-
-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle tools.jar (and other 'provided' jars) #21
Labels
enhancement
New feature or request.
Milestone
Comments
Kortanul
added a commit
to Kortanul/pgpverify-maven-plugin
that referenced
this issue
Nov 12, 2017
Adds the ability to toggle verification on or off for SNAPSHOT, "provided", and "system" dependencies.
Kortanul
added a commit
to Kortanul/pgpverify-maven-plugin
that referenced
this issue
Nov 12, 2017
Kortanul
added a commit
to Kortanul/pgpverify-maven-plugin
that referenced
this issue
Nov 12, 2017
Adds the ability to toggle verification on or off for SNAPSHOT, "provided", and "system" dependencies.
Kortanul
added a commit
to Kortanul/pgpverify-maven-plugin
that referenced
this issue
Nov 12, 2017
Kortanul
added a commit
to Kortanul/pgpverify-maven-plugin
that referenced
this issue
Nov 12, 2017
slawekjaranowski
pushed a commit
that referenced
this issue
Nov 12, 2017
Adds the ability to toggle verification on or off for SNAPSHOT, "provided", and "system" dependencies.
slawekjaranowski
pushed a commit
that referenced
this issue
Nov 12, 2017
slawekjaranowski
pushed a commit
that referenced
this issue
Nov 12, 2017
slawekjaranowski
pushed a commit
that referenced
this issue
Aug 29, 2021
…ot/github_actions/common-files-maven/s4u/setup-maven-action-1.1.0
pzygielo
pushed a commit
to pzygielo/pgpverify-maven-plugin
that referenced
this issue
May 31, 2024
Minor grammar
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
almost 100% of the time,
tools.jar
is provided by the local JVM, and the version Maven uses for it is the minimum version required but might not be the installed version. in other words, version in POM might indicate that 1.5.0 is required (i.e.com.sun:tools:jar:1.5.0
), but because JDK 1.8 is installed, it's using the tools from 1.8 (e.g.com.sun:tools:jar:1.8.0
).since the artifact ships without a signature in the JDK, it fails validation. if you sign it and upload the armor file to a trusted local repo, then the issue is that the signature may not match because the version of tools being used locally differs from the signed copy even though the group, artifact, and version seem to match.
The text was updated successfully, but these errors were encountered: