aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.gpg.bc/pom.xml
Commit message (Collapse)AuthorAgeFilesLines
* Prepare 7.2.0-SNAPSHOT buildsMatthias Sohn2024-11-271-1/+1
| | | | Change-Id: Ie3108fefbcbb55a4f26273833c9817ce4bd750f1
* Prepare 7.1.1-SNAPSHOT buildsMatthias Sohn2024-11-261-1/+1
| | | | Change-Id: Ifc710a83cda50f1275cbbd5a828f92d95607f298
* JGit v7.1.0.202411261347-rv7.1.0.202411261347-rMatthias Sohn2024-11-261-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I70f154dd1dc8571c5e2057d09d08d4a4d1b7ee37
* Prepare 7.1.0-SNAPSHOT buildsMatthias Sohn2024-11-191-1/+1
| | | | Change-Id: I69f57f933899b9926ab5124b24b90ae75f7a8d09
* JGit v7.1.0.202411191359-rc1v7.1.0.202411191359-rc1Matthias Sohn2024-11-191-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I802c3dbcbb05470aad6255cc05402647e704b446
* Prepare 7.1.0-SNAPSHOT buildsMatthias Sohn2024-11-131-1/+1
| | | | Change-Id: Id5379361dd8673e91c998b56f2ee61e041da6113
* JGit v7.1.0.202411121450-m3v7.1.0.202411121450-m3Matthias Sohn2024-11-121-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I5850cdc569eb5d13763f81e9b8332fe70207a4fd
* Prepare 7.1.0-SNAPSHOT buildsMatthias Sohn2024-10-241-1/+1
| | | | Change-Id: Ibaddbad3677636452cad4e8b7ce0a58b1a78f833
* JGit v7.1.0.202410232130-m2v7.1.0.202410232130-m2Matthias Sohn2024-10-231-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Ibae7987afb2459fa77c6b151606fbf69fc8a8f49
* Prepare 7.1.0-SNAPSHOT buildsMatthias Sohn2024-10-021-1/+1
| | | | Change-Id: I6329845c41bf40a752c685fb77483d9722cd1583
* JGit v7.1.0.202410012040-m1v7.1.0.202410012040-m1Matthias Sohn2024-10-011-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Ib48cf15ad039bc7102a8af202ffcc39ea9233b9b
* Prepare 7.1.0-SNAPSHOT buildsMatthias Sohn2024-09-031-1/+1
| | | | Change-Id: Iba206a2d4645fc275cd2cd1cb3ae965b8ceafb28
* Prepare 7.0.1-SNAPSHOT buildsMatthias Sohn2024-09-031-1/+1
| | | | Change-Id: I5a6a9e398d8b81bf7bd0afbd6c82116d4472a349
* JGit v7.0.0.202409031743-rv7.0.0.202409031743-rMatthias Sohn2024-09-031-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I86507936091e6f7af7588835722672ff2668a205
* Prepare 7.0.0-SNAPSHOT buildsMatthias Sohn2024-08-281-1/+1
| | | | Change-Id: Ifa0a549e9551a2016241169e1c1e9052174c49d1
* JGit v7.0.0.202408271414-rc1v7.0.0.202408271414-rc1Matthias Sohn2024-08-271-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I969947a7c5fef72ed0c2f50e96a60787474f9906
* Signing: refactor interfacesThomas Wolf2024-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a big API-breaking change cleaning up the signing interfaces. Initially, these interfaces were GPG/OpenPGP-specific. When EGit added new signers and signature verifiers that called an external GPG executable, they were found inadequate and were extended to be able to pass in the GpgConfig to get access to the "gpg.program" setting. With the introduction of X.509 S/MIME signing, it was discovered that the interfaces were still not quite adequate, and the "Gpg" prefix on the class names were confusing. Since 7.0 is a major version bump, I'm taking this chance to overhaul these interfaces from ground up. For signing, there is a new Signer interface. With it goes a SignerFactory SPI interface, and a final Signers class managing the currently set signers. By default, signers for the different signature types are created from the signer factories, which are discovered via the ServiceLoader. External code can install its own signers, overriding the default factories. For signature verification, exactly the same mechanism is used. This simplifies the setup of signers and signature verifiers, and makes it all more regular. Signer instances just get a byte[] to sign and don't have to worry about ObjectBuilders at all. SignatureVerifier instances also just get the data and signature as byte[] and don't have to worry about extracting the signature from a commit or tag, or about what kind of signature it is. Both Signers and SignatureVerifiers always get passed the Repository and the GpgConfig. The repository will be needed in an implementation for SSH signatures because gpg.ssh.* configs may need to be loaded explicitly, and some of those values need the current workspace location. For signature verification, there is exactly one place in core JGit in SignatureVerifiers that extracts signatures, determines the signature type, and then calls the right signature verifier. Change RevTag to recognize all signature types known in git (GPG, X509, and SSH). Change-Id: I26d2731e7baebb38976c87b7f328b63a239760d5 Signed-off-by: Thomas Wolf <twolf@apache.org>
* Prepare 7.0.0-SNAPSHOT buildsMatthias Sohn2024-06-041-1/+1
| | | | Change-Id: I78b2779e4e5f34978cb9f1e8fa1dfe6dd5597c31
* Prepare 6.10.1-SNAPSHOT buildsMatthias Sohn2024-06-041-1/+1
| | | | Change-Id: I3384e7405cadf063e7b0dd25468a8651c45628ac
* JGit v6.10.0.202406032230-rv6.10.0.202406032230-rMatthias Sohn2024-06-041-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Id188a6cdc2db63c961f0b9338e6ae56d58853dff
* JGit v6.10.0.202406032110-rv6.10.0.202406032110-rMatthias Sohn2024-06-031-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I3128b2e4bbbed97adde90f7a47e15175e63e97f5
* Prepare 6.10.0-SNAPSHOT buildsMatthias Sohn2024-06-021-1/+1
| | | | Change-Id: I64f6d6a0599cbab462dca236c00e6f3314b2a810
* JGit v6.10.0.202405290101-rc1v6.10.0.202405290101-rc1Matthias Sohn2024-05-291-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Ie3d08213e00fcfe1fc34a39021dd99f27e0abc1f
* JGit v6.10.0.202405282244-rc1v6.10.0.202405282244-rc1Matthias Sohn2024-05-291-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Ia525790e0b4c9011b29768d2b9727cb48b21ba84
* Prepare 6.10.0-SNAPSHOT buildsMatthias Sohn2024-05-221-1/+1
| | | | Change-Id: I5b6d5c23d504fac386ae04c42b735152fbbcd7ae
* JGit v6.10.0.202405212237-m3v6.10.0.202405212237-m3Matthias Sohn2024-05-221-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I4efb1066ee4146d0455c39cc07879533b8933e43
* Prepare 6.10.0-SNAPSHOT buildsMatthias Sohn2024-03-051-1/+1
| | | | Change-Id: Ie728ef9a7d3c6430a5da30f6a61afd2176015748
* Prepare 6.9.1-SNAPSHOT buildsMatthias Sohn2024-03-051-1/+1
| | | | Change-Id: I10f901209be2faa34ebb9355c86c2106bac38ba5
* JGit v6.9.0.202403050737-rv6.9.0.202403050737-rMatthias Sohn2024-03-051-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I70494c0c69ac549dea9b4cf7c5b25e94c1b4b250
* JGit v6.9.0.202403050045-rv6.9.0.202403050045-rMatthias Sohn2024-03-051-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I4c7a6542ad4252c5a9499e69f68650d2026bde40
* Prepare 6.9.0-SNAPSHOT buildsMatthias Sohn2024-03-051-1/+1
| | | | Change-Id: Ifadeead735c8772e58dd4e5c7381b44c5221a295
* JGit v6.9.0.202402281855-rc1v6.9.0.202402281855-rc1Matthias Sohn2024-02-281-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I23d489ccdc257a8c25da4b90dc51d4a8951d320c
* Prepare 6.9.0-SNAPSHOT buildsMatthias Sohn2024-02-221-1/+1
| | | | Change-Id: I11f4871bfdf6c6c0de5d5ed577edf16bac8cf681
* JGit v6.9.0.202402211805-m3v6.9.0.202402211805-m3Matthias Sohn2024-02-211-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Id2f3934947d6d1e94feeb9e73ad7282ae089b682
* Prepare 6.9.0-SNAPSHOT buildsMatthias Sohn2023-12-041-1/+1
| | | | Change-Id: Id1d784ec4870cfb53c4b140fe0bb3fad9eef651d
* Prepare 6.8.1-SNAPSHOT buildsMatthias Sohn2023-11-291-1/+1
| | | | Change-Id: I56458c5345dcd9544868c948e90c9827d25c6850
* JGit v6.8.0.202311291450-rv6.8.0.202311291450-rMatthias Sohn2023-11-291-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Iecfe3f628cfdc437ee0d63fe52653ef952c8c494
* Prepare 6.8.0-SNAPSHOT buildsMatthias Sohn2023-11-221-1/+1
| | | | Change-Id: I89178175549541111cddb88da401899960c0ecac
* JGit v6.8.0.202311212206-rc1v6.8.0.202311212206-rc1Matthias Sohn2023-11-211-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I6a40cdef68538fa769f4525eb2ff1ed4a810f11c
* Prepare 6.8.0-SNAPSHOT buildsMatthias Sohn2023-11-151-1/+1
| | | | Change-Id: Id11a260db84aea6743f2e6edec8b8010693aab42
* JGit v6.8.0.202311151710-m2v6.8.0.202311151710-m2Matthias Sohn2023-11-151-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I9d06bb08fc1f9a2a08d4bc5a4459ec7e7e8c1be4
* Enable Maven reproducible buildsMatthias Sohn2023-11-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - configure Maven to run build reproducibly [1] - use UTC timestamp of checked out commit as build timestamp - add git-describe, git-commit-id, git-commit-id, git-tags, git-remote-origin-url to MANIFEST.MF files - configure cyclonedx-maven-plugin to also use UTC timestamp of checked out commit - for packaging build use tycho-buildtimestamp-jgit [2] to ensure version uses the timestamp of the last commit - SBOMs are not reproducible by design [3] they should have a build timestamp matching the time when the build was executed and a serial number which is a unique UUID per build run. Hence exclude them from comparison [4]. - Use gmavenplus-plugin to format build timestamps. Maven expects build timestamp in ISO-8601 format, to replace the qualifier in versions the timestamp format must be compatible with rules for OSGi version numbers. Didn't find a way to read the properties set by the git-commit-id-maven-plugin from another plugin. Hence use JGit in a groovy script to get the commit time of the current HEAD and provide it in these two formats. TODO: packaging build (features and p2 repository) is not yet binary reproducible since that's not yet supported by Tycho [5], artefacts have reproducible version numbers but file lastModified timestamps are not yet reproducible. Test plan for Maven build: - build using mvn clean install" - verify second build is reproducible: mvn -T1 clean verify artifact:compare verification seems not to be thread-safe, hence run it with a single thread using option -T1 For packaging build (still fails due to non-reproducible file timestamps): - build using mvn -f org.eclipse.jgit.packaging/pom.xml clean install - verify second build is reproducible: mvn -T1 -f org.eclipse.jgit.packaging/pom.xml clean verify artifact:compare [1] https://maven.apache.org/guides/mini/guide-reproducible-builds.html [2] https://wiki.eclipse.org/Tycho/Reproducible_Version_Qualifiers [3] https://github.com/CycloneDX/cyclonedx-maven-plugin/issues/84 [4] https://maven.apache.org/plugins/maven-artifact-plugin/compare-mojo.html [5] https://github.com/eclipse-tycho/tycho/issues/233 Change-Id: I0202f55a1b6ae0edd922cfef638beb39d2ce9417
* Prepare 6.8.0-SNAPSHOT buildsMatthias Sohn2023-09-071-1/+1
| | | | Change-Id: Ifc81f0a96c2ced0b25926b9daa539d9cfc951925
* Prepare 6.7.1-SNAPSHOT buildsMatthias Sohn2023-09-071-1/+1
| | | | Change-Id: I96097ef8c6f198220f513bbc6d5f8881834a1491
* JGit v6.7.0.202309050840-rv6.7.0.202309050840-rMatthias Sohn2023-09-051-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Ibe952d97bc178adb909cdd40f48957f5b68af699
* Prepare 6.7.0-SNAPSHOT buildsMatthias Sohn2023-08-301-1/+1
| | | | Change-Id: I49751232464e70b7d1dc3292a9f36b7a7015e44f
* JGit v6.7.0.202308301100-rc1v6.7.0.202308301100-rc1Matthias Sohn2023-08-301-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I712a9f6830364ed404d03f3a145c055906273544
* Prepare 6.7.0-SNAPSHOT buildsMatthias Sohn2023-08-031-1/+1
| | | | Change-Id: I936d2d9106a1e3b7a98ec89fec8ae8a92ec765f2
* JGit v6.7.0.202308011830-m2v6.7.0.202308011830-m2Matthias Sohn2023-08-021-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I255a979e9f48f60a251ef7b74ced3f720f012706
* Prepare 6.7.0-SNAPSHOT buildsMatthias Sohn2023-05-241-1/+1
| | | | Change-Id: I50ff7ee31046cfc29a087c8963be3deae24b1c9c