[
https://jira.codehaus.org/browse/MJARSIGNER-35?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=341991#comment-341991
]
S van Sabben commented on MJARSIGNER-35:
----------------------------------------
Thanks!
I see that storepass and keypass value now displays with ***** in the logging.
Great. I also use the verify goal with maven password encryption. The verify
goal didn't include -storepass, -keypass -storetype and -providerName. Did the
1.3.2-snapshot not contains the changes that are made for MJARSIGNER-34?
> verbose mode shows keystore password in clear text
> --------------------------------------------------
>
> Key: MJARSIGNER-35
> URL: https://jira.codehaus.org/browse/MJARSIGNER-35
> Project: Maven Jar Signer Plugin
> Issue Type: Bug
> Affects Versions: 1.3.1
> Reporter: Marco Speranza
> Assignee: Tony Chemit
> Fix For: 1.3.2
>
>
> If is enabled verbose output, is printed out to the command line the keystore
> password in clear text.
> here is an example:
> [INFO] cmd.exe /X /C ""C:\Program
> Files\Java\jdk1.7.0_51\jre\..\bin\jarsigner.exe" -verbose -keystore
> mc-keystore -storepass mypassword
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)
