[
https://issues.apache.org/jira/browse/MNG-8417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17904138#comment-17904138
]
Tamas Cservenak commented on MNG-8417:
--------------------------------------
Use alternate settings? Use project level settings? And make user level provide
auth when needed? So many options with Maven4, while I feel you are forcing
Maven3 patterns onto Maven4.
> New encrypted passwords prevent maven from building projects
> ------------------------------------------------------------
>
> Key: MNG-8417
> URL: https://issues.apache.org/jira/browse/MNG-8417
> Project: Maven
> Issue Type: Bug
> Components: Settings
> Affects Versions: 4.0.0-beta-5, 4.0.0-rc-1
> Reporter: Lenny Primak
> Priority: Blocker
>
> When settings.xml contains new-style encrypted passwords, maven will not
> build unless it can decrypt the password.
> The use case is that the passwords are used only for deployment, while 99% of
> the use cases don't require the passwords.
> This forces the users to have to have secure environment variables or other
> ways to get the master password at all times, enhancing security risks
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
