Uploaded image for project: 'Community Support - Open Source Project Repository Hosting'
  1. Community Support - Open Source Project Repository Hosting
  2. OSSRH-53267

Error while release my staging repositories, 'maven-metadata.xml.sha512' is not allowed

    XMLWordPrintable

Details

    • Publishing Support
    • Resolution: Fixed
    • Major
    • null
    • oss.sonatype.org
    • No

    Description

      Error==================================================

      Event: Failed: Repository Writable
      Wednesday, November 20, 2019 23:28:29 (GMT+0800)
      typeId RepositoryWritePolicy
      failureMessage Artifact updating: Repository ='releases:Releases' does not allow updating artifact='/com/github/shepherdviolet/glaciion-core/maven-metadata.xml.sha512'
      failureMessage Artifact updating: Repository ='releases:Releases' does not allow updating artifact='/com/github/shepherdviolet/glaciion-core/maven-metadata.xml.sha256'
      failureMessage Artifact updating: Repository ='releases:Releases' does not allow updating artifact='/com/github/shepherdviolet/glaciion-api/maven-metadata.xml.sha512'
      failureMessage Artifact updating: Repository ='releases:Releases' does not allow updating artifact='/com/github/shepherdviolet/glaciion-api/maven-metadata.xml.sha256'

      =====================================================

      Hello. I deployed the artifact once a few days ago with the publish plugin for Gradle6.0, which was normal at the time. Today, when I deployed in the same way, I failed after clicking the release button (in oss.maven.org). 

      I read the documentation for Gradle 6.0.1 and found that the new version can disable SHA256 and SHA512 signing. 

      I want to know, if i disable the SHA512 and then deploy again, the old SHA512 file will still exist on the repository??? I am worried about it.

      I tried it. If i disable SHA512, it can be released succeed, BUT THE OLD SHA256 SHA512 FILES ARE STILL EXISTS !!! 

      I think, the old hash file will make the maven-metadata.xml file validation fail, if the client uses the SHA512 algorithm. 

      Can anyone help me delete the old hash file?

      com/github/shepherdviolet/glaciion-api/maven-metadata.xml.sha256
      com/github/shepherdviolet/glaciion-api/maven-metadata.xml.sha512

      com/github/shepherdviolet/glaciion-core/maven-metadata.xml.sha256
      com/github/shepherdviolet/glaciion-core/maven-metadata.xml.sha512

      com/github/shepherdviolet/slate-bom/maven-metadata.xml.sha256
      com/github/shepherdviolet/slate-bom/maven-metadata.xml.sha512

      com/github/shepherdviolet/slate-common/maven-metadata.xml.sha256
      com/github/shepherdviolet/slate-common/maven-metadata.xml.sha512

      com/github/shepherdviolet/slate-http-client/maven-metadata.xml.sha256
      com/github/shepherdviolet/slate-http-client/maven-metadata.xml.sha512

      com/github/shepherdviolet/thistle-bom/maven-metadata.xml.sha256
      com/github/shepherdviolet/thistle-bom/maven-metadata.xml.sha512

      com/github/shepherdviolet/thistle-common/maven-metadata.xml.sha256
      com/github/shepherdviolet/thistle-common/maven-metadata.xml.sha512

      com/github/shepherdviolet/thistle-crypto-plus/maven-metadata.xml.sha256
      com/github/shepherdviolet/thistle-crypto-plus/maven-metadata.xml.sha512

      Attachments

        Issue Links

          relates

          Publishing Support - For general OSSRH publishing support tickets OSSRH-54054 Unable to release staging repository due to maven-metadata.xml.sha512/256 files

          • Major - Major loss of function.
          • Closed

          Activity

            People

              jorlina Joel Orlina
              shepherdviolet Shepherd Violet
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                tigCommentSecurity.panel-title