Skip to content

Commit

Permalink
House keeping (#64)
Browse files Browse the repository at this point in the history 
* Remove fingerprint of signing from POM
* prevent leakage of NVD API key in logs
  • Loading branch information
@infeo
infeo authored Jan 13, 2025
1 parent 6878189 commit 3c91805
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 2 deletions.
1 change: 1 addition & 0 deletions .github/workflows/publish-central.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,4 @@ jobs:
MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
MAVEN_GPG_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
MAVEN_GPG_KEY_FINGERPRINT: ${{ vars.RELEASES_GPG_KEY_FINGERPRINT }}
1 change: 1 addition & 0 deletions .github/workflows/publish-github.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
MAVEN_GPG_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
MAVEN_GPG_KEY_FINGERPRINT: ${{ vars.RELEASES_GPG_KEY_FINGERPRINT }}
- name: Slack Notification
uses: rtCamp/action-slack-notify@v2
env:
Expand Down
3 changes: 1 addition & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,7 @@
<skipTestScope>true</skipTestScope>
<detail>true</detail>
<suppressionFile>suppression.xml</suppressionFile>
<nvdApiKey>${env.NVD_API_KEY}</nvdApiKey>
<nvdApiKeyEnvironmentVariable>NVD_API_KEY</nvdApiKeyEnvironmentVariable>
</configuration>
<executions>
<execution>
Expand Down Expand Up @@ -321,7 +321,6 @@
</goals>
<configuration>
<signer>bc</signer>
<keyFingerprint>58117AFA1F85B3EEC154677D615D449FE6E6A235</keyFingerprint>
</configuration>
</execution>
</executions>
Expand Down

0 comments on commit 3c91805

Please sign in to comment.