Hi Andy,
Thanks for bringing this up and looking into the mechanics of how to
get it working. I am a +1 for signing our maven artifacts.
Thanks,
Kevin
On Wed, May 29, 2019 at 6:09 PM Andy LoPresto wrote:
>
> Hi folks,
>
> I am writing to propose updating our release process to include signing
Hi folks,
I am writing to propose updating our release process to include signing
artifacts with GPG. Currently we sign the full build (i.e.
nifi-x.y.z-source-release.tar.gz) with the GPG key of the release manager, and
the corresponding public key is available in our KEYS file, hosted by Apach