Closed nrktkt closed 3 years ago
Out of my zone. I'm not going to neither in control of the CI server nor willing to handle the gpg key.
Deferred in entirety to @getify.
PS: @kag0, simply typing #36
will also link the 36'th issue. You don't need to paste the whole url.
I've made up a little guide for continuous deployment to maven central, it includes a section on gpg key creation and management.
For the java port, code deployed to maven central (see #36) is required to be signed. To this end, a gpg key should be created for the organization. This key should be controlled by the maintainers of the organization, and can be securely added to a CI server for automated deployment.