Packages / Maven Repository / Configure - Suggest Password Encryption

The current guide on configuring a maven project to reference a repository on Space, while valid, isn't following the suggested best practices for password/secret handing.


I can understand not going in to the more detailed/complicated instructions on the help page directly but there should at minimum be a link to the maven docs and a small paragraph pointing out that the current best practices for handling passwords/secrets with maven is to not put raw passwords in to settings.xml and instead have a master password defined via ~/.m2/settings-security.xml and encrypted passwords only in settings.xml for both user accounts and ssh keys.

 

Space help page: https://www.jetbrains.com/help/space/publish-artifacts-from-a-maven-project.html# 
Link to maven's docs: https://maven.apache.org/guides/mini/guide-encryption.html

0
1 comment

Indivisible thanks for the notice, we'll add missing part about password encryption in our documentation: SPACE-6452

0

Please sign in to leave a comment.