v1.9.0
slawekjaranowski
released this
07 Jul 16:57
·
607 commits
to master
since this release
New features
- Report duration of artifact resolution, download and signature validation phases. #111
- Dependabot on GitHub #115
- Extract signature form pgp message #120
- Checksumming #119
- Add hkps://keyserver.ubuntu.com to default key servers #122
- Use Issuer Fingerprint signature subpacket to obtain key fingerprint #86
Deprecated feature
- deprecates strictNoSignature #129
Improvements / bug fixes
- Key not found - shouldn't break verification #113
- Show, fix and start failing on compiler warnings. #109
- Broken signature - shouldn't break verification #114
- Separate weak-algorithm logic into utility and private method. #112
- Misc small improvements and simplifications #121
- Multiple key servers brake noKey feature #126
- verifyPluginDependencies should enable verifyPlugins #128
Dependency updates
- Bump vavr from 0.10.2 to 0.10.3 #108
- Bump plexus-classworlds from 2.5.2 to 2.6.0 #107
- Bump s4u/maven-settings-action from v2 to v2.1.0 #117
- Bump actions/cache from v1 to v2 #116
- Bump resilience4j-retry from 1.4.0 to 1.5.0 #118
- Bump actions/checkout from v2 to v2.3.1 #123, #124
- Bump parent from 2.5.0 to 2.6.0 #125
- Bump slf4j-mock from 1.0.1 to 1.0.2 #127
Thanks
Many thanks for collaboration on this release for: @cobratbq