}}. > Invalid SHA512 generated for Maven artifacts > -------------------------------------------- > > Key: UIMA-6453 > URL: https://issues.apache.org/jira/browse/UIMA-6453 > Project: UIMA > Issue Type: Bug > Components: Build, Packaging and Test > Affects Versions: 3.2.0uimaFIT, 3.2.0SDK, 3.1.0ruta, 3.3.0SDK > Reporter: Richard Eckart de Castilho > Assignee: Richard Eckart de Castilho > Priority: Major > Fix For: 3.3.0uimaFIT, parent-pom-15, 3.3.1SDK, 3.2.0ruta > > > The SHA512 signature files we generate for the Maven artifacts overwrite each > other. E.g. in the recent uimaFIT 3.3.0 RC 2, I found: > {noformat} > % cat > org/apache/uima/uimafit-maven-plugin/3.3.0/uimafit-maven-plugin-3.3.0.sha512 > 4db94daceccf1727b1620a20a708eb1830a95fa8ad967219ad7fff537bf845055174f659b43f3bb827cd1296d4608c10b3f36306a76da4dd27af50a45517bb2f > uimafit-maven-plugin-3.3.0-javadoc.jar > {noformat} > Looking at Maven Central, I can see such bad signatures in multiple releases: > *UIMAJ* > * https://repo1.maven.org/maven2/org/apache/uima/uimaj-core/3.1.1/ - looks ok > * https://repo1.maven.org/maven2/org/apache/uima/uimaj-core/3.2.0/ - BAD > * https://repo1.maven.org/maven2/org/apache/uima/uimaj-core/3.3.0/ - BAD > (latest version) > > *uimaFIT* > * https://repo1.maven.org/maven2/org/apache/uima/uimafit-core/3.1.0/ - looks > ok > * https://repo1.maven.org/maven2/org/apache/uima/uimafit-core/3.2.0/ - BAD > (latest version) > > *RUTA* > * https://repo1.maven.org/maven2/org/apache/uima/ruta-core/3.0.1/ - looks ok > * https://repo1.maven.org/maven2/org/apache/uima/ruta-core/3.1.0/ - BAD > (latest version) > *UIMA-AS* > * https://repo1.maven.org/maven2/org/apache/uima/uimaj-as-core/2.9.0/ - last > release seems to have been before the SHA512 requirement > *DUCC* > * https://repo1.maven.org/maven2/org/apache/uima/uima-ducc-common/3.0.0/ - > looks ok (latest version) -- This message was sent by Atlassian Jira (v8.20.7#820007)