We announce that The first version of sign-maven-plugin has been released.

Sign Maven Plugin allows you to create OpenPGP signatures for all of the Maven project’s artifacts without any external software.

It can replace maven-gpg-plugin to simplifier OpenPGP signatures generation.

We invite everybody to test and give us feedback on GitHub Discussions.

We’re also waiting for issues with request for new needed feature on GitHub Issues

Everybody is welcome to collaborate on making the project the best usable.

Feature

  • all the signing operations are done using Bouncy Castle
  • support Maven 3.6 and is ready for next version 3.7/4.0 of Maven with Consumer POM
  • support subkey for signing
  • easy to use on CI system, configuration can be provided by environment variables

Detail release info can be found at github v0.1.0.


Tags: maven pgp sign release-note