Introduction
Sign Maven Plugin
allows you to creates OpenPGP signatures for all of the project’s artifacts without any external software.
This plugin can replace maven-gpg-plugin in an easy way and provide new features.
Feature
- all the signing operations are done using
Bouncy Castle
- support Maven
3.6
and is ready for next version3.7/4.0
of Maven withConsumer POM
- support
subkey
for signing - easy to use on CI system, configuration can be provided by environment variables
- key passphrase can be encrypted by standard Maven Password Encryption