This plugin is a proof of concept for a maven plugin that can be used to validate the integrity of a maven repository. It does this by generating a lock file that contains the checksums of all the artifacts in the repository. The lock file can then be used to validate the integrity of the repository. This guards the supply chain against malicious actors that might tamper with the artifacts in the repository.

LicenseMIT
CategoriesMaven Plugins
Tagsplugingithubbuildbuild-systemmaven
HomePage https://github.com/chains-project/maven-lockfile
DateMar 27, 2023
Filespom (9 KB)  maven-plugin (34 KB)  View All
RepositoriesCentral
Ranking#737385 in MvnRepository (See Top Artifacts)
#4213 in Maven Plugins
VulnerabilitiesVulnerabilities from dependencies:
CVE-2023-2976
CVE-2021-26291
CVE-2020-8908


Provided Dependencies (3)

Developers

NameEmailDev IdRolesOrganization
Martin WittlingerMartinWitt