[
https://issues.apache.org/jira/browse/MNG-8424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tamas Cservenak closed MNG-8424.
--------------------------------
Resolution: Fixed
> warning about maven3 passwords is too aggressive
> ------------------------------------------------
>
> Key: MNG-8424
> URL: https://issues.apache.org/jira/browse/MNG-8424
> Project: Maven
> Issue Type: Bug
> Components: Settings
> Affects Versions: 4.0.0-rc-1
> Reporter: James Nord
> Assignee: Tamas Cservenak
> Priority: Major
> Fix For: 4.0.0-rc-2
>
>
> when using maven3 encrypted passwords with Maven 4 at the start of
> *{*}any{*}* build you are met with many warnings (one for each encrypted
> password).
> The warning is overly aggressive and implies things are not working (because
> it is a "problem").
> As for a while users will need to swap between maven 3 and maven 4 the
> warning should be reduced to an INFO, otherwise users may end up breaking
> their maven3 setup.
> The warnings also seem to be duplicates.
> {code:java}
> ❯ mvn validate
> [WARNING]
> [WARNING] Some problems were encountered while building the effective settings
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING]
> [WARNING]
> [WARNING] Some problems were encountered while building the effective settings
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING] Pre-Maven 4 legacy encrypted password detected - configure
> password encryption with the help of mvnenc to be compatible with Maven 4. @
> C:\Users\jnord\.m2\settings.xml
> [WARNING]
> [INFO] Scanning for projects...
> [INFO]
>
> {code}
> "Pre-Maven 4 legacy encrypted password detected - configure password
> encryption with the help of mvnenc to be compatible with Maven 4"
> implies the current password is not compatable with Maven4.
> However it is not the case, as maven can successfully decrypt the password
> (otherwise you get a different issue)
> h3. Steps to Reproduce
> Setup maven3 with a settings file and several server entries with valid
> encrypted passwords
> run a build with maven4
> h3. Expected Results
> an info level message suggesting you migrate to maven4 encryption style iff
> you no longer need compatibility with maven3.
> NB: some future (not initial) maven 4 version can change to this to a warning
> saying it is deprecated and to be removed
> h3. Actual Results
> see warnings above
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
