sbt-pgp icon indicating copy to clipboard operation
sbt-pgp copied to clipboard

Published 20 hours ago verified publisher icon sbt

overload sbt update

Open graingert opened this issue 8 years ago • 1 comments

currently it's a bit easy to accidentally load bad packages

sbt clean update check-pgp-signatures
do some stuff
sbt update # downloads bad package
sbt compile # compiles bad package into build

it would be better if update ran check-pgp-signatures

graingert avatar May 12 '16 23:05 graingert

+1

Tolsi avatar Oct 14 '16 11:10 Tolsi