[
https://issues.apache.org/jira/browse/MGPG-106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17823219#comment-17823219
]
ASF GitHub Bot commented on MGPG-106:
-------------------------------------
cstamas merged PR #72:
URL: https://github.com/apache/maven-gpg-plugin/pull/72
> Introduce second signer implementation based on Bouncy Castle
> -------------------------------------------------------------
>
> Key: MGPG-106
> URL: https://issues.apache.org/jira/browse/MGPG-106
> Project: Maven GPG Plugin
> Issue Type: New Feature
> Reporter: Tamas Cservenak
> Assignee: Tamas Cservenak
> Priority: Major
> Fix For: 3.2.0
>
>
> The second signer would produce same GPG signatures (functionality wise would
> be equivalent to existing Gpg executable one) but with a big difference:
> * no {{~/.gnupg}} used (nor needed to contain private key)
> * no external software needed
> * in turn, it will need some alt way to have key to sign provided
> Main goal is to make possible GPG signing on CI, thus automating releases
> (even from "managed" CI engines like GH Actions are)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
