Closed hboutemy closed 1 year ago
Hi @hboutemy,
Thank you for your message. I love the idea of https://github.com/jvm-repo-rebuild/reproducible-central.
There is the maven-bundle-plugin declaration on line 297 of relaod4j/pom.xml. Have you noticed that?
how was this Originally-Created-By field injected in published binaries?
The following command is invoked command to deploy artifacts on Maven Central:
mvn deploy -P javadocjar,sign-artifacts
I noticed the toolchains profile but I do no think it is used at all.
Hi @ceki ,
I love the idea of https://github.com/jvm-repo-rebuild/reproducible-central.
thank you, it's a huge work, I'm happy that you find it useful
The following command is invoked command to deploy artifacts on Maven Central: mvn deploy -P javadocjar,sign-artifacts
oh, I now understand: you run mvn
twice = once to build initially, once to deploy
and bundle plugin modifies the output on the second run...
ok, I think I'll be able to tweak my rebuild script to do that double mvn
invocation process
in the future, I suggest you to clean first when deploying = mvn clean deploy -P javadocjar,sign-artifacts
woohoo, now I am able to reproduce release 1.2.22! https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/ch/qos/reload4j/README.md
notice: you can also by just running ./rebuild.sh content/ch/qos/reload4j/reload4j-1.2.22.buildspec
I am very happy to hear that. Awesome news.
reload4j has near full Reproducible Build: https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/ch/qos/reload4j/README.md
but there is only one strange difference:
how was this
Originally-Created-By
field injected in published binaries? Should the rebuild script do more than justmvn package
to get this field injected? (I did not see any profile for that in project'spom.xml
)