Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What is the thing with takari/jpgp #106

Open
cstamas opened this issue Nov 9, 2022 · 3 comments
Open

What is the thing with takari/jpgp #106

cstamas opened this issue Nov 9, 2022 · 3 comments

Comments

@cstamas
Copy link
Member

cstamas commented Nov 9, 2022
edited
Loading

While releasing takari parent pom, I had several issues with signing the POM artifact, with jpgp to be more precise.

The lifecycle uses takari/jpgp version 1.0.9, and only source I found is this repository https://github.com/takari/jpgp but it does NOT contains the latest code (has 1.0.0 only).

As I see jgpg reimplements PGP using Bouncy Castle...

Same thing is done by Slawek here (he is Maven PMC):

Maybe it would be ok to switch custom (and non existent) code with something maintained?
@cstamas
Copy link
Member Author

cstamas commented Nov 9, 2022

@ajayk ping

@ajayk
Copy link

ajayk commented Nov 12, 2022

we can switch this

@jvanzyl : any concerns or are there any plans to update the repository

@cstamas
Copy link
Member Author

cstamas commented Mar 3, 2023

as I did release again recently, want to same issue (as this I used different workstation).

AFAIK, the ONLY cool bit about jpgp is the fact it uses GPG Agent.... which I think is very good thing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cstamas @ajayk