Hey Lars, Am Dienstag, den 31.10.2017, 11:56 +0100 schrieb Lars Bruun-Hansen: > > Some external jars in the old NetBeans build have been stripped of their > signatures. Why? > > See Matthias' comment here: > https://github.com/apache/incubator-netbeans/pull/118#issuecomment-336624270 > > In general: How much should I try to find the external binary in some repo?
I had some bad expiriences with BouncyCastle JARs. It turned out, that the jars were mixed from different versions. I'm a bit fuzzy if the cause were sealed packages or the signatures. As long as the signed JARs work I'm all for using them. I just pointed out that it could cause problems. If the signed jar is identical (apart from the signatures) or tested I don't see a problem switching. Greetings Matthias
