Skip to content

Commit

Permalink
8269244: [IDE] Dependency verification of *-sources.jar fails when do…
Browse files Browse the repository at this point in the history
…ing gradle sync

Reviewed-by: kcr, nlisker
  • Loading branch information
Marius Hanl authored and nlisker committed Jun 29, 2021
1 parent c4cc998 commit 98e5166
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
11 changes: 10 additions & 1 deletion gradle/README.txt
Expand Up @@ -32,7 +32,16 @@ Recreate the dependency verification file as follows:
builds to pick up the internal tools and development kits in the
'javafx' component group.

6. Commit the final version of the file to the repository.
6. Add the following entry inside the <configuration> section:

<trusted-artifacts>
<trust file=".*-sources[.]jar" regex="true"/>
</trusted-artifacts>

This configures Gradle to trust automatically all sources.
See also: https://docs.gradle.org/current/userguide/dependency_verification.html#sec:skipping-javadocs

7. Commit the final version of the file to the repository.

These commands will cause Gradle to compute the requested checksums
directly from the newly downloaded artifacts and add them to the file.
Expand Down
3 changes: 3 additions & 0 deletions gradle/verification-metadata.xml
Expand Up @@ -3,6 +3,9 @@
<configuration>
<verify-metadata>true</verify-metadata>
<verify-signatures>false</verify-signatures>
<trusted-artifacts>
<trust file=".*-sources[.]jar" regex="true"/>
</trusted-artifacts>
</configuration>
<components>
<component group="" name="ffmpeg-3.3.3" version="">
Expand Down

1 comment on commit 98e5166

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.