[MRELEASE-1103] Wrong file path used for master pw file #181
Conversation
|
Interesting: branch has 4 commits, but this PR shows only 3 of them? |
|
There is next place where we copy code and have many implementations for the same things ... We can think about dedicated service for decryption/encryption which can use more secure system keychains or external crypto devices - but it is another topic ... I'm not an expert on it ... 😄 |
| @@ -63,6 +63,9 @@ private MavenCryptoException(String message, Throwable cause) { | |||
| public MavenCrypto(DefaultSecDispatcher secDispatcher, PlexusCipher plexusCipher) { | |||
| this.secDispatcher = secDispatcher; | |||
| this.plexusCipher = plexusCipher; | |||
|
|
|||
| // Adjust the default path (def path != maven path) | |||
| this.secDispatcher.setConfigurationFile("~/.m2/settings-security.xml"); | |||
There was a problem hiding this comment.
Does this work? I'm not sure. Windows and even on unix system?
It would be better to use something such System.getProperty("user.home")+"/.m2/settings-security.xml"
There was a problem hiding this comment.
It does, sec dispatcher resolves this for us.
There was a problem hiding this comment.
ditto. I wish Java could do it as well :)
well maybe a comment as it is not very intuitive. Image when some archeologists will have a look at this code with the new Maven dependencies cleanup in few years
…(works with 2.5.3) Wrong file path used for master password file. Using plexus default, that is NOT same as Maven default. This closes #181
asfgit
force-pushed
the
MRELEASE-1103-wrong-settings-security-path
branch
from
c0b122a
to
2480664
Compare
Master pw path: Using plexus default, that is NOT same as Maven default.
Fix: we already inject DefaultPlexusSecDispatcher (not the iface), and it has setter, so use it.
https://issues.apache.org/jira/browse/MRELEASE-1103