Hi It seems that the jar file served here:
https://search.maven.org/#artifactdetails|org.springframework.ws|spring-xml|2.0.5.RELEASE|jar differ from the jar file here: http://repo.spring.io/release/org/springframework/ws/spring-xml/2.0.5.RELEASE/spring-xml-2.0.5.RELEASE.jar This makes the pgp signature check fail and breaks our build. Does there exist some sort of process to handle when a jar file have been tampered with? In this case it's not anything malicious, just the build time that differs (I presume that someone uploaded the wrong jar). best regards Alexander Kjäll
