From 2543dc58b1b374a54c0d5a75bfeef676fdc3946b Mon Sep 17 00:00:00 2001 From: alexeid Date: Tue, 5 May 2026 10:37:28 +1200 Subject: [PATCH 1/2] Bump beast.version to 2.8.0-beta5 and surefire to 3.5.2 --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index a67c948..c770ccc 100644 --- a/pom.xml +++ b/pom.xml @@ -38,7 +38,7 @@ UTF-8 25 - 2.8.0-SNAPSHOT + 2.8.0-beta5 25.0.2 beast.base beast.base.minimal.BeastMain @@ -107,7 +107,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.1.2 + 3.5.2 ${project.build.testOutputDirectory} From e77c2fe082f2ba9b2fa69131f094d3f705f9a45f Mon Sep 17 00:00:00 2001 From: alexeid Date: Mon, 4 May 2026 09:45:58 +1200 Subject: [PATCH 2/2] ci: clean-deploy on tag and skip redundant verify - Gate "Build and test" to non-tag pushes (the same mvn verify runs as part of the deploy lifecycle on tag). - Replace two-step `mvn deploy -Prelease -DskipTests` with single `mvn -Prelease clean deploy`. The previous flow left unsigned package outputs in target/ from an earlier run, so the second invocation could deploy artifact bytes that did not match the freshly generated .asc files. Sonatype rejected such tag releases with "Invalid signature" on zip/sources/javadoc while jar/pom verified. A single clean deploy from the tag avoids that. --- .github/workflows/ci-publish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci-publish.yml b/.github/workflows/ci-publish.yml index 1023d05..d9e0027 100644 --- a/.github/workflows/ci-publish.yml +++ b/.github/workflows/ci-publish.yml @@ -44,11 +44,12 @@ jobs: mvn versions:set -DnewVersion=$VERSION -DgenerateBackupPoms=false - name: Build and test + if: "!startsWith(github.ref, 'refs/tags/v')" run: mvn verify - name: Publish to Maven Central if: startsWith(github.ref, 'refs/tags/v') - run: mvn deploy -Prelease -DskipTests + run: mvn -Prelease clean deploy env: CENTRAL_USERNAME: ${{ secrets.CENTRAL_USERNAME }} CENTRAL_TOKEN: ${{ secrets.CENTRAL_TOKEN }}