Remove the promoted releases repo and functionality

[tobias]

Possibly drop it, as very few people use it, and it leads to confusion about what promotion means.

[tobias]

Or, investigate using the promoted feature as an avenue for pushing artifacts in to maven central. That would mean additional requirements for the release (signed -source and -javadoc jars, for one), and would require jumping through the hoops to become an org that can sync to central. http://central.sonatype.org/pages/producers.html#large-organizationsforges-repository-sync

[tobias]

After giving this some more thought, I think we should do away with
the releases repo entirely. The goal was to provide a repo that:

1. was immutable
2. had signed artifacts
3. required metadata for each artifact (url, license info, description, scm info)
4. didn't allow snapshots

Since the releases repo was created, the "classic" repo has become
immutable (barring deletion requests, which affected the releases repo
as well).

For requiring signed artifacts, the promotion process verifies that
the project artifacts are signed, but does not verify any transitive
dependencies. A better approach would be to use tools like
lein deps :verify to check the signature status, since that will walk
the full dependency tree. I don't think boot supports this yet, but it
seems like it could be added as an option to the show task.

For the metadata, I think it might be useful to provide a report div
to the show page that had a checklist of these items. Or at least
display the license, as I believe the rest of the data is available on
the page.

For snapshots, since we don't require all transitive deps to be in the
releases repo, users will most likely need additional repos (which
would most likely be the classic repo), so we can't guarantee there
are no snapshots in the tree. If a user is really concerned about
them, they should be checking their dep tree anyway.