[ https://issues.apache.org/jira/browse/MGPG-106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17823219#comment-17823219 ]
ASF GitHub Bot commented on MGPG-106: ------------------------------------- cstamas merged PR #72: URL: https://github.com/apache/maven-gpg-plugin/pull/72 > Introduce second signer implementation based on Bouncy Castle > ------------------------------------------------------------- > > Key: MGPG-106 > URL: https://issues.apache.org/jira/browse/MGPG-106 > Project: Maven GPG Plugin > Issue Type: New Feature > Reporter: Tamas Cservenak > Assignee: Tamas Cservenak > Priority: Major > Fix For: 3.2.0 > > > The second signer would produce same GPG signatures (functionality wise would > be equivalent to existing Gpg executable one) but with a big difference: > * no {{~/.gnupg}} used (nor needed to contain private key) > * no external software needed > * in turn, it will need some alt way to have key to sign provided > Main goal is to make possible GPG signing on CI, thus automating releases > (even from "managed" CI engines like GH Actions are) -- This message was sent by Atlassian Jira (v8.20.10#820010)