From 8a1992fdb1423297023113d1fa187bc1f00113b4 Mon Sep 17 00:00:00 2001
From: Dan Lew <danlew42@gmail.com>
Date: Thu, 19 Sep 2024 07:01:33 -0500
Subject: [PATCH 1/2] Improve secrets documentation

I made two changes here:

- Reduced some of the awkward phrasing in the explanatory secrets paragraph.

- Added a note about Sonatype user tokens.
---
 docs/central.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/docs/central.md b/docs/central.md
index 70ed9fc2..ce270d01 100755
--- a/docs/central.md
+++ b/docs/central.md
@@ -212,10 +212,9 @@ This configuration also determines the coordinates (`group:artifactId:version`)
 
 ## Secrets
 
-For the publishing to work the credentials for Sonatype OSS as well as for the
-GPG key that is used for signing need to provided. To keep them out of version
-control it is recommended to either put this into the `gradle.properties` file
-user home or to use environment variables for publishing from CI servers.
+When publishing, you need to provide your Sonatype OSS credentials and signing GPG key.
+To keep them out of version control, it is recommended to either put them in your user's
+home `gradle.properties` file or to use environment variables (when publishing from CI servers).
 
 === "~/.gradle/gradle.properties"
 
@@ -242,6 +241,9 @@ user home or to use environment variables for publishing from CI servers.
     ORG_GRADLE_PROJECT_signingInMemoryKeyPassword=some_password
     ```
 
+Note that the username/password here is *not* the same one you use to login; Sonatype publishing
+requires a username/password that was [generated via user tokens](https://central.sonatype.org/publish/generate-portal-token/).
+
 ### In memory GPG key
 
 To obtain the in memory signing key run the following command.

From 7b65a20237c5265f11d39ceaaf90eaddcbdd91e3 Mon Sep 17 00:00:00 2001
From: Gabriel Ittner <gabriel.ittner@gmail.com>
Date: Thu, 19 Sep 2024 19:33:45 +0200
Subject: [PATCH 2/2] Update docs/central.md

---
 docs/central.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/central.md b/docs/central.md
index ce270d01..331f5592 100755
--- a/docs/central.md
+++ b/docs/central.md
@@ -242,7 +242,7 @@ home `gradle.properties` file or to use environment variables (when publishing f
     ```
 
 Note that the username/password here is *not* the same one you use to login; Sonatype publishing
-requires a username/password that was [generated via user tokens](https://central.sonatype.org/publish/generate-portal-token/).
+requires a username/password that was generated via user tokens. The user token needs to be obtained on [Sonatype OSS](https://central.sonatype.org/publish/generate-token/) or the [Central Portal](https://central.sonatype.org/publish/generate-portal-token/) depending on where you publish.
 
 ### In memory GPG key