Hi, Perhaps the "code signing" feature for jars should be explained, since we already have maven-gpg-plugin [1] to sign code, that is used for years with great success.
>From what I read on ASF signing, it adds a feature for Windows executables, that is checked by the OS at runtime and displayed to end-users. For jars, I don't see what we get better than gpg. What I suppose is that if a plugin is done, it will be an Apache-specific plugin: not same interest than doing a plugin for general public use. What do you expect from this signing feature for jars? Regards, Hervé [1] http://maven.apache.org/plugins/maven-gpg-plugin/ Le jeudi 8 octobre 2015 12:26:57 Maxim Solodovnik a écrit : > Hello All, > > More than a year ago INFRA announce availability of code signing at Apache: > https://blogs.apache.org/infra/entry/code_signing_service_now_available > > but still there is no maven plugin for doing that :( > I never wrote maven plugins and need more time to write "Hello world" level > plugins before I can fix/create anything :) > > Maybe anyone is interested to write maven plugin so code can be signed at > Apache? :) > > Thanks in advance! --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For additional commands, e-mail: dev-h...@maven.apache.org
