[
https://issues.apache.org/jira/browse/MPOM-118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15303674#comment-15303674
]
Christopher Tubbs edited comment on MPOM-118 at 5/27/16 7:04 AM:
-----------------------------------------------------------------
Making this append, would mean that if they were specifying another argument,
such as {{--verbose}} or {{\-\-quiet}} or {{\-\-default\-key}} or
{{\-\-no\-tty}} or {{\-\-disable\-ccid}}, {{\-\-lock\-once}}, etc. Ensuring
this is "append" would mean that they still get the benefit of this, even if
they do specify their own additional options.
was (Author: ctubbsii):
Making this append, would mean that if they were specifying another argument,
such as {{--verbose}} or {{--quiet}} or {{--default-key}} or {{--no-tty}} or
{{--disable-ccid}}, {{--lock-once}}, etc. Ensuring this is "append" would mean
that they still get the benefit of this, even if they do specify their own
additional options.
> Enforce strong GPG signatures by default
> ----------------------------------------
>
> Key: MPOM-118
> URL: https://issues.apache.org/jira/browse/MPOM-118
> Project: Maven POMs
> Issue Type: Improvement
> Components: asf
> Affects Versions: ASF-17
> Reporter: Christopher Tubbs
> Fix For: ASF-19
>
>
> maven-gpg-plugin configuration could be improved a bit so that ASF releases
> are not weakened by a user's weak personal configuration.
> I suggest adding something like the following to maven-gpg-plugin's
> configuration in the pluginManagement section:
> {code:xml}
> <gpgArguments combine.children="append">
> <arg>--digest-algo=SHA512</arg>
> </gpgArguments>
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
