Publish Maven Artifact To Central
Require
Supply Javadoc and Sources
https://central.sonatype.org/publish/requirements/
Projects with packaging other than pom have to supply JAR files that contain Javadoc and sources. This allows the consumers of your components to automatic access to Javadoc and sources for browsing as well as for display and navigation.
For every <artifactId>-<version>.jar file, you must provide a corresponding <artifactId>-<version>-sources.jar and a <artifactId>-<version>-javadoc.jar. While we do not attempt to evaluate the javadoc contents or the source code itself, we suggest that you provide accurate sources and comprehensive documentation. This will assist your component's users to make effective use of your library.
If you cannot provide sources or documentation, we allow uploading placeholder .jar files in order to pass validation. We suggest that you include a README.md file in the .jar that directs the user to where they can get further information about your project.
Sign Files with GPG/PGP⚓︎
All files deployed need to be signed with GPG/PGP and a .asc file containing the signature must be included for each file. E.g. if you deploy the files:
example-application-1.4.7.pom
example-application-1.4.7.jar
example-application-1.4.7-sources.jar
example-application-1.4.7-javadoc.jar
you need to include the files:
example-application-1.4.7.pom.asc
example-application-1.4.7.jar.asc
example-application-1.4.7-sources.jar.asc
example-application-1.4.7-javadoc.jar.asc
If you need more help setting up and configuring GPG, please read our detailed instructions.
Notice that .asc files don't need checksum files, nor do checksum files need .asc signature files.
distributionManagement
https://central.sonatype.org/publish/publish-maven/#distribution-management-and-authentication
if you are using the Maven deploy plugin, which is the default behavior, you need to add a full distributionManagement section:
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
The above configurations will get the user account details to deploy to OSSRH from your Maven settings.xml file, usually placed in ~/.m2. A minimal setup with authentication is:
<settings>
<servers>
<server>
<id>ossrh</id>
<username>token-username</username>
<password>token-password</password>
</server>
</servers>
</settings>
Note that the id element in the server element in settings.xml are identical to the id elements in the snapshotRepository and repository element as well as the serverId configuration of the Nexus Staging Maven plugin.
Pom.xml Requirement
https://central.sonatype.org/publish/requirements/#license-information
SCM Information
https://central.sonatype.org/publish/requirements/#scm-information
The connection to your source control system is another required element. The syntax used depends on the version control system used. connection details the read only connection, while developerConnection details read and write access connection details. The url contains the URL for a web front-end to your SCM system.
Detailed information is available in the Maven SCM documentation for various supported formats and a number of common examples follow.
Subversion on your own server:
<scm>
<connection>scm:svn:http://subversion.example.com/svn/project/trunk/</connection>
<developerConnection>scm:svn:https://subversion.example.com/svn/project/trunk/</developerConnection>
<url>http://subversion.example.com/svn/project/trunk/</url>
</scm>
Git hosted on GitHub:
<scm>
<connection>scm:git:git://github.com/simpligility/ossrh-demo.git</connection>
<developerConnection>scm:git:ssh://github.com:simpligility/ossrh-demo.git</developerConnection>
<url>http://github.com/simpligility/ossrh-demo/tree/master</url>
</scm>
看下示例:
https://maven.apache.org/scm/git.html
For all URLs below, we use a colon (:) as separator. If you use a colon for one of the variables (e.g. a windows path), then use a pipe (|) as separator. The separator for the port has to be a colon in any case since this part is specified in the git URL specification. See man git-fetch.
scm:git:git://server_name[:port]/path_to_repository
scm:git:http://server_name[:port]/path_to_repository
scm:git:https://server_name[:port]/path_to_repository
scm:git:ssh://server_name[:port]/path_to_repository
scm:git:file://[hostname]/path_to_repository
- Examples
scm:git:git://github.com/path_to_repository scm:git:http://github.com/path_to_repository scm:git:https://github.com/path_to_repository scm:git:ssh://github.com/path_to_repository scm:git:file://localhost/path_to_repository
通过示例,我们知道,每一个位置的单词,表示什么意思了。
第一个scm,表示是Maven SCM
第二个git,表示的是SCM Implementation: Git。除了git,还有svn
第三个git或者https,表示的是,访问仓库的地址,可以通过git协议或者https协议,访问仓库
Developer Information⚓︎
Developer information is also required:
<developers>
<developer>
<name>Manfred Moser</name>
<email>manfred@sonatype.com</email>
<organization>Sonatype</organization>
<organizationUrl>http://www.sonatype.com</organizationUrl>
</developer>
</developers>
It is acceptable to link to your profile on GitHub or other repository hosting providers if you do not have a website.
Correct Coordinates⚓︎
The project coordinates, also known as GAV (group, artifact, version) coordinates, determine the location of your project in the repository. The values are:
groupId: the top level namespace level for your project starting with the reverse domain nameartifactId: the unique name for your componentversion: the version string for your component
The version can be an arbitrary string but cannot end in -SNAPSHOT, since this is the reserved string used to identify versions that are currently in development. However we strongly suggest that you use [semantic versioning] http://semver.org to assist your users in their version choices.
A valid example is:
<groupId>com.example.applications</groupId>
<artifactId>example-application</artifactId>
<version>1.4.7</version>
In addition your project needs to specify packaging unless your project is being published with the default jar packaging. Example packaging values are jar , war ,ear , pom , maven-plugin , ejb , rar , par , aar and apklib with other values being valid as well.
Project Name, Description and URL⚓︎
We require the presence of name , description and a url for more, human readable, information. For example:
<name>Example Application</name>
<description>A application used as an example on how to set up pushing
its components to the Central Repository.</description>
<url>http://www.example.com/example-application</url>
A common and acceptable practice for name is to assemble it from the coordinates using Maven properties:
<name>${project.groupId}:${project.artifactId}</name>
Plugin
central-publishing-maven-plugin
https://central.sonatype.org/publish/publish-portal-maven/
<build>
<plugins>
<plugin>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.7.0</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>central</publishingServerId>
</configuration>
</plugin>
</plugins>
</build>
publishingServerId
ID of the server that you configured in your settings.xml.
Default: central
Credentials⚓︎
It's required to configure your settings.xml with your user token credentials. You can get these credentials by generating a user token.
<settings>
<servers>
<server>
<id>central</id>
<username><!-- your token username --></username>
<password><!-- your token password --></password>
</server>
</servers>
</settings>
maven-compiler-plugin
https://maven.apache.org/plugins/maven-compiler-plugin/compile-mojo.html
The Compiler Plugin is used to compile the sources of your project. The default compiler used to compile Java sources is javac
maven-source-plugin
https://maven.apache.org/plugins/maven-source-plugin/
这个source plugin的作用,是将源代码一起打包,生成一个 <artifactId>-<version>-sources.jar文件,一起上传到maven 中央仓库中。
maven-javadoc-plugin
https://maven.apache.org/plugins/maven-javadoc-plugin/
这个javadoc plugin的作用,是将源代码一起打包,生成一个 <artifactId>-<version>-javadoc.jar文件,一起上传到maven 中央仓库中。
maven-gpg-plugin
https://maven.apache.org/plugins/maven-gpg-plugin/
This plugin signs all of the project's attached artifacts with GnuPG.
有以下几个goal:
- gpg:sign Sign project artifact, the POM, and attached artifacts with GnuPG for deployment.
- gpg:sign-and-deploy-file Signs artifacts and installs the artifact in the remote repository.
有如下几个配置项:
GPG Signer only: The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on the operating system.
- Type:
java.lang.String - Since:
1.1 - Required:
No - User Property:
gpg.executable
GPG Signer only: The "name" of the key to sign with. Passed to gpg as --local-user.
- Type:
java.lang.String - Required:
No - User Property:
gpg.keyname
GPG
https://central.sonatype.org/publish/requirements/gpg/
One of the requirements for publishing your artifacts to the Central Repository, is that they have been signed with PGP. GnuPG (aka GPG) is a freely available implementation of the OpenPGP standard. GPG provides you with the capability to generate a signature, manage keys, and verify signatures. This page documents usage of GPG as it relates to the Central Repository. In a nutshell you will have to:
- create your own key pair
- and distribute it to a key server so that users can validate it
Installing GnuPG⚓︎
Download the binary of GnuPG from https//www.gnupg.org/download/ or install it with your favorite package manager and verify it by running a gpg command with the --version flag.
$ gpg --version
gpg (GnuPG) 2.2.19
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/mylocaluser/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
Generating a Key Pair⚓︎
A key pair allows you to sign artifacts with GPG and users can subsequently validate that artifacts have been signed by you. You can generate a key with:
gpg --gen-key
Enter your name and email when asked for it and also, the time of validity for the key defaults to 2 years. Once they key is expired you can extend it, provided you own the key and therefore know the passphrase.
$ gpg --gen-key
gpg (GnuPG) 2.2.19; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: Central Repo Test
Email address: central@example.com
You selected this USER-ID:
"Central Repo Test <central@example.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key 8190C4130ABA0F98 marked as ultimately trusted
gpg: revocation certificate stored as
'/home/mylocaluser/.gnupg/openpgp-revocs.d/CA925CD6C9E8D064FF05B4728190C4130ABA0F98.rev'
public and secret key created and signed.
pub rsa3072 2021-06-23 [SC] [expires: 2023-06-23]
CA925CD6C9E8D064FF05B4728190C4130ABA0F98
uid Central Repo Test <central@example.com>
sub rsa3072 2021-06-23 [E] [expires: 2023-06-23]
You have to provide your name and email. These identifiers are essential as they will be seen by anyone downloading a software artifact and validating a signature. Finally, you can provide a passphrase to protect your secret key. It is essential that you choose a secure passphrase and that you do not divulge it to any one. This passphrase and your private key are all that is needed to sign artifacts with your signature.
Listing Keys⚓︎
Once key pair is generated, we can list them along with any other keys installed:
$ gpg --list-keys
/home/mylocaluser/.gnupg/pubring.kbx
---------------------------------
pub rsa3072 2021-06-23 [SC] [expires: 2023-06-23]
CA925CD6C9E8D064FF05B4728190C4130ABA0F98
uid [ultimate] Central Repo Test <central@example.com>
sub rsa3072 2021-06-23 [E] [expires: 2023-06-23]
The output displays the path to the public keyring file. The line starting with pub shows the size (rsa3072), the keyid (CA925CD6C9E8D064FF05B4728190C4130ABA0F98), and the creation date (2023-06-23) of the public key. Some values may vary depending on your GnuPG version, but you will definitely see the keyid or part of it (called shortID, last 8 characters of the keyid, in this example 0ABA0F98, which you can ask gpg to output using gpg --list-keys --keyid-format short).
The next line shows the UID of the key, which is composed of a name, a comment, and an email.
In case you have multiple keys, the local gpg will use the first listed signature key (gpg --list-signatures) for any publishing steps, if you need to use a specific key you could add the details of the gpg key inside a <configuration> section in your pom.xml and use local settings.xml to discover the passphrase via the signature keyname. You may need to use the signature keyid in hexadecimal format:
$ gpg --list-signatures --keyid-format 0xshort
/home/mylocaluser/.gnupg/pubring.kbx
---------------------------------
pub rsa3072/0x3ABDEC12 2021-01-27 [SC] [expires: 2023-01-27]
74524542545300A398653AB5242798823ABDEC12
uid [ultimate] Other Name <otheremail@example.com>
sig 3 0x3ABDEC12 2021-01-27 Other Name <alarconj@gmail.com>
sub rsa3072 2021-01-27 [E] [expires: 2023-01-27]
sig 0x3ABDEC12 2021-01-27 Julian Alarcon <alarconj@gmail.com>
pub rsa3072/0x0ABA0F98 2021-06-23 [SC] [expires: 2022-03-21]
CA925CD6C9E8D064FF05B4728190C4130ABA0F98
uid [ultimate] Central Repo Test <central@example.com>
sig 3 0x0ABA0F98 2021-06-24 Central Repo Test <central@example.com>
sub rsa3072/0x7C17C93B 2021-06-23 [E] [expires: 2023-06-23]
sig 0x0ABA0F98 2021-06-23 Central Repo Test <central@example.com>
You will find in the line that starts with sig 3 that 0x3ABDEC12 is the signature keyid that you can use in your pom.xml.
Distributing Your Public Key⚓︎
Since other people need your public key to verify your files, you have to distribute your public key to a key server:
gpg --keyserver keyserver.ubuntu.com --send-keys CA925CD6C9E8D064FF05B4728190C4130ABA0F98
Important
As SKS Keyserver Network is being deprecated we recommend the use an specific GPG keyserver. Current GPG Keyservers supported by Central Servers are:
keyserver.ubuntu.comkeys.openpgp.orgpgp.mit.edu
The --keyserver parameter identifies the target key server address and use --send-keys is the keyid of the key you want to distribute. You can get your keyid by listing the public keys.
Now other people can import your public key from the key server to their local machines:
gpg --keyserver keyserver.ubuntu.com --recv-keys CA925CD6C9E8D064FF05B4728190C4130ABA0F98
GPG Signed Components⚓︎
https://central.sonatype.org/publish/publish-maven/#gpg-signed-components
The Maven GPG plugin is used to sign the components with the following configuration:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
This relies on the GPG command being installed and the GPG credentials being available e.g. from settings.xml.
In case you have multiple keys, the local gpg will use the first listed signature key (gpg --list-signatures), if you need to use a specific key you could add the details of the gpg key inside a <configuration> section and use local settings.xml to discover the passphrase via the signature keyname:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
<configuration>
<keyname>${gpg.keyname}</keyname>
<passphraseServerId>${gpg.keyname}</passphraseServerId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
实战示例
1.登录账号
先登录github账号:https://github.com/
再登录sonatype账号:https://central.sonatype.com/
2.获取token
3.设置server
打开maven下的setting.xml文件
将刚刚的token复制到setting.xml文件中,并修改id为你自己的
<server>
<id>ipwwp-git</id>
<username>/T69BBqE</username>
<password>h4arB5nJsTDzzjPeJIpZQ00FL6cHro5WGJbGyVKlLGER</password>
</server>
4.查看namespace
这个命名空间,后续会用到
5.安装GPG并生成秘钥
下载地址: https://gpg4win.org/download.html
安装完成后,确保gpg.exe已添加到系统路径中。可以通过在命令行中运行以下命令确认是否安装成功:
gpg --version
如果显示版本信息,说明安装成功。
输入以下命令以启动生成密钥的过程:
gpg --full-generate-key
按照系统提示完成密钥生成过程。以下是几个主要步骤:
选择密钥类型:通常选择默认的(1) RSA and RSA。按回车键继续。
设置密钥长度:建议选择较高的密钥长度(如4096位),以提高安全性。
设置密钥有效期:可以设置密钥的有效期(例如1年)。输入0表示永不过期。
输入身份信息:按提示输入用户ID,包括姓名、电子邮件地址和可选的备注信息。
确认信息:确认信息无误后,按回车键继续。
设置密码:系统会提示输入一个密码,用于保护生成的密钥。
密钥生成完成后,GPG会显示生成的密钥ID和相关信息。
查看生成的密钥
输入以下命令可以查看所有已生成的公钥和私钥:
gpg --list-keys # 查看公钥
gpg --list-secret-keys # 查看私钥
C:\Users\backe>gpg --list-signatures
[keyboxd]
---------
pub ed25519 2025-06-08 [SC] [expires: 2026-06-08]
BAE324DC8F445B548981F9BEA6A7D05B335613D3
uid [ultimate] ipwwp
sig 3 A6A7D05B335613D3 2025-06-08 [self-signature]
sub cv25519 2025-06-08 [E] [expires: 2026-06-08]
sig A6A7D05B335613D3 2025-06-08 [self-signature]
还可以打开Kleopatra软件,可视化看到,当前的密钥信息。如下:
接下来,将密钥上传到服务器上
gpg --keyserver keys.openpgp.org --send-keys A6A7D05B335613D3
上面的A6A7D05B335613D3,是keyId
6.配置项目的pom.xml
配置groupId 和 url
这里的groupId,填写你在maven中央仓库上传地址的命名空间namespace
url,填写仓库地址
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.3.9</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>io.github.ipwwp-git</groupId>
<artifactId>dsl-entityql</artifactId>
<version>3.0.1</version>
<name>dsl-entityql</name>
<description>dsl-entityql</description>
<url>https://github.com/ipwwp-git/dsl-entityql</url>
配置developer
developer中,id需要填写,刚刚在settings.xml中填写的id就行
<developers>
<developer>
<id>ipwwp-git</id>
<name>ipwwp-git</name>
</developer>
</developers>
配置scm
<scm>
<connection>scm:git:https://github.com/ipwwp-git/dsl-entityql.git</connection>
<developerConnection>scm:git:https://github.com/ipwwp-git/dsl-entityql.git</developerConnection>
<url>https://github.com/ipwwp-git/dsl-entityql</url>
</scm>
配置distributionManagement
distributionManagement 指的是发布地址
<distributionManagement>
<snapshotRepository>
<id>ipwwp-git</id>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ipwwp-git</id>
<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2</url>
</repository>
</distributionManagement>
配置maven-compiler-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.13.0</version>
<configuration>
<source>17</source>
<target>17</target>
</configuration>
</plugin>
配置central-publishing-maven-plugin
publishingServerId,这个地方,填写的值,需要和在settings.xml中填写的id相同
<plugin>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.6.0</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>ipwwp-git</publishingServerId>
</configuration>
</plugin>
配置maven-source-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.3.0</version>
<executions>
<execution>
<id>attach-source</id>
<phase>package</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
maven-javadoc-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
<configuration>
<!-- 禁用严格语法检测 -->
<doclint>none</doclint>
<failOnError>false</failOnError>
</configuration>
</plugin>
配置maven-gpg-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.2.5</version>
<configuration>
<executable>D:\ProfessionalTools\Gpg\GnuPG\bin\gpg.exe</executable>
<!-- <keyName>BAE324DC8F445B548981F9BEA6A7D05B335613D3</keyName>-->
</configuration>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
完整pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.3.9</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>io.github.ipwwp-git</groupId>
<artifactId>dsl-entityql</artifactId>
<version>3.0.1</version>
<name>dsl-entityql</name>
<description>dsl-entityql</description>
<url>https://github.com/ipwwp-git/dsl-entityql</url>
<licenses>
<license/>
</licenses>
<developers>
<developer>
<id>ipwwp-git</id>
<name>ipwwp-git</name>
</developer>
</developers>
<scm>
<connection>scm:git:https://github.com/ipwwp-git/dsl-entityql.git</connection>
<developerConnection>scm:git:https://github.com/ipwwp-git/dsl-entityql.git</developerConnection>
<url>https://github.com/ipwwp-git/dsl-entityql</url>
</scm>
<distributionManagement>
<snapshotRepository>
<id>ipwwp-git</id>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ipwwp-git</id>
<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2</url>
</repository>
</distributionManagement>
<properties>
<java.version>17</java.version>
<!-- <maven.test.skip>true</maven.test.skip>-->
<!-- <maven.javadoc.skip>true</maven.javadoc.skip>-->
</properties>
<dependencies>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.14.0</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-text</artifactId>
<version>1.12.0</version>
</dependency>
<dependency>
<groupId>org.reflections</groupId>
<artifactId>reflections</artifactId>
<version>0.10.2</version>
</dependency>
<dependency>
<groupId>io.github.openfeign.querydsl</groupId>
<artifactId>querydsl-sql-spring</artifactId>
<version>6.11</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
<version>3.3.9</version>
</dependency>
<dependency>
<groupId>jakarta.persistence</groupId>
<artifactId>jakarta.persistence-api</artifactId>
<version>3.1.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.13.0</version>
<configuration>
<source>17</source>
<target>17</target>
</configuration>
</plugin>
<!-- central发布插件 -->
<plugin>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.6.0</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>ipwwp-git</publishingServerId>
</configuration>
</plugin>
<!-- source源码插件 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.3.0</version>
<executions>
<execution>
<id>attach-source</id>
<phase>package</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- javadoc插件 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
<configuration>
<!-- 禁用严格语法检测 -->
<doclint>none</doclint>
<failOnError>false</failOnError>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.2.5</version>
<configuration>
<executable>D:\ProfessionalTools\Gpg\GnuPG\bin\gpg.exe</executable>
<!-- <keyName>BAE324DC8F445B548981F9BEA6A7D05B335613D3</keyName>-->
</configuration>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- <plugin>-->
<!-- <groupId>org.springframework.boot</groupId>-->
<!-- <artifactId>spring-boot-maven-plugin</artifactId>-->
<!-- </plugin>-->
</plugins>
</build>
</project>
7.执行上传
mvn clean deploy
上传成功后需要再maven中央仓库手动进行发布,如下图进行发布。
发布成功后别人就可以用你的maven了
8.查询是否可用
搜索地址:https://central.sonatype.com/
文章作者:Administrator
文章链接:http://localhost:8090//archives/publish-maven-artifact-to-central
版权声明:本博客所有文章除特别声明外,均采用CC BY-NC-SA 4.0 许可协议,转载请注明出处!
评论