On 1 Aug 06, at 5:23 AM 1 Aug 06, Brett Porter wrote:
Hi,
I started fiddling with commons-openpgp in December (and others
have been meaning to do more in general since about 2004, as you'll
see on the wiki), so I've started putting together a repository
security proposal for Maven 2.1.
http://docs.codehaus.org/display/MAVEN/Repository+Security
+Improvements
Any thoughts?
Most of the PGP bits are already done, so is anyone interested in
working on this on trunk? I can continue doing bits, and also stuff
related to the repository manager, but probably don't have time to
work through it all.
Probably one of the trickier bits is deployment right now
(appropriately secure and convenient password entry in particular),
but that's probably something that can be added post-release since
we are manually signing them just fine now.
Any details on how much is left to be done? I just deployed something
last night and keep forgetting to sign stuff so Henk moved my release
out of the way so anything to automate this and make it easier would
be good. I can't sneak anything by Henk anymore :-)
Cheers,
Brett
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Jason van Zyl
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
