Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [dash-dev] repo.eclipse.org maven instance testing

I am going with limited knowledge of how Maven works, so please bear with me.

Our thoughts on limiting publishing to Hudson only is that Hudson provides us with a mechanism to provide a central set of credentials that are not exposed to the general public.  Just like signins.

If there is a way to allow multiple people to publish artifacts securely from various locations without having to store committer credentials in plaintext files, or giving everyone the keys to the entire repo, then I (and Thanh) are all ears.

Denis


On 02/23/2013 11:26 AM, Jesse McConnell wrote:

Why are you adding this restriction to maven usage while binaries built to be signed by the official Eclipse Foundation key can be built on whatever virus and compromised machines you wish to be uploaded and signed as official binaries?

cheers,
jesse



Back to the top