[cross-project-issues-dev] RAP is Contributing Unsigned Content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[cross-project-issues-dev] RAP is Contributing Unsigned Content

From: Ed Merks <ed.merks@xxxxxxxxx>
Date: Mon, 5 Sep 2022 20:28:37 +0200
Delivered-to: cross-project-issues-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/cross-project-issues-dev/>
List-help: <mailto:cross-project-issues-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev>, <mailto:cross-project-issues-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/cross-project-issues-dev>, <mailto:cross-project-issues-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.13.0

FYI,

I noticed today that RAP is contributing unsigned content:

  https://github.com/eclipse-rap/org.eclipse.rap/issues/50

This slipped through the testing/reporting because in the platform 4.25repo, the artifact is PGP signed, but in the RAP repo it is not. Thereporting process gathers information from all the repos and it findsPGP signed one first; that one then looks fine. The aggregator picks upthe one without the PGP signature, at least fororg.apache.commons.commons-io.

I'll try find if I can improve that in the aggregator, pick the artifactthat is PGP signed, but of course ideally RAP fixes this for RC2 intheir own repository.


Regards,
Ed

Follow-Ups:
- Re: [cross-project-issues-dev] RAP is Contributing Unsigned Content
  - From: Ed Merks

Prev by Date: Re: [cross-project-issues-dev] 2022-09 Participation
Next by Date: Re: [cross-project-issues-dev] RAP is Contributing Unsigned Content
Previous by thread: [cross-project-issues-dev] New JustJ JREs for 11, 17, and 18
Next by thread: Re: [cross-project-issues-dev] RAP is Contributing Unsigned Content
Index(es):
- Date
- Thread

Breadcrumbs