[ https://issues.apache.org/jira/browse/UIMA-6444?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Richard Eckart de Castilho updated UIMA-6444: --------------------------------------------- Fix Version/s: 3.4.1SDK (was: 3.4.0SDK) > Automatically sign Eclipse plugins during release builds > -------------------------------------------------------- > > Key: UIMA-6444 > URL: https://issues.apache.org/jira/browse/UIMA-6444 > Project: UIMA > Issue Type: Improvement > Reporter: Richard Eckart de Castilho > Assignee: Richard Eckart de Castilho > Priority: Major > Fix For: 3.4.1SDK > > > *Note:* we do have detached PGP signatures for the Eclipse update site > artifacts - it is mandatory according to the ASF release policy - but they > are currently not included in such a way that Eclipse can verify them and > offer the user to trust them during the plugin installation process. > ---- > Currently, we do not sign the Eclipse plugins because it is extra effort and > the old way of using the Symantec Service are gone anyway. > There is a new jarsigning approach which could be used. > Alternatively, it is meanwhile possible to embed PGP signatures in P2 > repositories. > Let's see which of these options are viable for us. -- This message was sent by Atlassian Jira (v8.20.10#820010)