This plugin is a proof of concept for a maven plugin that can be used to validate
the integrity of a maven repository. It does this by generating a lock file that contains
the checksums of all the artifacts in the repository. The lock file can then be used to
validate the integrity of the repository. This guards the supply chain against malicious
actors that might tamper with the artifacts in the repository.
License | MIT |
---|---|
Categories | Maven Plugins |
Tags | plugingithubbuildbuild-systemmaven |
HomePage | https://github.com/chains-project/maven-lockfile |
Date | Jan 21, 2023 |
Files | pom (11 KB) maven-plugin (27 KB) View All |
Repositories | Central |
Ranking | #729389 in MvnRepository (See Top Artifacts) #5730 in Maven Plugins |
Compile Dependencies (5)
Category/License | Group / Artifact | Version | Updates | |
---|---|---|---|---|
Apache 2.0 | com.diffplug.spotless » spotless-maven-plugin | 2.30.0 | 2.44.2 | |
JSON Lib Apache 2.0 | com.google.code.gson » gson | 2.10 | 2.11.0 | |
Build Model Apache 2.0 | org.apache.maven » maven-plugin-api | 3.8.7 | 3.9.9 | |
Build Tool Apache 2.0 | org.apache.maven » maven-core | 3.8.7 | 3.9.9 | |
Maven Repo API Apache 2.0 | org.apache.maven.resolver » maven-resolver-api | 1.9.2 | 2.0.5 |
Provided Dependencies (1)
Category/License | Group / Artifact | Version | Updates | |
---|---|---|---|---|
Annotation Lib Apache 2.0 | org.apache.maven.plugin-tools » maven-plugin-annotations | 3.6.0 | 3.15.1 |
Test Dependencies (7)
Category/License | Group / Artifact | Version | Updates | |
---|---|---|---|---|
Apache 2.0 | com.soebes.itf.jupiter.extension » itf-jupiter-extension | 0.12.0 | 0.13.1 | |
Apache 2.0 | com.soebes.itf.jupiter.extension » itf-assertj | 0.12.0 | 0.13.1 | |
Apache 2.0 | org.apache.maven » maven-compat | 3.8.7 | 3.9.9 | |
Apache 2.0 | org.apache.maven.plugin-testing » maven-plugin-testing-harness | 3.3.0 | ✔ | |
Apache 2.0 | org.instancio » instancio | 1.0.4 | ✔ | |
Testing EPL 2.0 | org.junit.jupiter » junit-jupiter-api | 5.9.2 | 5.11.4 | |
Testing EPL 2.0 | org.junit.jupiter » junit-jupiter-engine | 5.9.2 | 5.11.4 |
Licenses
License | URL |
---|---|
MIT | https://opensource.org/licenses/MIT |
Developers
Name | Dev Id | Roles | Organization | |
---|---|---|---|---|
Martin Wittlinger | MartinWitt |