On 4/1/07, Stefan Bodewig <[EMAIL PROTECTED]> wrote:
On Fri, 30 Mar 2007, Xavier Hanin <[EMAIL PROTECTED]> wrote: > Ok, so I'll add checksum generation in the build-release.xml > script. But maybe signing could also be part of the script? If so, > any example I could use? I have simple shell script that I've taken from Antoine at once. ,----[ signdist ] | #!/bin/sh | for i in `find distribution \( -name \*.bz2 -o -name \*.zip -o -name \*.gz \)` | do | echo "Signing " $i | gpg -a -b --force-v3-sigs $i | done `---- which isn't really too fancy - but I don't need to remember which arguments gpg needs to create PGP 5.x compatible signatures that way.
Thanks. Is it a good idea to include this script in Ivy build script, or adding to the release guide is enough? I think Antoine has added a sign task to commons-openpgp (in Jakarta
Commons' Sandbox) but I've never used it myself.
For first release at least I think using unix tool will be good (and simple) enough.
Oh, and one last question about distribution format: Ivy releases > used to be distributed only in zip, should we also provide tar.gz? Yes, please, this might be nice for people living on Unix systems without InfoZIP (not that they are too common these days).
Ok, so I'll update the build-release.xml script. Thanks for your help, - Xavier Stefan
-- Learn Ivy at ApacheCon: http://www.eu.apachecon.com/ Manage your dependencies with Ivy! http://incubator.apache.org/ivy/
