checkerframework-gradle-plugin icon indicating copy to clipboard operation
checkerframework-gradle-plugin copied to clipboard

Published 20 hours ago verified publisher icon kelloggm

Please sign checkerframework-gradle-plugin with PGP when publishing

Open vlsi opened this issue 1 year ago • 0 comments

Gradle Plugin Portal allows publishing plugins with PGP signatures for quite some time now (since com.gradle.plugin-publish version 1.0.0). PGP signatures make it easier to verify dependencies.

org.checkerframework:checkerframework-gradle-plugin:0.6.26 is published without a PGP signature.

See https://docs.gradle.org/current/userguide/publishing_gradle_plugins.html#sign_artifacts

vlsi avatar Apr 26 '23 11:04 vlsi