On Jul 11, 2008, at 9:42 AM, Brett Porter wrote:
Hi,
I've wanted to pick up my work on this for some time and was prodded
by the [EMAIL PROTECTED] threads to take another crack at this.
http://docs.codehaus.org/display/MAVEN/Repository+Security (the
issue and related branches are linked)
<nit-pick>
Are the sample settings in the repo sig policy section backwards?
<releases>
<signaturePolicy>ignore</signaturePolicy> <!-- can be fail
(default), warn or ignore -->
</releases>
<snapshots>
<signaturePolicy>warn</signaturePolicy> <!-- can be fail, warn or
ignore (default) -->
</snapshots>
</nit-pick>
david jencks
I've created a couple of branches to try integrating the work again
in as simple and non-intrusive manner (both in code and to the user)
as possible. I already have commons-openpgp in the sandbox from some
time ago to deal with processing the signatures (it doesn't have any
external dependencies other than bouncy castle), so I'll integrate
that.
If anyone else wants to offer feedback or dive in, you're more than
welcome!
Cheers,
Brett
--
Brett Porter
[EMAIL PROTECTED]
http://blogs.exist.com/bporter/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
