Thank you muchly! Am in total agreement with comment #4 wrt
Oracle's bug reporting tools.
On Tue, Mar 20, 2018 at 7:27 AM, Stefan Bodewig wrote:
> On 2018-03-19, Phil Edwards wrote:
>
>> On Sat, Mar 17, 2018 at 4:36 AM, Jaikiran Pai
>> wrot\
> e:
>
>>> Would you like to file a bug here
>>> h
On 2018-03-19, Phil Edwards wrote:
> On Sat, Mar 17, 2018 at 4:36 AM, Jaikiran Pai wrot\
e:
>> Would you like to file a bug here
>> https://bz.apache.org/bugzilla/describecomponents.cgi?product=Ant
> I will try, although my toleration for bugzilla in general has about reached
> an all-time low.
On Sat, Mar 17, 2018 at 4:36 AM, Jaikiran Pai wrote:
> "The -storepass, -keypass, -sigfile, -sigalg, -digestalg, -signedjar, and
> TSA-related options are only relevant when signing a JAR file; they are not
> relevant when verifying a signed JAR file. The -keystore option is relevant
> for signing
Looking at the jarsigner tool and the verifyjar Ant task and based on
what you note, to me, this looks like the bug really is in the "alias"
not being passed by the verifyjar task.
The storepass not being used isn't a bug IMO, since the jarsigner
documentation[1] states:
"The -storepass, -ke
We're using 1.10.1 to build and sign an executable JAR file. All of
that has been working fine for a while now.
Out of paranoia, we've been asked to run the task to our
post-build "quick check that this isn't gratuitously broken" target. (Other
targets do more extensive testing including, you k