Closed greglook closed 1 year ago
Note: Clojars no longer requires checksum files for signature files (as of https://github.com/clojars/clojars-web/issues/859), since that is the new maven/aether default. So this workaround should no longer be necessary.
I've been attempting to publish a new version of one of my projects with
deps-deploy
for a bit and banging my head into a wall, because I kept getting a 403 error due to missing checksums:I found a couple of previous issues related to this, including https://github.com/slipset/deps-deploy/issues/11, but the fix supplied there was definitely in the version I was using and yet I still couldn't published signed artifacts. This prior change sets the
aether.checksums.forSignature
property to true, which presumably gets the maven library to compute these signatures on the fly.My investigation eventually led me to this page on Maven Artifact Resolver configuration options, and I noticed that in the newer versions the option has changed to
aether.checksums.omitChecksumsForExtensions
. The description for that says:I added that setting alongside the older one to maintain backwards compatibility, and the deploy worked after that.