[ https://jira.codehaus.org/browse/MJARSIGNER-35?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=341991#comment-341991 ]
S van Sabben commented on MJARSIGNER-35: ---------------------------------------- Thanks! I see that storepass and keypass value now displays with ***** in the logging. Great. I also use the verify goal with maven password encryption. The verify goal didn't include -storepass, -keypass -storetype and -providerName. Did the 1.3.2-snapshot not contains the changes that are made for MJARSIGNER-34? > verbose mode shows keystore password in clear text > -------------------------------------------------- > > Key: MJARSIGNER-35 > URL: https://jira.codehaus.org/browse/MJARSIGNER-35 > Project: Maven Jar Signer Plugin > Issue Type: Bug > Affects Versions: 1.3.1 > Reporter: Marco Speranza > Assignee: Tony Chemit > Fix For: 1.3.2 > > > If is enabled verbose output, is printed out to the command line the keystore > password in clear text. > here is an example: > [INFO] cmd.exe /X /C ""C:\Program > Files\Java\jdk1.7.0_51\jre\..\bin\jarsigner.exe" -verbose -keystore > mc-keystore -storepass mypassword -- This message was sent by Atlassian JIRA (v6.1.6#6162)