John Patrick created MINSTALL-133: ------------------------------------- Summary: Take Security More Seriously - Checksum by default Key: MINSTALL-133 URL: https://issues.apache.org/jira/browse/MINSTALL-133 Project: Maven Install Plugin Issue Type: Bug Components: install:install, install:install-file Affects Versions: 2.5.2 Reporter: John Patrick
I believe that a default of createChecksum being false is bad practice and a checksum should always being produced. Maven doesn't appear to have a guide so I'm looking towards the main apache guide i.e. https://www.apache.org/dev/release-signing.html -- This message was sent by Atlassian JIRA (v6.3.4#6332)