When using Maven in enterprise environments I often find in annoying that encrypting passwords is a hassle to set up. I would like to have the possibility to simplify this by, for example, re-using some existing solution. I've created MNG-5356 to track this.
Looking at the code though, the current solution is not replaceable as the are hard-wire dependencies to the current plexus cipher logic for example. And this is just in Maven Core, I'm sure there are similar things in some plugins. What I'm thinking is that there should be a injectable component handling the encryption/decryption. So anyone wanting to have a different logic would provide such impl instead (in the lib/ext). Today we're using org.sonatype.plexus.components.sec.dispatcher.SecDispatcher, but maybe it would be better to add an interface in core for this instead and not rely on one outside of Maven. Any input/ideas around this? /Anders --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For additional commands, e-mail: dev-h...@maven.apache.org