elharo commented on code in PR #680:
URL: https://github.com/apache/maven-site/pull/680#discussion_r1949714925
##########
content/apt/guides/mini/guide-encryption.apt:
##########
@@ -83,6 +83,8 @@ mvn --encrypt-master-password <password>
</settingsSecurity>
+------------------------------------+
+ <The encrypted version of the master password is encrypted with a
{{{https://github.com/apache/maven/blob/fe25a2627c1dafeb44188dad9f45dfd5fe965a98/maven-embedder/src/main/java/org/apache/maven/cli/MavenCli.java#L856}hardcoded
key}}, so please treat it as if the password is stored in the file in plain
text.>
Review Comment:
I'm trying to understand whether the claim made in this PR is true. Looks
like we are not yet using
https://github.com/codehaus-plexus/plexus-cipher/blob/master/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
