main projects infrastructure
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.



This page will guide the development team with setting up their environment to perform a release.


  • Install/Configure GPG - The artifacts that are deployed to the central maven repositories need to be signed. To do this you will need to have a public and private keypair. There is a very good guide that will walk you though this.
  • Install Maven 2.2.1 or higher. 2.2.0 has a bug that will produce invalid checksums;
  • We strongly encourage our developers to install Maven 3.0.1.



As of Maven 2.1.0 you can now encrypt your servers passwords. We highly recommend that you follow this guide to set your master password and use it to encrypt your Sonatype password in the next section.


Using the instructions from the previous step encrypt your Sonatype password and add the following servers to your ~/.m2/settings.xml file. You may already have other servers in this file. If not just create the file.

<?xml version="1.0" encoding="UTF-8"?>


Configure the parent pom

If you're stared a new project, please use the already configured _parent pom_ (actually version 1) to avoid replicate the same meta inf in every project:


Even if follows below a guide that illustrates how to simplify the development, please take a look at the source code to see what has been already declared and don't invest time on something already done.


The release plugin for maven is already configured in the parent pom file so all you need to do is execute the following two steps to complete the release. The first step will create the release tag and update the pom with the correct release and snapshot versions. The second step will sign and deploy the artifacts to the Sonatype open source repository. This repository is synced every hour to the central Maven repositories. If you don't supply the optional gpg.passphrase then you will be prompted for it.

  • Prepare the release mvn release:prepare
  • Perform mvn release:perform -Dgpg.passphrase=thephrase

or just

mvn release:perform -Pparent-release

and type the gpg passphrase when prompted

Now you can checkout the new release ( or just use the one left over from the release in target/checkout) and issue the following to build the artifacts for the site.

mvn package

Managing Sonatype's Nexus

The parent pom is configured to work with Sonatype's Nexus to simplify the Staging Repository close and promote operation, without logging in on Nexus using the browser. First of all, add in the ~/.m2/settings.xml the following snippet:


then in the project dir you can use the nexus goals described on the plugin page

GPG Keys

The file located on

contains the Sourcesense's developers' GPG keys. Users can import the keys to verify the artifact signatures.


Checkout the file by running

git clone git://

and run

gpg --import KEYS


Checkout the file by running

git clone

and run

(gpg --list-sigs <your name> && gpg --armor --export <your name>) >> KEYS

then recommit

git ci -m "added simone's gpg key" && git push

Deploy the site

Clone the 99soft site

git clone

then, from infra, run

mvn site -DoutputDirectory=/location/to/

then, back to dir and run

git ci -m "XXX" && git push