paulk-asert commented on code in PR #2461:
URL: https://github.com/apache/groovy/pull/2461#discussion_r3067990201
##########
gradle/verification-metadata.xml:
##########
@@ -963,12 +963,22 @@
<sha512
value="b810ce040ed0671a3161fb197845f3ae750cd38c474ef54c351b7b127ff3b4d624a26c33450c62474f42c1cde21c65324cda63b1b3ea0515a286e0bcb0c0c9d5"
origin="Generated by Gradle" reason="A key couldn't be downloaded"/>
</artifact>
</component>
+ <component group="jakarta.servlet" name="jakarta.servlet-api"
version="6.1.0">
Review Comment:
I have just swapped the build to use an armor formatted keyring file in the
last 30 mins. I plan to update the keys file and also add a pgp entry in one
go. This doesn't affect any functionality of the groovy-servlet component, just
ensures we are confident that we compiled and ran tests against trusted
versions. It is more critical for dependencies that we include in our
distributions, but I'll fix it here too. Thanks for taking the time to write
those comments.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
