Closed mbax closed 4 years ago
Having our own section would be a great idea. Especially if it includes information on using it with other tools commonly used in the MC community. I recently had a bit of an issue getting it to work with Artifactory's publish system, as signing adds to the archives
, and if the signature file isn't present it would then fail to publish.
@me4502 Thanks for the feedback! Are there any other tools you can think of that should be included in our documentation?
Publishing tools would be the main ones that'd be likely to hit issues.
But having an example of signing a reobfuscated jar from ForgeGradle could be useful, even though it is relatively straight forward.
Why do we restrict the email of the PGP-Key to the one you registered with?
Why do we restrict the email of the PGP-Key to the one you registered with?
What do you mean by that? Surely you would allow users to upload multiple keys right?
Doesn't look like its possible atm.
Closing as Ore no longer uses PGP. https://forums.spongepowered.org/t/ore-2-0-0-m1-deployed/33808
Problem: Users have trouble generating and using PGP keys.
Solution proposed: Better describe to users how to generate the keys. Hold their hands through it. Offer other methods through which they could handle things (Keybase? Online javascript-only tool?). Create our own, simpler documentation for using Maven or Gradle for signing because what we presently link to is a bit more complicated than users need.