James Nord created MNG-8424:
-------------------------------
Summary: warning about maven3 passwords is too aggressive
Key: MNG-8424
URL: https://issues.apache.org/jira/browse/MNG-8424
Project: Maven
Issue Type: Bug
Reporter: James Nord
when using maven3 encrypted passwords with Maven 4 at the start of **any**
build you are met with many warnings (one for each encrypted password).
The warning is overly aggressive and implies things are not working (because it
is a "problem").
As for a while users will need to swap between maven 3 and maven 4 the warning
should be reduced to an INFO, otherwise users may end up breaking their maven3
setup.
The warnings also seem to be duplicates.
{code:java}
❯ mvn validate
[WARNING]
[WARNING] Some problems were encountered while building the effective settings
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING]
[WARNING]
[WARNING] Some problems were encountered while building the effective settings
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING] Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4. @
C:\Users\jnord\.m2\settings.xml
[WARNING]
[INFO] Scanning for projects...
[INFO]
{code}
"Pre-Maven 4 legacy encrypted password detected - configure password
encryption with the help of mvnenc to be compatible with Maven 4"
implies the current password is not compatable with Maven4.
However it is not the case, as maven can successfully decrypt the password
(otherwise you get a different issue)
h3. Steps to Reproduce
Setup maven3 with a settings file and several server entries with valid
encrypted passwords
run a build with maven4
h3. Expected Results
and info level message suggesting you migrate to maven4 encryption style if you
no longer need compatability with maven3.
NB: some future (not initial) maven 4 version can change to this to a warning
saying it is deprecated and to be removed
h3. Actual Results
see warnings above
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
