Yes, that is intended. You should not have any passwords in your pom. Keep them in your settings.xml or as environment variables.
/Anders On Fri, Dec 6, 2013 at 3:49 PM, Andreas Lundblad <andreas.lundb...@gmail.com > wrote: > I'm using webstart-1.0-beta-4.pom to generate jars and jnlp-file for my > project. > > I discovered that the resulting .jar-file included (in the META-INF > directory) the project pom.xml file. Kind of bad since it contains my > keystore password. > > Is this the intended behavior? If so, how should I avoid leaking the > password? > > best regards, > Andreas Lundblad >
