maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benjamin Bentmann (JIRA)" <>
Subject [jira] Commented: (MRELEASE-340) Don't store the scm password in plaintext in
Date Thu, 10 Feb 2011 13:50:22 GMT


Benjamin Bentmann commented on MRELEASE-340:

Not sure since when but recent versions of the plugin support to read the credentials from
the {{settings.xml}}, using the host name part of the SCM URL as the id to locate a {{<server>}}
entry. AFAICT, this approach doesn't leak the passwords into the {{}}.

> Don't store the scm password in plaintext in
> ---------------------------------------------------------------
>                 Key: MRELEASE-340
>                 URL:
>             Project: Maven 2.x Release Plugin
>          Issue Type: Improvement
>          Components: scm
>            Reporter: Nap Ramirez
>            Priority: Minor
> The scm password is stored in plaintext in file.  I think it would
be safe not to save it there, then always prompt the user for the password every time.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message